Hi Jamie, 2008/2/8, Jamie Strandboge <[EMAIL PROTECTED]>: > Arnaud, > > I was curious as to why the Debian packaging doesn't do the 'security > domains' as listed in: > http://www.networkupstools.org/faq/ > > or even the chrooting as in: > http://www.networkupstools.org/doc/2.2.0/chroot.html
well, the answers would be: because... - the security scheme of the current debs are inherited from the previous maintainer, - no users have explicitly expressed the need (or wish) of more security hardening by default, - I've not had yet the time to cleanly complete these packages (need debconf, cdbs refactoring, security hardening), nor received help to do so, - I've dedicated most of my time upstream (you might want to have a look at my launchpad wiki), - ... You have missed that one ;-) "Completely unprivileged upsmon" (to drop the remaining root privs) http://www.networkupstools.org/doc/2.2.0/ideas.html In fact, I have the NPS project linked to the packaging standardization and improvement. I've explicitly added a security hardening comment: https://alioth.debian.org/pm/?group_id=30602 So, if you're interested in helping, you're more than welcome ;-) -- main inclusion report https://bugs.launchpad.net/bugs/182790 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs