Hi Paul, Op zondag 13 november 2011 09:59:19 schreef Paul Wise: > Package: www.debian.org > Severity: normal > X-Debbugs-CC: debian-security@lists.debian.org > > These two links are referenced by the Debian security audit pages but > the domain has been taken by squatters. Could someone from the security > team suggest the correct course of action here? Does the security team > generate a list of all setuid/setgid executables in Debian? There does > not appear to be a replacement for the debian-audit list, should mails > about that be directed to debian-security? > > http://shellcode.org/Setuid/ > http://shellcode.org/mailman/listinfo/debian-audit
Thanks for checking this with us. The Debian Security Audit Project has been inactive for a long time now. I see the mentioned links have been removed by jfs already. The current solution seems OK: point interested people to the debian-security list and reference Lintian for setuid binaries in the archive. That's all we have now, so I think no further action is necessary on this. If the audit team is revived they can always further improve their pages or add new links. Thijs -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201111191942.43833.th...@debian.org
