Re: Bug#496429: The possibility of attack with the help of symlinks in some Debian packages

To: "Dmitry E. Oboukhov" <unera@debian.org>
Cc: debian-devel@lists.debian.org
Subject: Re: Bug#496429: The possibility of attack with the help of symlinks in some Debian packages
From: "Martin Langhoff" <martin.langhoff@gmail.com>
Date: Mon, 25 Aug 2008 22:24:13 +1200
Message-id: <[🔎] 46a038f90808250324s6e3c3e0dw8a08659cbb704d0c@mail.gmail.com>
In-reply-to: <[🔎] 20080825101708.GR3859@work.uvw.ru>
References: <E1KXJxw-0004Jg-Vg@nbw.dhome.lan> <[🔎] 1219606112.5783.60.camel@holly.codehelp> <[🔎] 20080824203035.GK15585@dario.dodds.net> <[🔎] 1219619817.5783.121.camel@holly.codehelp> <[🔎] 20080825075712.GL3859@work.uvw.ru> <[🔎] 1219655631.24451.68.camel@holly.codehelp> <[🔎] 20080825101708.GR3859@work.uvw.ru>

On Mon, Aug 25, 2008 at 10:17 PM, Dmitry E. Oboukhov <unera@debian.org> wrote:
> NW> Because it is in the documentation, not the script. Didn't you read the
> NW> reply? It is not a route of attack, it is AN EXAMPLE in the
> NW> documentation!
> This script marked as executable.
> User can start its.
>
> if it is an example, please chmod a-x to it ;)

NO. It is in POD, and POD documentation embedded in code - effectively
a comment in Perl code that gets turned into documentation.

It is _not_ a good reason to file a grave bug.

See

 - http://en.wikipedia.org/wiki/Plain_Old_Documentation
 - http://perldoc.perl.org/perlpod.html

Dmitry, you seem to be wasting a lot of people's time.



m
-- 
 martin.langhoff@gmail.com
 martin@laptop.org -- School Server Architect
 - ask interesting questions
 - don't get distracted with shiny stuff - working code first
 - http://wiki.laptop.org/go/User:Martinlanghoff

Reply to:

References:
- Re: Bug#496429: The possibility of attack with the help of symlinks in some Debian packages
  - From: Neil Williams <codehelp@debian.org>
- Re: Bug#496429: The possibility of attack with the help of symlinks in some Debian packages
  - From: Steve Langasek <vorlon@debian.org>
- Re: Bug#496429: The possibility of attack with the help of symlinks in some Debian packages
  - From: Neil Williams <codehelp@debian.org>
- Re: Bug#496429: The possibility of attack with the help of symlinks in some Debian packages
  - From: "Dmitry E. Oboukhov" <unera@debian.org>
- Re: Bug#496429: The possibility of attack with the help of symlinks in some Debian packages
  - From: Neil Williams <codehelp@debian.org>
- Re: Bug#496429: The possibility of attack with the help of symlinks in some Debian packages
  - From: "Dmitry E. Oboukhov" <unera@debian.org>

Prev by Date: Re: Bug#496429: The possibility of attack with the help of symlinks in some Debian packages
Next by Date: Re: Bug#496429: The possibility of attack with the help of symlinks in some Debian packages
Previous by thread: Re: Bug#496429: The possibility of attack with the help of symlinks in some Debian packages
Next by thread: Re: Bug#496429: The possibility of attack with the help of symlinks in some Debian packages
Index(es):
- Date
- Thread