David F. Skoll wrote: > On Mon, 4 Oct 2004, Martin Schulze wrote: > > > There are reasons users install it setuid / setgid, and these installations > > are vulnerable. > > I disagree. There is absolutely *no* reason to install rp-pppoe > setuid-root. It is normally invoked by pppd, and pppd must be either > invoked by root or setuid-root itself. Could you name a scenario in > which a setuid-root rp-pppoe is needed?
Please talk to the Debian maintainer of rp-pppoe since pppoe is installed root.dip and setuid in Debian sarge and sid. The maintainer can be reached through [EMAIL PROTECTED] Details about this package can be found here: http://packages.debian.org/pppoe Regards, Joey -- Everybody talks about it, but nobody does anything about it! -- Mark Twain Please always Cc to me when replying to me on the lists. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]