Re: [tomcat8] 05/06: Change file permissions for Debian files to 640 in /etc/tomcat8.

To: Markus Koschany <apo@debian.org>
Cc: Emmanuel Bourg <ebourg@apache.org>, pkg-java-maintainers@lists.alioth.debian.org, Debian Java <debian-java@lists.debian.org>, "team@security.debian.org" <team@security.debian.org>
Subject: Re: [tomcat8] 05/06: Change file permissions for Debian files to 640 in /etc/tomcat8.
From: Moritz Muehlenhoff <jmm@inutil.org>
Date: Mon, 15 Aug 2016 19:24:34 +0200
Message-id: <[🔎] 20160815172434.GA28200@inutil.org>
In-reply-to: <[🔎] d41ff5e7-b026-3604-1648-2c0e81c32d0a@debian.org>
References: <20160815161234.29619.99798@moszumanska.debian.org> <E1bZKVD-0007kj-2Q@moszumanska.debian.org> <[🔎] e6c68af2-cd97-dc17-baeb-b3cd16eaca61@apache.org> <[🔎] 6f62ae1d-0b9f-9d03-4f0f-7f09efda605b@debian.org> <[🔎] a5f9bc17-ae5d-9bc9-d9e6-9704b50b9f36@apache.org> <[🔎] d41ff5e7-b026-3604-1648-2c0e81c32d0a@debian.org>

On Mon, Aug 15, 2016 at 06:42:31PM +0200, Markus Koschany wrote:
> On 15.08.2016 18:31, Emmanuel Bourg wrote:
> > On 08/15/2016 06:19 PM, Markus Koschany wrote:
> > 
> >> This is the exact same change as currently in Stretch. This in an
> >> improvement and has no negative effect.
> > 
> > This change has landed in Stretch 4 days ago only, we don't have enough
> > feedback on its impact. I suspect it may cause some problems in
> > environments where the Tomcat configuration is expected to be world
> > readable. I thought we agreed to keep that modification for Stretch only
> > when we discussed about #825786 [1]:
> > 
> >>> Ok, the stable patch shouldn't change the permissions to 640 though.
> >>
> >> Fine with me.
> > 
> > Emmanuel Bourg
> > 
> > [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=825786#75
> 
> First of all I thought we had agreed that I take care of this security
> update.
> 
> I have prepared and tested this update and I came to the conclusion that
> there is no need to revert the change from Stretch for Jessie again.

But we don't generall mix bugfix and security updates. There are a few
exceptions - when when something was acked by stable release managers
and then a security update happened before the release of the point
update - but generally all non-security changes should to be acked by the 
stable release managers.

Cheers,
        Moritz

Reply to:

Follow-Ups:
- Re: [tomcat8] 05/06: Change file permissions for Debian files to 640 in /etc/tomcat8.
  - From: Markus Koschany <apo@debian.org>

References:
- Re: [tomcat8] 05/06: Change file permissions for Debian files to 640 in /etc/tomcat8.
  - From: Emmanuel Bourg <ebourg@apache.org>
- Re: [tomcat8] 05/06: Change file permissions for Debian files to 640 in /etc/tomcat8.
  - From: Markus Koschany <apo@debian.org>
- Re: [tomcat8] 05/06: Change file permissions for Debian files to 640 in /etc/tomcat8.
  - From: Emmanuel Bourg <ebourg@apache.org>
- Re: [tomcat8] 05/06: Change file permissions for Debian files to 640 in /etc/tomcat8.
  - From: Markus Koschany <apo@debian.org>

Prev by Date: Re: [tomcat8] 05/06: Change file permissions for Debian files to 640 in /etc/tomcat8.
Next by Date: Re: Packaging a maven project for Debian
Previous by thread: Re: [tomcat8] 05/06: Change file permissions for Debian files to 640 in /etc/tomcat8.
Next by thread: Re: [tomcat8] 05/06: Change file permissions for Debian files to 640 in /etc/tomcat8.
Index(es):
- Date
- Thread