Comment 102 for bug 13795
Revision history for this message
|
|
#102 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)
On Fri, Mar 25, 2005 at 06:37:14AM +1100, <email address hidden> wrote:
> > In no way installing the debian-policy package introduce a security
> > hole, causes serious data loss or makes unrelated software on the
> > system break.
>
> Not the installation of the policy package, but the following of the
> policy, prevents base-files from being secure. Is not the policy at
> fault if it mandates insecure settings or actions?
I won't argue one way or another, but instead I will note that the only
practical effect (outside statistics) of bug severity is that in
principle packages with bugs of severity 'serious' 'grave' or 'critical'
are not shipped in the next stable release, sarge in the case at hand.
Removing the debian-policy package from sarge is unlikely to make
base-files (or Debian as a whole) any more secure.
Cheers,
--
Bill. <email address hidden>
Imagine a large red swirl here.