[Pkg-dspam-misc] Bug#695275: src:dspam: harmful actions in multiple postrm scripts of M-A:same packages
Helmut Grohne
helmut at subdivi.de
Thu Dec 6 14:14:00 UTC 2012
Package: src:dspam
Version: 3.10.2+dfsg-2
Severity: serious
Let me give an example of the general issue in libdspam7. All the other
issues are of similar nature.
It is possible to install libdspam7:amd64 and libdspam7:i386 in
parallel. Now a user could purge libdspam7:i386, but still use
libdspam7:amd64. The postrm purge script would ensure that the dspam
user is now locked. This breaks libdspam7:amd64.
Basically every postrm script shipped contains a similar issue. I am not
aware of a general solution to the problem. Different packages have come
up with different solutions (example: libwrap0). Due to the size of the
problem here I suggest to remove the M-A:same headers in a t-p-u upload
and defer a real solution until after wheezy. I'd expect said real
solution to involve a new package Arch:all package and ship the dspam
user.
Helmut
More information about the Pkg-dspam-misc
mailing list