On 21-Aug-02, 19:16 (CDT), Marc Singer <[EMAIL PROTECTED]> wrote:
>
> It does appear that there are a couple of good examples. In fact,
> this is not one of them since what you ought to ship is a cron.allow
> that blocks everything, right?
No, because that is not the expected, traditional behaviour in cron. If
I included an empty cron.allow, I'd be inundated by bug reports about
how crontab didn't work.
> As far as I can tell, there aren't many 'dangerous' examples. A
> package may install a crontab file in cron.d that is deleted by the
> user. Apparently, apache2 performs directory scanning for
> configuration files, too. Examples such as BASH are definitely *not*
> dangerous since the default file contains a single, innocuous
> directive.
While I'll grant you that "dangerous" is probably not the correct
adjective, the current behaviour is correct. Debian policy is that
packages don't override admin modifications to configuration files.
Removing a file is a modification. End of story.
> As I wrote in another message, given that there is an override switch
> in dpkg, that switch would be helpful if available in apt-get.
apt-get --option Dpkg::Options=--force-confmiss ....
Steve
--
Steve Greenland
The irony is that Bill Gates claims to be making a stable operating
system and Linus Torvalds claims to be trying to take over the
world. -- seen on the net
