On Tue, Jan 18, 2005 at 11:38:55PM +0100, Thomas Schmidt wrote:
>
> Well, it seems that there are different opinions in this case - some
> developers (you for example) say that system users should be removed
> when the package is purged, some say that it is no problem if the
> user is not deleted.
* Javier Fernández-Sanguino Peña schrieb am 17.01.05, um 09:08 Uhr:
> > I also think that it would be the best to just keep the user, because
> > other packages will use it too (vdradmin and some plugins).
>
> The user, if created by the package, should be removed. If other packages
> depend on
On Sun, Jan 16, 2005 at 10:48:39PM +0100, Thomas Schmidt wrote:
>
> I also think that it would be the best to just keep the user, because
> other packages will use it too (vdradmin and some plugins).
The user, if created by the package, should be removed. If other packages
depend on it, they sh
* Darren Salt schrieb am 16.01.05, um 20:51 Uhr:
> > addgroup --quiet --system $HONEYUSERGROUP
>
> ITYM "$CREATEGROUP" ;-)
Yes, i allready saw this. ;)
> (FWIW, I'm applying this to my unofficial vdr package.)
I also added the code to the cvs-repository. (Before i just added a
"|| tru
I demand that Javier Fernández-Sanguino Peña may or may not have written...
[snip]
> Also notice that the patch provided to this bug is not correct:
> 1.- the postinst will not check if the user exists before creating. It
> should do something like:
> -
severity 287899 critical
tags 287899 security
thanks
(Setting this bug as higher severity after discussing with the security
team and the maintainer)
The vdr package, as it is currently, should not be accepted into sarge
unless the daemon runs as a non-root user. There are several troublesome
6 matches
Mail list logo
