On Sat, Jul 30, 2005 at 09:15:23PM -0700, Bill Wilson wrote:
wget was never discussed because it was never installed in the first place. The reason I brought up netcat is that yast2 depends on netcat, hence the decision was to remove yast2 as well.
In my firm, security decides which packages stay, this is our first installation.
Don't you mean gross stupidity decides?
--- Rainer Duffner
wrote: What would interest me here is: Did they also demand to remove wget? wget is far more dangerous, as it can be used to download bad code to the server from remote.
Unfortunately, it's also used by yast for YOU. So, if you really want to break yast, de-install wget.
cheers, Rainer
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
__________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here