Bernd Eckenfels wrote: > Looking at this statistic, it is clearly visible that most of the exploits > are game related, Only because Steve Kemp is doing some good work on auditing our games. I suspect he would have just as much luck finding security holes in some other areas. > Yes, but I think the eyes should concentrate on non sgid-games first. > Because this might be a realy BIG junk of UGLYNESS one will find there :) I understand that if you want to help with the auditing effort, information is here: http://www.steve.org.uk/Debian/ > > + <p> > > + Since setuid and setgid programs are often a security rick, > > + you should not add any new setuid or setgid programs to > > + the distribution before this has been discussed on the > > + <em>debian-security</em> mailing list and a consensus about > > + doing that has been reached. > > + </p> > > Do we want to make an sgui games exception here? No. -- see shy jo
Attachment:
pgpIy_5u2NHaz.pgp
Description: PGP signature