On Fri, Mar 25, 2005 at 06:37:14AM +1100, [EMAIL PROTECTED] wrote: > > In no way installing the debian-policy package introduce a security > > hole, causes serious data loss or makes unrelated software on the > > system break. > > Not the installation of the policy package, but the following of the > policy, prevents base-files from being secure. Is not the policy at > fault if it mandates insecure settings or actions?
I won't argue one way or another, but instead I will note that the only practical effect (outside statistics) of bug severity is that in principle packages with bugs of severity 'serious' 'grave' or 'critical' are not shipped in the next stable release, sarge in the case at hand. Removing the debian-policy package from sarge is unlikely to make base-files (or Debian as a whole) any more secure. Cheers, -- Bill. <[EMAIL PROTECTED]> Imagine a large red swirl here. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
