[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: programs/scripts using /tmp/*$$

James Troup writes:
> these programs aren't _usually_ executed as root; however they do
> allow nasty user -> victim user attacks (of course victim user _could_
> be root).  This apparently lessens the severity of them.  So a) any
> objections to me filing bug reports on these packages to get them
> fixed? and b) any suggestions as to the severity (Brian suggested

No.

> `important', Giuliano `grave')?

Only the ones where a normal user can do harm to the system should be
grave. The others should be important IMO. But wait, that means the packages
will be removed, so better make them normal. :-)

Michael

-- 
Dr. Michael Meskes, Project-Manager    | topsystem Systemhaus GmbH
meskes@topsystem.de                    | Europark A2, Adenauerstr. 20
meskes@debian.org                      | 52146 Wuerselen
Go SF49ers! Go Rhein Fire!             | Tel: (+49) 2405/4670-44
Use Debian GNU/Linux!                  | Fax: (+49) 2405/4670-10


--
E-mail the word "unsubscribe" to debian-devel-request@lists.debian.org
TO UNSUBSCRIBE FROM THIS MAILING LIST. Trouble? E-mail to listmaster@lists.debian.org
Reply to: