Bug 4221
Summary: | Possible root compromises via man/groff. | ||
---|---|---|---|
Product: | [Retired] Red Hat Linux | Reporter: | Jason Costomiris <jcostom> |
Component: | man | Assignee: | David Lawrence <dkl> |
Status: | CLOSED WONTFIX | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 6.0 | Keywords: | Security |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 1999-08-23 15:45:05 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Jason Costomiris
1999-07-27 14:01:55 UTC
If someone rebuilds groff and introduces a security hole, then they are putting themselves at risk. adding the -S field to /etc/man.config will only move the problem around -- other applications / uses of groff will still have the hole. This not truly lead to better security. We do not recommend that people rebuild packages unless they are very sure they understand what they are doing. |