Re: setuid/setgid binaries contained in the Debian repository.
On Sat, 2 Aug 2003 22:17:16 -0400, Matt Zimmerman <mdz@debian.org> said:
> On Sat, Aug 02, 2003 at 08:14:15PM -0500, Manoj Srivastava wrote:
>> Heh. You should look at what is in the current version:
> Is that what you would say to the users who have angband installed
> on Woody? I do not think this is something to laugh about.
There are any number of old programs where security was not an
issue -- and yes, angband is one where such a makeover was only
performed in the last year.
I must confess that my security audits did not include
angband; I was more concerned with my packages in Debian, and I
should have paid more attention to angband earlier.
manoj
--
It is a wise father that knows his own child. William Shakespeare,
"The Merchant of Venice"
Manoj Srivastava <srivasta@debian.org> <http://www.debian.org/%7Esrivasta/>
1024R/C7261095 print CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
Reply to: