Re: tripwire's default policy

To: debian-security@lists.debian.org
Subject: Re: tripwire's default policy
From: Felipe Figueiredo <philsf@ufrj.br>
Date: Mon, 5 Mar 2007 01:42:09 -0300
Message-id: <[🔎] 200703050142.09859.philsf@ufrj.br>
In-reply-to: <[🔎] 1173056568.31598.3.camel@localhost>
References: <[🔎] 200703042156.35883.philsf@ufrj.br> <[🔎] 1173056568.31598.3.camel@localhost>

On Sunday 04 March 2007 22:02:48 Jim Popovitch wrote:

> > If so, why is it included by default?
> 
> There are probably a host of reasons, I point the finger at the pack
> maintainer leaning more towards the side of security than insecurity.

Forgive me for insisting.
So, there *are* security issues related. Do you (or anyone else) know what 
they might be?

I know debian's policy is to follow upstream if dd's can't reach a consensus 
(I remember reading in some lists' archives that this argument ended some 
polemic in some ssh(d)'s config options). 

However, I got the source of the same version (2.3.1-2) from sourceforge and 
it's clearly different, in that it only checks for some specific files 
in /proc, as oposed to everything. For information's sake, I paste them 
below. 

So I'm guessing dd's had a good reason for doing this, even though it's 
annoying. Am I missing something? Am I just hitting an old dead dog here?

regards
FF

Reply to:

Follow-Ups:
- Re: tripwire's default policy
  - From: Felipe Figueiredo <philsf@ufrj.br>

References:
- tripwire's default policy
  - From: Felipe Figueiredo <philsf@ufrj.br>
- Re: tripwire's default policy
  - From: Jim Popovitch <jimpop@yahoo.com>

Prev by Date: Unidentified subject!
Next by Date: Re: tripwire's default policy
Previous by thread: Re: tripwire's default policy
Next by thread: Re: tripwire's default policy
Index(es):
- Date
- Thread