Package: kppp
Version: 4:4.8.4-1
Severity: serious
Tags: security
X-Debbugs-CC: secur...@debian.org

Hi maintainers,

According to Ilja's report [1] about Linux desktop security, there is
no need to run kppp suid.
According to kppp FAQ:

""There is no need for the setuid bit, if you know a bit of UNIX®
systems administration. Simply create a modem group, add all users
that you want to give access to the modem to that group and make the
modem device read/writable for that group.""


[1]: http://lists.x.org/archives/xorg-devel/2013-May/036291.html, p34 and onward

Regards

--
Mathieu Parent


--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to