* Matt Zimmerman (mdz@debian.org) wrote: > On Thu, Jul 31, 2003 at 12:55:28PM -0400, Joey Hess wrote: > > I also think it would be a good idea for policy to require all setuid/gid > > bit grants to go through this or another list for peer review, much as > > pre-depends are supposed to. > > I absolutely support this idea. All set[ug]id setups should be reviewed > before they go in the archive, and I volunteer to do the review (though I > hope that others will help). Does this need a proposal to go into policy > with the same force as the existing pre-depends verbiage? It probably should. I'd be willing to say we might want a seperate list for this too. I'm willing to help with the review but I tend to skim d-d.. Stephen
Attachment:
pgpfnAprJ7ap6.pgp
Description: PGP signature