I do many package reviews, and occasionally I see a package that is fine packaging-wise but which I don't feel comfortable approving because I know it has security implications. One such package is schroot, which has some pam magic to allow users to set up chroots. https://bugzilla.redhat.com/show_bug.cgi?id=447368 It's quite possible that I'm simply being overly paranoid, but of course I'm not qualified to say one way or the other. Is it possible for someone with more knowledge in this area to take a look at the package? What would be needed? (Perhaps a scratch build, or are the src.rpm and spec sufficient?) Could we work out a simple procedure for doing this in the future? - J< -- Fedora-security-list mailing list Fedora-security-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-security-list
