Package: apt-listbugs Version: 0.1.17 Severity: wishlist Tags: security apt-listbugs when asked to display bug information in browser it starts the browser as root. Needless to say this is not a good idea and in specific circumstances a security issue. listbugs should drop the superuser privileges before doing so. My recommendation is to launch the browser as 'nobody' by default and add a config option to set a custom user.
Regards, Nick _______________________________________________ Secure-testing-team mailing list Secure-testing-team@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
