On Saturday 15 May 2010 13:47:43 Christoph Anton Mitterer wrote: > On Sat, 2010-05-15 at 13:22 +0200, Michael Biebl wrote: > > It just shows how such stuff can completely undermine security, and one > even haven't thought that this would possible. This applies to any change you make to a piece of software or a system. Absuluetly every change you make can open up a security hole, what is the solution? Stick to what we have and leave it? There is a reason why things like selinux are developed. In principle the concept of UPG is safe, of course there could be something nobody has thought of, but as the concept is already in use in other distributions the chance is rather small. Though I would understand arguments of not making the change for squeeze, as the testing period to find Debian specific issues with the concept, is rather small. Best regards, Robert
Attachment:
signature.asc
Description: This is a digitally signed message part.