Package: hplip Version: 3.12.6-3 Tags: security (Please adjust severity as necessary) Hi, pkit.py seems to create a log file at /tmp/hp-pkservice.log and I believe it is done as root, making it a nice vector for a symlink attack. I only took a quick look at it, so I might be missing something. Could you please confirm the report? Thanks, -- Raphael Geissert - Debian Developer www.debian.org - get.debian.net