the kde packages done by debian were affected by the kde exploit this way: they were not setuid root, but setgid shadow. so it could be possible to read /etc/shadow, but not get root rights. andreas
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:54:04 PDT