[pkg-cryptsetup-devel] Bug#626641: Bug#626641: cryptsetup: bug #587220 re-introduced
Christoph Anton Mitterer
calestyo at scientia.net
Sat May 14 12:17:31 UTC 2011
On Sat, 2011-05-14 at 13:47 +0200, Jonas Meurer wrote:
> > I guess it's not required, because if the initscripts are there, that file
> > is also there,.. unless people broke their packages manually, which we can
> > never prevent or always check for.
>
> If people 'break' their system, it will not be secure anymore. If they
> either remove the cryptsetup package while it's still used on the
> system, or simply remove the cryptdisks.functions file, that's a
> perfectly good example of breaking their system.
Well what I wrote there is only half of the truth... because in Debian,
init-scripts are unfortunately and wrongly considered as configuration
files... and it's perfectly valid to remove a package but not purge
it...
So people don't have to "break" their system to get in a situation where
they can end up in a situation where they execute
e.g. /etc/init.d/cryptdisks stop but their stuff is actually not
stopped.
Cheers,
Chris.
More information about the pkg-cryptsetup-devel
mailing list