[php-maint] Bug#618489: Bug#618489: Bug#618489: Bug#618489: Bug#618489: php5-common: priviledge escalation in /etc/cron.d/php5

Raphael Geissert geissert at debian.org
Fri Mar 18 02:18:44 UTC 2011


On 17 March 2011 15:37, Sean Finney <seanius at debian.org> wrote:
> so regarding the maxdepth/prune... not sure that we have agreement on
> whether this should go at stable/oldstable or not.  do we limit it to
> unstable, or do we make the change and maybe add some notes for
> -security to put in the DSA?
>
> likewise, with the permissions change?

My opinion is to only make the -delete change in old/stable. Making
any of the other changes would change current behaviour and has the
risk of breaking setups (even if they rely on undocumented behaviour.)

Unless there's any compelling argument to do make those changes with
the risk of breaking setups, I'm going to release the DSA without
them.

Cheers,
-- 
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net





More information about the pkg-php-maint mailing list