Package: sash Version: 3.7-7.2 Severity: important
Today, after unsucsessful attempt to login as sashroot, I've got somewhat broken system -- all processes running under uid=0 were reported belonging to sashroot. Due to lack of knowledge of nss internals I inquired on -devel mailing list and it seems that multiple accounts sharing uid=0 might be considered a bad practice. For more details see http://lists.debian.org/debian-devel/2007/02/msg00323.html thread. If you can prove that it is 'documented feature of nss' to resolve in some deterministic way a uid whenever multiple ones are possible, then probably this bug has to be reassigned against libc6 to which libnss_files belongs. Since this bug might drive whole system broken, I am assigning it important priority, since a big proportion of sash users probably use sashroot account feature. Thank you. -- System Information: Debian Release: 4.0 APT prefers testing-proposed-updates APT policy: (500, 'testing-proposed-updates'), (500, 'testing') Architecture: amd64 (x86_64) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.16-2-amd64-generic Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages sash depends on: ii debconf [debconf-2.0] 1.5.11 Debian configuration management sy ii lockfile-progs 0.1.10 Programs for locking and unlocking ii passwd 1:4.0.18.1-6 change and administer password and sash recommends no packages. -- debconf information: sash/delete_sashroot_on_remove: false * sash/clone_root_passwd: true * sash/create_sashroot: true sash/change_root_shell: false -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
