Comment 30 for bug 11223
Revision history for this message
|
|
#30 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
7020100
(Get the code!)
Florian Weimer wrote:
> >> Huh? What about safe_mode? Does CVE officially declare safe_mode as
> >> fundamentally insecure?
> >
> > Yes (except that it's not CVE who declared but vendor-sec).
>
> Okay, this actually good news.
Hmm. I'm not sure that "safe_mode is fundamentally broken" is good news,
but it's the truth...
> Shall I write a draft DSA and some documentation patches? Some of our
> users rely on this feature and are not aware of its defects.
Please do. I think a good documentation on why/how safe_mode is
broken would be good to be added to www.debian.
same as chroot-is-no-jail.
Regards,
Joey
--
In the beginning was the word, and the word was content-type: text/plain
Please always Cc to me when replying to me on the lists.