Bug#533287: [PATCH v2] Only the owner of a configuration file should modify it

[Jonathan Nieder <jrnieder@gmail.com>]

Russ Allbery wrote:

> We may have existing special cases where we've ignored this problem for
> reasons of expediency, but I don't think that's a good reason to water
> down the requirement globally.

Thanks.  How about this?

My impression is that this "must" has been treated as a "should" in
practice, and I don't think it's because of the detail of wording
addressed by the first hunk of the patch below.  The interoperability
problems caused by violating this piece of policy are subtle, and it's
hard to find packages violating it in an automated way.

--- a/policy.sgml
+++ b/policy.sgml
@@ -8454,7 +8454,7 @@ ln -fs ../sbin/sendmail debian/tmp/usr/bin/runq
 	    If it is desirable for two or more related packages to
 	    share a configuration file <em>and</em> for all of the
 	    related packages to be able to modify that configuration
-	    file, then the following should be done:
+	    file, then:
 	    <enumlist compact="compact">
 	      <item>
 		  One of the related packages (the "owning" package)
@@ -8467,7 +8467,8 @@ ln -fs ../sbin/sendmail debian/tmp/usr/bin/runq
 		  configuration file.
 	      </item>
 	      <item>
-		  The related packages must use the provided program
+		  The related packages must not modify the configuration
+		  file directly.  Instead, they should use the provided
 		  program to make any desired modifications to the
 		  configuration file.  They should either depend on
 		  the core package to guarantee that the configuration