[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#717536: phoronix-test-suite: installs software from outside debian

Package: phoronix-test-suite
Version: 4.6.0-1
Severity: critical
Tags: security
Justification: root security hole


The only way to operate PTS seems to be by installing the respective tests
from OpenBenchmarking.org, right?

Given that this introduces completely unchecked and untrusted software, for
which moreover no security support is covered by Debian,... this package
should IMHO give big warnings about that fact, at least:
- in the package description
- in a debconf dialogue.

Marking as root security hole, even though the software runs probably as
normal user, but such remote software could expoloit any further local security


Reply to: