[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#239956: debconf severity inflation



severity 239956 normal
merge 221531 239956
thanks

On Wed, Mar 24, 2004 at 08:16:53PM -0500, Joe Drew wrote:
> Package: ssh
> Version: 1:3.8p1-2
> Severity: important
> Tags: sid
> 
> ssh interrupts installation with two uses two critical-level debconf
> prompts;

No, that can't be true. ssh uses no critical prompts.

  [cjwatson@cairhien ~/src/debian/openssh/trunk/openssh]$ grep critical debian/*
  debian/changelog:    - Fix a non-security-critical segfault in PAM authentication.
  debian/changelog:openssh (1:3.0.2p1-8) unstable; urgency=critical
  debian/changelog:  * #54894 & #49902 are release critical, so this should go in frozen

Was this intended to be a follow-up to #221531? The appropriate way to
respond to me downgrading your bug is not to file another bug with the
original severity! I'll quote my response again; if you disagree, please
respond to this text rather than having us repeatedly make independent
assertions at each other.

# In 1:3.8p1-1, the privsep_ask and privsep_tell questions have been
# removed, since it's my belief that most issues with privilege separation
# (in particular, all of those mentioned in the texts of the questions)
# have been fixed. Thus, downgrading, as that was the most intrusive
# question.

# I certainly have my doubts about some of the notes, but it seems not to
# be true that "all of [them] should be removed", for the reason you cite:
# 
# Template: ssh/user_environment_tell
# Type: note
# _Description: Environment options on keys have been deprecated
#  This version of OpenSSH disables the environment option for public keys by
#  default, in order to avoid certain attacks (for example, LD_PRELOAD). If
#  you are using this option in an authorized_keys file, beware that the keys
#  in question will no longer work until the option is removed.
#  .
#  To re-enable this option, set "PermitUserEnvironment yes" in
#  /etc/ssh/sshd_config after the upgrade is complete, taking note of the
#  warning in the sshd_config(5) manual page.
# 
# The disabling of the environment option means that users whose
# authorized_keys files contain it will be unable to ssh into the system
# until they fix the problem. If the sysadmin is one such user, they might
# reasonably count that as breakage, and it can't be automatically fixed.
# (The option was disabled for a good reason, so just enabling it on all
# upgrades isn't a good idea either.)
# 
# Likewise, ssh/encrypted_host_key_but_no_keygen signals breakage on
# upgrade from the old non-free ssh which the sysadmin needs to fix.
# 
# All other remaining templates are at priority medium or lower. At least
# ssh/ssh2_keys_merged looks like a good candidate for being moved into
# README.Debian.

> one is a warning, another a question.
> 
> These messages, dire in importance as they are, should be of low
> priority. The warning (note) itself should be removed and placed in
> NEWS.Debian;

While I think apt-listchanges/NEWS.Debian is the right approach for the
future, it remains too immature to be relied upon by ssh, as it has no
translation support or infrastructure, and wasn't installed by default
in woody so many users don't know it exists; even if it had been
installed by default in woody, it had no NEWS.Debian support then, so
users upgrading from woody to sarge won't see upgrade notes only in
NEWS.Debian. I don't like the proliferation of debconf prompts in ssh,
but I'm afraid that I'll take this bug over inflated critical bugs from
people who've been locked out of their system during an upgrade any day.

> the question should be left in, but at a low or maybe medium priority.

It would really help if you would actually say which prompts you're
talking about. None of the non-note debconf prompts asked by ssh exceed
priority medium.

Cheers,

-- 
Colin Watson                                  [cjwatson@flatline.org.uk]




Reply to: