[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Make bug package required? (was Re: berolist.deb)

  Christoph>  How could that ever be checked? 

It cannot, and that's why bug(1) should not include files automatically.

  Christoph> Bug used to have (I am not the maintainer anymore...) a check so
  Christoph> that it cannot be run as root and does not read files as root.

Sorry, but you are at least two feet besides the point. If I put a password
into a config file, that file will be in, say, mode 0600.  So when I then
report a bug, I can read that file containing the password.  So bug(1) can
read the file, and will blindly include the content.

  Christoph> Contents of config files are important for the maintainer of
  Christoph> the package.

If needed, private mail suffices quite well for that purpose.

  Christoph> Cannot see a good reason why this is a "bug"...

Just try to figure out the stink someone would make on a linux newsgroup:
Friggin' Debian system posted my password to the world...

The bug in bug(1) is caused by the absence of common sense in (your) design
of the very program. 

    Dirk Eddelbuettel     edd@rosebud.sps.queensu.ca     edd@debian.org

TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to: