Package: chiark-really Version: 4.2.0 Severity: minor According to the documentation that comes with the package, the "really" program is designed for extreme simplicity and verifiable safety; in particular, the way I understand it there should be _one_ and only one authorization mechanism, namely the access() check on /etc/inittab.
Given this, it seems strange that the binary is installed like this: -rwsr-xr-- 1 root root 15120 Jun 10 15:27 /usr/sbin/really that is, no execute permission outside the root group. Nothing in the documentation says the group owner of inittab must be the root group; the impression is that's left 100% to the administrator. But even if it's indeed intended to use the root group for that, this extra barrier is redundant and confusing. -- System Information: Debian Release: wheezy/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 3.4.18-custom (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages chiark-really depends on: ii libc6 2.13-35 chiark-really recommends no packages. chiark-really suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
