Package: kppp Version: 4:4.8.4-1 Severity: serious Tags: security X-Debbugs-CC: secur...@debian.org
Hi maintainers, According to Ilja's report [1] about Linux desktop security, there is no need to run kppp suid. According to kppp FAQ: ""There is no need for the setuid bit, if you know a bit of UNIX® systems administration. Simply create a modem group, add all users that you want to give access to the modem to that group and make the modem device read/writable for that group."" [1]: http://lists.x.org/archives/xorg-devel/2013-May/036291.html, p34 and onward Regards -- Mathieu Parent -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
