On Sun, Jan 30, 2011 at 03:35:05AM +0100, Christoph Anton Mitterer wrote: > Files in /usr/local/share/ca-certificates/ are installed as system wide > certificates, thus even affecting root (e.g. if he or the system security > depends on a "secure" /etc/ssl/certs) > > This directory is however owned by group staff and group-writable, which is > IMHO a reasonable big security problem. > > Could you consider to change this (and especially also change it on already > existing installations).
This is [1]. Do you have an indication for me that such a transition plan exists? I.e. did it happen for /usr/local/bin and such? Kind regards Philipp Kern [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=484841
signature.asc
Description: Digital signature
