Alexander Kurtz wrote:
Hi,
> How about a simple patch in the postinst file? See attachement.
Too simple to be policy-compliant :) If you want to do that, you need
to use debconf and follow the best-practices for this job.
JB.
--
Julien BLACHE | Debian, because code matters more
Debian
Hi,
> Hey, you're the one reopening an old, closed and archived bug report
> for a bug that has been properly fixed, mixing several other "issues"
> in the same report and WRITING IN CAPS.
>
> Not to mention your post to -security on which I'm not even Cc:ed.
Yes, being less drastic would have b
Alexander Kurtz wrote:
Hi,
>> 4. is wrong on the permissions, correct on the plaintext password.
> You are right. But I still think that a hashed pw would be _better_.
Just forgot to mention one reason why this might not be doable:
there's support for a password on the music library, hence you
Alexander Kurtz wrote:
Hi,
> If my message has been FUD, I'm really sorry for that. However I believe
> that there are a few things we should be talked about (calmly).
Hey, you're the one reopening an old, closed and archived bug report
for a bug that has been properly fixed, mixing several oth
Hello Julien,
If my message has been FUD, I'm really sorry for that. However I believe
that there are a few things we should be talked about (calmly).
> 1. is bullshit,
I agree that one can argue about that point. It is certainly necessary
for some users to configure mt-daapd remotely. However,
severity 404460 normal
thanks
Alexander Kurtz wrote:
Hi,
> [1] The web interface can be accessed remotely
> => local access only
That's intended, I don't know why you think it's a bug.
> [2] There is a default password set, which is "mt-daapd"
> => lock admin account per default, set
Hi,
I'm using mt-daapd 0.9~r1696.dfsg-6 on Debian Lenny (amd64).
As far as I get it there have been 4 security issues reported:
[1] The web interface can be accessed remotely
=> local access only
[2] There is a default password set, which is "mt-daapd"
=> lock admin account per default,
7 matches
Mail list logo