]] Marc Haber
> Excuse me for asking a user question on -devel, but do we have any
> docs where someone explains how much a security trade off is
> shim-signed relativ to the optimum? I think that using shim-signed is
> surely worse than a directly signed kernel, but I don't know whether I
> can
Hi,
On 4/23/22 11:07 PM, Iustin Pop wrote:
Making Debian hard to use is a very short-sighted view of how to promote
free software - it works in the very short term only.
The same applies in the other direction -- making no real distinction
between free and non-free software is a short term s
On Sat, 2022-04-23 at 18:21 +0100, Steve McIntyre wrote:
> If you don't like the fact that Microsoft's keys are involved,
> it's possible on a lot of machines to enrol your own keys
On machines where this isn't possible in the UEFI firmware interface,
IIRC shim-signed is designed to allow you to
Steven Robbins wrote:
>
>Luca Boccassi wrote:
>
>> Personally, I'd even go for option 4, so that other drivers are covered
>> too (the general advice that can be found on the internet for users
>> with nvidia hardware seems to be: "avoid Debian, go Ubuntu/Mint/etc",
>> which is just a sad state of
Hello,
On Mon 11 Apr 2022 at 05:51PM +01, Ian Jackson wrote:
>> They also pointed out that there is some code from StackOverflow,
>> which is not GPL-3+.
>
> I think this is not right? I think you are referring to
> `argparseactionnoyes.py`. As I documented in the file header, it is
> part of S
On Sat, Apr 23, 2022 at 10:48:03PM +0200, Paul van der Vlis wrote:
> > > I have an idea for an extra option:
> > >
> > > 6. Put the closed source firmware somewhere in the Debian images, but
> > > never
> > > install closed source firmware by default. "No" should be the default.
> > That's the op
On Sat, Apr 23, 2022 at 4:50 PM Paul van der Vlis
wrote:
> Op 23-04-2022 om 16:10 schreef Andrey Rahmatullin:
> > On Sat, Apr 23, 2022 at 03:13:29PM +0200, Paul van der Vlis wrote:
> >>> I see several possible options that the images team can choose from
> here.
> >>> However, several of these op
On 2022-04-23 22:48:03, Paul van der Vlis wrote:
> Op 23-04-2022 om 16:10 schreef Andrey Rahmatullin:
> > On Sat, Apr 23, 2022 at 03:13:29PM +0200, Paul van der Vlis wrote:
> > > > I see several possible options that the images team can choose from
> > > > here.
> > > > However, several of these o
Op 23-04-2022 om 16:10 schreef Andrey Rahmatullin:
On Sat, Apr 23, 2022 at 03:13:29PM +0200, Paul van der Vlis wrote:
I see several possible options that the images team can choose from here.
However, several of these options could undermine the principles of Debian. We
don't want to make fundam
Luca Boccassi wrote:
> Personally, I'd even go for option 4, so that other drivers are covered
> too (the general advice that can be found on the internet for users
> with nvidia hardware seems to be: "avoid Debian, go Ubuntu/Mint/etc",
> which is just a sad state of affairs). But option 5 is alre
Marc Haber wrote:
>On Fri, 22 Apr 2022 11:16:42 +0200, Philip Hands
>wrote:
>>I understand the urge to insist upon absolute DFSG purity in the media
>>we produce, but when it comes to wanting to avoid every last shred of
>>data that we could not regenerate ourselves, I think we crossed that
>>line
Package: wnpp
Severity: wishlist
Owner: Jelmer Vernooij
X-Debbugs-Cc: debian-devel@lists.debian.org
* Package name: swagger-ui
Version : 4.10.3
Upstream Author : Name
* URL : https://github.com/swagger-api/swagger-ui
* License : Apache-2.0
Programming Lang:
On Sat, Apr 23, 2022 at 03:13:29PM +0200, Paul van der Vlis wrote:
> > I see several possible options that the images team can choose from here.
> > However, several of these options could undermine the principles of Debian.
> > We
> > don't want to make fundamental changes like that without the c
Package: wnpp
Severity: wishlist
Owner: Reinhard Tartler
* Package name: golang-github-mndrix-tap-go
Version : 0.0~git20171203.629fa40-1
Upstream Author : Michael Hendricks
* URL : https://github.com/mndrix/tap-go
* License : Public Domain
Programming Lang: G
Op 19-04-2022 om 02:30 schreef Steve McIntyre:
I see several possible options that the images team can choose from here.
However, several of these options could undermine the principles of Debian. We
don't want to make fundamental changes like that without the clear backing of
the wider project.
On Sat, 2022-04-23 at 12:21 +0200, Marc Haber wrote:
> >Is the presence of shim-signed on the install media enough to make
> >people feel somehow contaminated?
>
> I think so, yes. Personally, I don't care too much but i can
> understand why some people might.
Why? Because it contains a third-part
Package: wnpp
Severity: wishlist
Owner: fumiama
* Package name: base16384
Version : 2.2.0
Upstream Author : fumiama
* URL : https://launchpad.net/base16384
* License : GPLv3
Programming Lang: C
Description : Encode binary file to printable utf16be, and
On Fri, 22 Apr 2022 11:16:42 +0200, Philip Hands
wrote:
>I understand the urge to insist upon absolute DFSG purity in the media
>we produce, but when it comes to wanting to avoid every last shred of
>data that we could not regenerate ourselves, I think we crossed that
>line some time ago.
>
>I'm t
On Thu, 21 Apr 2022 10:12:19 -0700, Russ Allbery
wrote:
>I've been a Debian Developer for quite some time and can usually manage to
>figure out most tasks like this, and providing separate firmware to the
>installer has completely defeated me every time I've tried it. I've spent
>frustrated hours
19 matches
Mail list logo
