Re: sudo security Was: Reporting missing package during install
On Tue 10 Dec 2013 at 23:50:00 +0100, Gian Uberto Lauri wrote:
>
>
> > On 10/dic/2013, at 20:46, Brian <ad44@cityscape.co.uk> wrote:
>
> > Quite possibly this is a technique which is tried but, in a default
> > install, Debian does not provide any faulty services.
> >
>
> You are never sure about not-yet publicized exploits.
We do not worry about serious, unpublicised exploits. Their existance is
of little consquence for your argument as your "attackers" would not
know about them.
> And some time ago there was a problem with sone ssh code that
> should not have been cleaned...
If what you are referring to is what I think it is then no machines were
ever harmed. Not that the problem wasn't serious but the action taken by
Debian was swift and exemplary.
Reply to: