Ubuntu
secvpn package

Please remove secvpn source and binary

Bug #154730 reported by Scott Kitterman on 2007-10-20

This bug report is a duplicate of: Bug #327482: access to non-existent /etc/inittab. Edit Remove

10

Affects		Status	Importance	Assigned to	Milestone
	secvpn (Ubuntu)	Triaged	Wishlist	Scott Kitterman

Bug Description

Binary package hint: secvpn

secvpn | 2.21 | hardy/universe | source, all

This package appears to be broken, obsolete, and have a very poor security design. While looking into fixing Bug #152968, I noticed that in addition to still needing the long gone /etc/inittab, it also does interesting things like add its user to the sudoers group.

It looks to me like the init process, including setuid will have to be completely redone. Please have a look at this package and unless you think it can reasonably be made safe and funcitonal, remove it. There are plenty of other options in the repostories.

Scott Kitterman (kitterman) on 2007-10-20

Changed in secvpn:
importance:	Undecided → Wishlist
status:	New → Confirmed

Revision history for this message

Sebastien Bacher (seb128) wrote on 2007-11-10:

#1

could you try to talk to the debian maintainer if it's broken if would makes sense to get it removed there as well and would simply the work for Ubuntu

Changed in secvpn:
status:	Confirmed → Incomplete

Revision history for this message

wolfger (wolfger) wrote on 2008-05-03:

#2

6 months with no response. We are closing this bug report because it lacks the information we need to investigate the problem, as described in the previous comments. Please reopen it if you can give us the missing information, and don't hesitate to submit bug reports in the future. To reopen the bug report you can click on the current status, under the Status column, and change the Status back to "New". Thanks again!

Changed in secvpn:
status:	Incomplete → Invalid

Revision history for this message

Scott Kitterman (kitterman) wrote on 2008-05-03:

#3

Dear bugsquad people: Please don't mess with archive management bugs. Ask bdmurray about it if you have questions. Talk to the Debian Maintainer is still on my TODO list and the package is still broken, obsolete, and has a poor security design.

Changed in secvpn:
status:	Invalid → Incomplete

Ryan Prior (ryanprior) on 2008-05-04

Changed in secvpn:
assignee:	nobody → kitterman
status:	Incomplete → In Progress

Revision history for this message

Scott Kitterman (kitterman) wrote on 2008-05-12:

#4

In Progress has a specific meaning for some workflow bugs. This isn't ready for the archive to look at again.

Changed in secvpn:
status:	In Progress → Triaged

Revision history for this message

Colin Watson (cjwatson) wrote on 2008-06-01:

#5

In which case the archive team probably shouldn't be subscribed. Please re-subscribe ubuntu-archive when this is ready.

Revision history for this message

Dimitrios Symeonidis (azimout) wrote on 2009-09-02:

#6

Scott, any news on removing this?

Revision history for this message

Adi Prizandi (anaqimuddin4213) wrote on 2010-04-30:

#7

Error my ubuntu 9.10

Revision history for this message

Michael Vogt (mvo) wrote on 2010-10-06:

#8

Can we please get rid of this package for maverick? Because of bug #327482 it will not install on most systems because it relies on /etc/inittab and causes problems for our users.

Revision history for this message

Scott Kitterman (kitterman) wrote on 2010-10-06:

#9

Yes. Please. It's even more clearly time now than it was two years ago.

Report a bug

This report contains Public information

Everyone can see this information.

Duplicate of bug #327482 Remove

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.