Re: Re: Bug#738855: initscripts: Skip killing root-owned process starting with @

[Helmut Grohne <helmut () subdivi de>]

On Sun, Feb 16, 2014 at 12:10:43AM +0400, Solar Designer wrote:
> I reluctantly approved Petter's posting, although it was unclear if it
> was CC'ed to oss-security on purpose or accidentally.

It is common practise on bugs.d.o. to just reply to everyone. I should
have made clear that oss-sec should only be included for security
relevant aspects.

> FYI, the thread on oss-security started here:
>
> http://www.openwall.com/lists/oss-security/2014/02/14/4
>
> and you may see follow-ups (which were _not_ CC'ed to the Debian bug)
> via the "thread-next" link.
>
> Dimitri, since you were the one to add the CC:, what would you like us
> to do?  So far, Petter's is the only such comment CC'ed to oss-security
> after yours, but I suspect that many more comments will be posted to the
> Debian bug later (since there's no consensus), and many may/would be
> CC'ed to oss-security without specific reason (OK, maybe my bringing the
> question up will affect this and it won't be happening).

As the one who moved this discussion to oss-sec, I intended only the
security implications of the approach chosen by systemd (and proposed
for initscripts) to be discussed here.

> From my POV, please block future messages to the bug discussing
implementation details from oss-sec. 

Helmut