Package: flashplugin-nonfree Version: 1:1.5 Tags: security [ ! -f /home/bartm/src/flashplugin-nonfree/bartm_debug ] || DOWNLOADURL="http://127.0.0.1/bartm/$DOWNLOADFILE";
Please don't leave lines like this in production code. You are not the only user named "bartm"; a user named "bartm" who also happened to have write access to /var/www could exploit this line to cause a system to download a different version of flashplugin-nonfree-lastminute.gz than the one you've published on people.debian.org. It would take a fairly unlikely combination of events for this to be exploited in any meaningful way, but the line should just be removed to avoid having to worry about it. -- see shy jo
signature.asc
Description: Digital signature
