/etc/ppp.* again ...
Bogus! Bogus! Bogus!
My bug report was about files being in
/etc/ppp.foo
rather than
/etc/ppp/ppp.foo
which I would much prefer as a location. This is not a security issue
*because it is more system with one to few users*.
Christoph, you are constantly extrapolating both
- what you conceive "good security" issues; and it is safe enough
to say that this issue is highly controversial as you know from
some email responses you got earlier
- what you _locally_ need for your sysadministration but our
packages should be well-designed and robust for most situations
rather than adapted to local needs.
I am too tired of reopening the bug over and over. I feel, though,
that your closing is not the Right Thing.
------- start of forwarded message (RFC 934 encapsulation) -------
From: owner@bugs.debian.org (Ian Jackson)
To: Dirk.Eddelbuettel@qed.econ.queensu.ca
Subject: Bug#5746 acknowledged by developer (was: ppp files under /etc)
Date: Sun, 29 Dec 96 16:48 PST
[...]
From: Christoph Lameter <clameter@waterf.org>
To: 5746-done@bugs.debian.org
Subject: No bug
Message-ID: <Pine.LNX.3.95.961229163223.22298A-100000@waterf.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
I am closing this bug reports since the suggestions put forth to
fix a perceived security problem are in itself an even bigger security
problem.
Group access for /etc/ppp is not secure.
- --- +++ --- +++ --- +++ --- +++ --- +++ --- +++ --- +++ ---
PGP Public Key = FB 9B 31 21 04 1E 3A 33 C7 62 2F C0 CD 81 CA B5
------- end -------
--
PGP key fingerprint = B2 49 75 BF 44 2C B7 AA 50 CB 19 7D 80 F7 CB DC
http://rosebud.sps.queensu.ca/~edd edd@ican.net edd@debian.org
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com
Reply to: