Hi Paul, Op zondag 13 november 2011 09:59:19 schreef Paul Wise: > Package: www.debian.org > Severity: normal > X-Debbugs-CC: [email protected] > > These two links are referenced by the Debian security audit pages but > the domain has been taken by squatters. Could someone from the security > team suggest the correct course of action here? Does the security team > generate a list of all setuid/setgid executables in Debian? There does > not appear to be a replacement for the debian-audit list, should mails > about that be directed to debian-security? > > http://shellcode.org/Setuid/ > http://shellcode.org/mailman/listinfo/debian-audit
Thanks for checking this with us. The Debian Security Audit Project has been inactive for a long time now. I see the mentioned links have been removed by jfs already. The current solution seems OK: point interested people to the debian-security list and reference Lintian for setuid binaries in the archive. That's all we have now, so I think no further action is necessary on this. If the audit team is revived they can always further improve their pages or add new links. Thijs -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
