severity 475737 serious thanks On Sat, Apr 12, 2008 at 07:08:32PM +0200, Torsten Werner wrote: > On Sat, Apr 12, 2008 at 5:54 PM, Bastian Blank <[EMAIL PROTECTED]> wrote: > > otrs2 makes files in /usr/share writable by non-root. See policy ยง10.9. > While I agree that the permissions are not perfect I do not think that > severity 'serious' is correct.
Sure it is correct. It allows wwwdata to write scripts which are executed by a different user. Also files in /usr and not in /usr/local are not supposed to be modified outside of dpkg. Bastian -- Deflector shields just came on, Captain.
