Bug#299007: Insecure PATH in /root/.profile

2011-01-31 Thread Tim Brown
On Monday 31 January 2011 09:38:42 Thijs Kinkhorst wrote: > On Sun, January 30, 2011 20:46, Russ Allbery wrote: > > Philipp Kern writes: > >> The tech-ctte did decide on that matter. What's the progress on this > >> bug now? Is there any action taken as a consequence of it? > > > > It's waiting

Bug#299007: Insecure PATH in /root/.profile

2011-01-31 Thread Thijs Kinkhorst
On Sun, January 30, 2011 20:46, Russ Allbery wrote: > Philipp Kern writes: > >> The tech-ctte did decide on that matter. What's the progress on this >> bug now? Is there any action taken as a consequence of it? > > It's waiting for someone to do the work required to come up with a > transition p

Processed (with 2 errors): Re: Bug#299007: Insecure PATH in /root/.profile

2011-01-30 Thread Debian Bug Tracking System
Processing commands for cont...@bugs.debian.org: > block 611501 by 299007 Bug #611501 [ca-certificates] /usr/local/share/ca-certificates/ group-writable Was not blocked by any bugs. Added blocking bug(s) of 611501: 299007 and 538392 > severity 611501 wishlist Failed to set severity of Bug 611501 t

Bug#299007: Insecure PATH in /root/.profile

2011-01-30 Thread Philipp Kern
block 611501 by 299007 severity 611501 wishlist # It's not really security-related, as it's currently the defined and # expected behaviour, albeit some people want to change this. tag 611501 - security thanks Russ, On Sun, Jan 30, 2011 at 11:46:23AM -0800, Russ Allbery wrote: > Philipp Kern writ

Bug#299007: Insecure PATH in /root/.profile

2011-01-30 Thread Russ Allbery
Philipp Kern writes: > The tech-ctte did decide on that matter. What's the progress on this > bug now? Is there any action taken as a consequence of it? It's waiting for someone to do the work required to come up with a transition plan. No one so far has had time and interest to work on it. T

Bug#299007: Insecure PATH in /root/.profile

2011-01-30 Thread Philipp Kern
Russ, On Fri, Jun 06, 2008 at 12:11:47PM -0700, Russ Allbery wrote: > This proposal asks that directories in /usr/local no longer be writable by > group staff. > > There clearly was not consensus in this bug discussion for making this > change, but neither am I comfortable as a Policy delegate wi

Bug#299007: Insecure PATH in /root/.profile

2008-06-06 Thread Russ Allbery
package debian-policy user [EMAIL PROTECTED] usertag 299007 ctte thanks This proposal asks that directories in /usr/local no longer be writable by group staff. There clearly was not consensus in this bug discussion for making this change, but neither am I comfortable as a Policy delegate with sim