Package: slim Version: 1.3.0-1 Severity: normal In the slim.conf installed by default the variable default_path includes the current directory ./ in the first position:
default_path ./:/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin This leads to PATH including ./ in ithe environment of every X session (unless overwritten in one of the shell's rc files). This could be a security risk. As a solution I propose removing ./ from default_path (and thus $PATH) completely. A user who explicitely wants it in her $PATH can still add it by editing the shell's rc files). Cheers, Tobias -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.25-tk.xenon Locale: LANG=en_GB, LC_CTYPE=de_CH (charmap=ISO-8859-1) (ignored: LC_ALL set to en_GB) Shell: /bin/sh linked to /bin/bash Versions of packages slim depends on: ii debconf [debconf-2.0] 1.5.22 Debian configuration management sy ii libc6 2.7-12 GNU C Library: Shared libraries ii libgcc1 1:4.3.0-5 GCC support library ii libjpeg62 6b-14 The Independent JPEG Group's JPEG ii libpam0g 0.99.7.1-6 Pluggable Authentication Modules l ii libpng12-0 1.2.27-1 PNG library - runtime ii libstdc++6 4.3.0-5 The GNU Standard C++ Library v3 ii libx11-6 2:1.0.3-7 X11 client-side library ii libxft2 2.1.12-2 FreeType-based font drawing librar ii libxmu6 2:1.0.4-1 X11 miscellaneous utility library slim recommends no packages. -- debconf information: * shared/default-x-display-manager: slim -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
