Re: Bug#220486: Acknowledgement (perl-suid: suidperl security)

To: mdz@debian.org
Cc: 220486@bugs.debian.org, debian-release@lists.debian.org, perl@packages.debian.org, team@security.debian.org
Subject: Re: Bug#220486: Acknowledgement (perl-suid: suidperl security)
From: psz@maths.usyd.edu.au (Paul Szabo)
Date: Tue, 17 Feb 2004 12:43:49 +1100 (EST)
Message-id: <200402170143.i1H1hnB49619@milan.maths.usyd.edu.au>

Dear Matt,

>> ... Kindly use the patch I provided to swap UIDs before open; or better,
>> the patch to open in perl then pass /dev/fd/XXX to suidperl; see also the
>> patches I am "pushing" (and discussion) on perl5-porters@perl.org .
> 
> I cannot follow the discussion; this update had been pending for some time
> and had to be released in its current state (which is no worse). ...

Yes, that is fine.

> ... Once you and upstream have come to an agreement about a permanent and
> proper fix, by all means forward it on to us.

Who/what is "upstream": perl5-porters, or the Debian maintainer? I still
hope to get somewhere with perl5-porters; the patches I submitted to
#203426 and #220486 are "proper" (so maybe permanent).

Cheers,

Paul Szabo - psz@maths.usyd.edu.au  http://www.maths.usyd.edu.au:8000/u/psz/
School of Mathematics and Statistics  University of Sydney   2006  Australia

Reply to:

Follow-Ups:
- Re: Bug#220486: Acknowledgement (perl-suid: suidperl security)
  - From: Matt Zimmerman <mdz@debian.org>

Prev by Date: Re: Bug#220486: Acknowledgement (perl-suid: suidperl security)
Next by Date: Re: Bug#220486: Acknowledgement (perl-suid: suidperl security)
Previous by thread: Re: Bug#220486: Acknowledgement (perl-suid: suidperl security)
Next by thread: Re: Bug#220486: Acknowledgement (perl-suid: suidperl security)
Index(es):
- Date
- Thread