[php-maint] Bug#618489: Bug#618489: Bug#618489: Bug#618489: php5-common: priviledge escalation in /etc/cron.d/php5
Sean Finney
seanius at debian.org
Thu Mar 17 21:37:52 UTC 2011
On Thu, 2011-03-17 at 09:45 +0000, Stephane Chazelas wrote:
>
> Note that I gave a POSIX equivalent of that command.
>
> Another reason for using -delete (you're using GNU syntax
> anyway) is that files are removed just after their time stamp is
> checked.
okay, so then i think we're all in agreement to use -delete and throw
out the -print0|xargs. i double checked on kFreeBSD and find is also
built with O_NOFOLLOW there btw.
so regarding the maxdepth/prune... not sure that we have agreement on
whether this should go at stable/oldstable or not. do we limit it to
unstable, or do we make the change and maybe add some notes for
-security to put in the DSA?
likewise, with the permissions change?
sean
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/pkg-php-maint/attachments/20110317/d41b30a6/attachment.pgp>
More information about the pkg-php-maint
mailing list