On Thu, May 06, 2004 at 10:43:36PM +0200, maks attems
wrote:> logcheck-database and logtail are clean, but
>
> W: logcheck: possibly-insecure-handling-of-tmp-files-in-maintainer-script
postinst:56
>
> the offending line in debian/logcheck.postinstall:
> chown -R logcheck /var/tmp/logcheck* &> /dev/null || true
>
> todd do we really need this line?
> did you want to catch a running logcheck, while upgrading?
Yeah, I was hoping to catch a running logcheck. It seems you're right that
even if a logcheck was running, it would take care of it's own cleanup and
then the new dir for the next time would have correct perms.
Good work, Removed.
> E: logcheck: depends-on-essential-package-without-using-version bash
>
> probably not too bad to add a sensitive number there,
> does anyone have preference?
Because it is essential, I see no need to declare depends on it. Removed.
Cheers,
--
[ Todd J. Troxell ,''`.
Student, Debian GNU/Linux Developer, SysAdmin, Geek : :' :
http://debian.org || http://rapidpacket.com/~xtat `. `'
`- ]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url :
http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20040507/c4f5cf0e/attachment.pgp