Actually, re-reading the definitions in reportbug, this seems to be *critical*. Why
doesn't
anyone DO anything about this? NMU? Something???
> On Thu, Jul 01, 2004 at 10:28:04AM -0700, Itay Ben-Yaacov wrote:
> > Package: udev
> > Version: 0.026-1
> > Severity: normal
> > Tags: security
> >
> >
> > Permissions of /dev/input/* should be 600 or 640, but certainly not
> > 644! Anybody logged on could read my password directly from the event#
> > device associated with the keyboard.
>
> Eek! This is severe.
>
> --
> - mdz
>
___________________________________________________________ALL-NEW Yahoo! Messenger -
sooooo many all-new ways to express yourself http://uk.messenger.yahoo.com
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
