Allowing untrusted code to be downloaded to the users computer without even so much as a warning is very bad, thus I have bumped the severity and added the security tag. Exaile shouldn't be released in lenny with the plugin situation as it is. I had strange behaviour on my machine and did a resinstall and restore from backup because I suspect a compromise and the most probable cause is exaile. Of course I may not have been compromised, I may just be paranoid (depite hidden processes), but not being sure that exaile isn't and open gateway to untrusted code doesn't help my confidence level.
-- And that's my crabbing done for the day. Got it out of the way early, now I have the rest of the afternoon to sniff fragrant tea-roses or strangle cute bunnies or something. -- Michael Devore GnuPG Key Fingerprint 86 F5 81 A5 D4 2E 1F 1C http://gnupg.org No more sea shells: Daniel's Weblog http://cshore.wordpress.com
signature.asc
Description: PGP signature
