>I doubt that this is a serious problem [...] >Right, problems should be minimized if possible.
Anyway, I think we can agree it should be fixed (whether it is "serious" or not). Just for the sake of argument: according to debian policy it is "serious", see 1) http://www.debian.org/Bugs/Developer#severities and 2) http://release.debian.org/etch_rc_policy.txt section 5b. for further reference. It says: ------------------------- 1) serious: "is a severe violation of Debian policy (roughly, it violates a must or required directive), or, in the package maintainer's opinion, makes the package unsuitable for release." 2) Security "Programs must be setup to use the minimum privleges they can. (ie, not setuid where setgid will suffice; not setuid root where setuid some other user will suffice; setuid root for the minimum period possible, etc)" ------------------------- kind regards, Matthias -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
