Martin Schulze wrote: > What would be the proper fix to this? Does only fixing base-config make > the bug go away for both new installations and existing installations? > On my machines base-config seems to be purged, on some others it has > status rc, which is not better either. I'm sorry, I had misremembered the status of base-config in sarge and the log files. It does not delete /var/log/debian-installer/ on purge. So adding some code in base-config to fix the permissions won't work as it can be manually removed and the log files will still be there. An advisory would have to include a chmod command to fix them, or would have to put the fix in some package other than base-config, or instruct the user to install base-config. Only putting the fix in some other commonly installed package would work for people who update but don't actually read security advisories, if you care about them. Patching the prebaseconfig udeb is the best way to save newly installed systems from the issue. There's no need to fix genext2fs. -- see shy jo
Attachment:
signature.asc
Description: Digital signature