On Sat, Apr 12, 2008 at 8:36 PM, Bastian Blank <[EMAIL PROTECTED]> wrote: > Sure it is correct. It allows wwwdata to write scripts which are > executed by a different user. Also files in /usr and not in /usr/local > are not supposed to be modified outside of dpkg.
I do not think that security improves when I move the files from /usr/share to /var/something. I have shown you that there is no real policy violation (just a violation of a recommendation). Please explain your reasons why you think otrs in insecure to the upstream author Martin Edenhofer to get a consensus on the issue. 'It allows wwwdata to write scripts which are executed by a different user.' - that is not a security problem at all IMHO. At least you did not explain the security problem here. Torsten -- http://twerner.blogspot.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
