http://bugzilla.novell.com/show_bug.cgi?id=542051
User suse@tlinx.org added comment
http://bugzilla.novell.com/show_bug.cgi?id=542051#c9
L. A. Walsh changed:
What |Removed |Added
----------------------------------------------------------------------------
Keywords| |security_vulnerability,
| |Systemic
Priority|P4 - Low |P3 - Medium
Severity|Minor |Normal
--- Comment #9 from L. A. Walsh 2009-10-09 13:17:29 PDT ---
Comments added to bug 540966, title changed to reflect product name.
Extra notes added.
added tags as security_vulnerability (minor), but unsanitary security practice
to have multiple daemons all co-mingling in the 'nobody.nobody' pool
Raising this bug's prio P3/Normal (from P4/Minor), since the
'nobody/nobody' issue seems to be systemic....
SuSE should be way past that security detail, IMO, but maybe the security folk
I've hung with have overemphasized its importance more than others might
consider it....dunno.
The group I hung with was also concerned about 'covert' information leakage
channels...so that's why this issue is important -- not _usually_ (AFAIK), from
a
system-corruption problem -- just a system-insecurity.
--
Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.