On Sun, Aug 18, 2013 at 11:03 PM, Ondřej Surý <ond...@sury.org> wrote: > Control: tag -1 +wontfix > Control: severity -1 wishlist > Gergely, > please read the bug the Thijs already mentioned - removing maxdepth has a > security implications. > If you modify the default settings you are responsible also to modify the > other ends. The session cleaning is documented in Debian package and we > simply cannot handle all possible configuration options the user might set.
As far as I read the other problem, it pertains to the fact that the find command can be misled into following symbolic links. That can be easily avoided by adding the -P option to the command line. It is also entirely possible to restrict the possible damage even more by adding "-iname sess_*" to make sure the only files that are affected are session files. -garg -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
