Re: Bug#657445: your mail

To: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Cc: Moritz Muehlenhoff <jmm@inutil.org>, 657445@bugs.debian.org, team@security.debian.org, debian-release@lists.debian.org
Subject: Re: Bug#657445: your mail
From: Colin Watson <cjwatson@debian.org>
Date: Tue, 21 Feb 2012 08:41:12 +0000
Message-id: <[🔎] 20120221084112.GT3917@riva.dynamic.greenend.org.uk>
Mail-followup-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, Moritz Muehlenhoff <jmm@inutil.org>, 657445@bugs.debian.org, team@security.debian.org, debian-release@lists.debian.org
In-reply-to: <[🔎] 1329766574.30721.3.camel@jacala.jungle.funky-badger.org>
References: <1327625424.3101.63.camel@mdlinux> <20120208174426.GA11216@inutil.org> <20120220024614.GQ3917@riva.dynamic.greenend.org.uk> <1295edf3e8f41f1e868c8a7c05b08bfe.squirrel@wm.kinkhorst.nl> <[🔎] 20120220181509.GB24263@inutil.org> <[🔎] 1329766574.30721.3.camel@jacala.jungle.funky-badger.org>

On Mon, Feb 20, 2012 at 07:36:14PM +0000, Adam D. Barratt wrote:
> On Mon, 2012-02-20 at 19:15 +0100, Moritz Muehlenhoff wrote:
> > On Mon, Feb 20, 2012 at 11:04:20AM +0100, Thijs Kinkhorst wrote:
> > > The patch looks good, but the targeted distribution should be 'stable',
> > > not 'stable-security', as the intention was to fix this through a stable
> > > point update.

I misunderstood.  Sorry about that.

> > The fix needs to be acked by the stable release managers, adding them to CC.
> 
> Hmmm, it would be nicer if it were still possible to log commands that
> the key /should/ be permitted to access, but I'm guessing that would be
> a more involved and invasive change.

This isn't an access list; it's a forced command, overriding whatever
the client tries to do.  If authentication succeeds and it gets as far
as executing the command, then that's already logged at -d in the
server; see session.c:do_exec.

> Based on the debdiff in
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=657445#29 , please go
> ahead (with the distribution set to "stable" or "squeeze").

Uploaded, thanks.

-- 
Colin Watson                                       [cjwatson@debian.org]

Reply to:

Follow-Ups:
- Re: Bug#657445: your mail
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

References:
- Re: Bug#657445: your mail
  - From: Moritz Muehlenhoff <jmm@inutil.org>
- Re: Bug#657445: your mail
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Prev by Date: Bug#660693: pu: package xfce4-weather-plugin/0.7.3-3+b1
Next by Date: Re: Planning for final lenny point release (5.0.10)
Previous by thread: Re: Bug#657445: your mail
Next by thread: Re: Bug#657445: your mail
Index(es):
- Date
- Thread