On Fri, 20 Jan 2006, Bernhard R. Link wrote:
> * Peter Palfrader <[EMAIL PROTECTED]> [060120 13:31]:
> > user implies noexec, nosuid, and nodev unless overridden by subsequent
> > options according to the mount(8) manpage.
>
> Please always keep in mind that this only reduces the chance, but still
* Peter Palfrader <[EMAIL PROTECTED]> [060120 13:31]:
> user implies noexec, nosuid, and nodev unless overridden by subsequent
> options according to the mount(8) manpage.
Please always keep in mind that this only reduces the chance, but still
keeps the possibility for holes open. (Like noexec cou
Wouter Verhelst wrote on debian-devel@lists.debian.org:
> [Re-adding Cc to Kurt, as he's mentioned he isn't subscribed]
>
> On Fri, Jan 20, 2006 at 01:20:26PM +0800, Cameron Patrick wrote:
> > Kurt Pfeifle wrote:
> > > The klik client installation needs root privileges once, to add 7 lines
> > > li
On Fri, 20 Jan 2006, Wouter Verhelst wrote:
> > > /tmp/app/1/image /tmp/app/1 cramfs,iso9660 user,noauto,ro,loop,exec 0 0
> >
> > Doesn't this introduce a local root exploit? A user can easily write
> > their own /tmp/app/1/image file which contains, say, a setuid root bash
> > executable.
>
[Re-adding Cc to Kurt, as he's mentioned he isn't subscribed]
On Fri, Jan 20, 2006 at 01:20:26PM +0800, Cameron Patrick wrote:
> Kurt Pfeifle wrote:
>
> > > On Thu, Jan 19, 2006 at 08:34:59PM +, Kurt Pfeifle wrote:
> > > > And third, klik doesn't really "install". It brings exactly 1 addition
Kurt Pfeifle wrote:
> > On Thu, Jan 19, 2006 at 08:34:59PM +, Kurt Pfeifle wrote:
> > > And third, klik doesn't really "install". It brings exactly 1 additional
> > > file (the *.cmg) onto the system. It works with "user only" privileges.
> >
> > Hang on. You loop-mount with user-only privileg
> On Thu, Jan 19, 2006 at 08:34:59PM +, Kurt Pfeifle wrote:
> > And third, klik doesn't really "install". It brings exactly 1 additional
> > file (the *.cmg) onto the system. It works with "user only" privileges.
>
> Hang on. You loop-mount with user-only privileges? How?
The klik client insta
On Thu, Jan 19, 2006 at 08:34:59PM +, Kurt Pfeifle wrote:
> And third, klik doesn't really "install". It brings exactly 1 additional
> file (the *.cmg) onto the system. It works with "user only" privileges.
Hang on. You loop-mount with user-only privileges? How?
--
.../ -/ ---/ .--./ / .--/
> Le Jeudi 19 Janvier 2006 08:48, Peter Samuelson a écrit?:
> > For those following along at home, it seems klik is some sort of
> > gateway to install Debian packages on various non-Debian distributions.
> > I imagine it's an ftp frontend to alien.
>
> Well..
> In fact, it is a scripted version of
> [EMAIL PROTECTED]
>
> > There seems to be a fairly good amount of Debian Sarge packages
> > available via http://klik.atekon.de/.
>
> You know, I almost didn't bother to visit the web site, since you're
> unwilling to even sign your name to your message, and you didn't say
> anything about what k
On Thu, 19 Jan 2006, Frank Küster wrote:
> [EMAIL PROTECTED] wrote:
>
> > There seems to be a fairly good amount of Debian Sarge packages
> > available via http://klik.atekon.de/. However, most of them are having
> > unmaintained recipes and therefore some of them do not work
> > properly. I think
Frank Küster <[EMAIL PROTECTED]> writes:
> [EMAIL PROTECTED] wrote:
>> There seems to be a fairly good amount of Debian Sarge packages
>> available via http://klik.atekon.de/. However, most of them are having
>> unmaintained recipes and therefore some of them do not work
>> properly. I think it wou
On Thursday 19 January 2006 09:57, Romain Beauxis wrote:
> My own feeling about it is that the author is not very honnest with the
> debian packaging work.
From klik.atekon.de: "Thanks to debian for the software compilation and
packaging."
> Hum... It allows non permanent installation which can b
Le Jeudi 19 Janvier 2006 09:57, Romain Beauxis a écrit :
> No where in his web page is written that in fact klik is a refactoring of
> actual debian packages.
Ok I was wrong it is written in small at the end:
"Thanks to debian for the software compilation and packaging."
Romain
--
Satan is an e
Le Jeudi 19 Janvier 2006 08:48, Peter Samuelson a écrit :
> For those following along at home, it seems klik is some sort of
> gateway to install Debian packages on various non-Debian distributions.
> I imagine it's an ftp frontend to alien.
Well..
In fact, it is a scripted version of apt that ca
[EMAIL PROTECTED] wrote:
> There seems to be a fairly good amount of Debian Sarge packages
> available via http://klik.atekon.de/. However, most of them are having
> unmaintained recipes and therefore some of them do not work
> properly. I think it would be an easy task for Debian maintainers to
>
[EMAIL PROTECTED]
> There seems to be a fairly good amount of Debian Sarge packages
> available via http://klik.atekon.de/.
You know, I almost didn't bother to visit the web site, since you're
unwilling to even sign your name to your message, and you didn't say
anything about what klik is or why
There seems to be a fairly good amount of Debian Sarge packages available via
http://klik.atekon.de/. However, most of them are having unmaintained recipes
and therefore some of them do not work properly. I think it would be an easy
task for Debian maintainers to check the working of the kliked
18 matches
Mail list logo
