On 2011-03-03, Bastien ROUCARIES <roucaries.bast...@gmail.com> wrote: > Giving information on my system without admin concent is an > information leak, and thus tag security...
Information leaks are leaks of *sensitive* information. If I want to know if you run phpmyadmin at its default location I just poll that URL and your webserver will tell me. If you don't run it there but in another path you'll likely not know where to change it in the Avahi broadcast data. And next time we get bugs about Iceweasel leaking its version number in the User-Agent header, which I consider more sensitive (cf. Panopticlick). But then my mileage varies, as yours does, too. We don't like security by obscurity, as you might know. Kind regards Philipp Kern -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/slrnimvf8a.ra8.tr...@kelgar.0x539.de
