artswrapper defanged
Rik Hemsley
rik at kde.org
Tue Jul 16 10:20:16 BST 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
#if Stefan Westerfeld
> I do care about aRts, and unless you reply to my lengthy mail on
> kde-multimedia with valid reasons about why it makes sense to do what
> you did (IMHO it does not make any sense at all), I will simply
> revert your commit entierly.
I'm not subscribed to kde-mm.
It makes sense to disable setting artswrapper to suid on install, because it
has a local DoS vulnerability. If the vulnerability has been fixed, there is no
reason not to revert this. If the vulnerability is still there, artswrapper
should not be installed suid.
Rik
- --
http://rikkus.info
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE9M+VQ6rehpl6X9l0RAl5eAJ40kDdWvafiEid7CYEYbka4OOuFjACfZs94
VZJVKSOtsCVvkleQaOGA1ZQ=
=FpDH
-----END PGP SIGNATURE-----
More information about the kde-core-devel
mailing list