http://www.gnusolaris.org is now open.
We got an overwhelming response! We simply could not process all requests for
the Pilot membership in a timely fashion. We do hope that people waiting for the
login user/password will see this message.
The rest information is on the website. We'll keep it c
Package: wnpp
Severity: wishlist
Owner: Takuo KITAME <[EMAIL PROTECTED]>
o Package name: smtpguard
Version : 1.1.0
Upstream Author : VA Linux Systems Japan, K.K.
* URL : http://sourceforge.net/projects/flexguard/
* License : GPL
Description : smtp flow co
In article <[EMAIL PROTECTED]> [EMAIL PROTECTED] writes:
>> session optional pam_tmpdir.so
>Another potential problem is if a run a suid (non-root) program that
>attempts to create a file in $TMP. But it's suid, so it doesn't run
>under my uid, and doesn't have permissions to write to $TMP. But I
hi,
On Thu, Nov 03, 2005 at 11:16:43PM -0500, Noah Meyerhans wrote:
> Within the security team, there has recently been some talk of pushing
> for per-user temp directories by default in etch. I'd like to see what
> people's reaction to such a proposal would be.
granted that i don't know the spe
hi!
I had just installed Debian-Netinst, because I
would a minimal installation of Debian.
I have a wish, I would add a new partition profile
to the installation (when the installer program askes if you want an automatic
partition and it displays only one choice,computer Desktop)
How ca
Dalibor Topic <[EMAIL PROTECTED]> wrote:
> Thank you for your contribution to Debian.
;-)
This spares me an upload today...
Regards, Frank
--
Frank Küster
Inst. f. Biochemie der Univ. Zürich
Debian Developer
On Thu, Nov 03, 2005 at 12:48:53PM -0800, Erast Benson wrote:
> On Thu, 2005-11-03 at 12:18 -0800, Thomas Bushnell BSG wrote:
> > The GPL does not force developers to "contribute their changes back".
> > That's exactly the *point*.
> Lets assume you have GPL-ed project dpkg. Any change to foo.c mus
Michael Poole <[EMAIL PROTECTED]> wrote:
> Andrew Suffield writes:
>
>> On Thu, Nov 03, 2005 at 12:48:53PM -0800, Erast Benson wrote:
>>> CDDL works similar way, except on per-file basis.
>>
>> This is incomprehensible gibberish.
>
> This is unsupportable hyperbole. Erast's statement may be inapt
On Mon, Aug 29, 2005 at 11:41:47PM +1000, Hamish Moffatt wrote:
> On Mon, Aug 29, 2005 at 10:29:20AM +, Gerrit Pape wrote:
> > files. I haven't heard any reason yet why splitting the packages would
> > be a bad thing.
> >
> > And there's more advantages: it eases usage of different service
>
Package: wnpp
Severity: wishlist
Owner: Peter Eisentraut <[EMAIL PROTECTED]>
* Package name: ggz
Version : 0.0.12
Upstream Author : Josef Spillner <[EMAIL PROTECTED]>
* URL : http://www.ggzgamingzone.org/
* License : GPL
Description : libraries, games, and
On Fri, Nov 04, 2005 at 10:21:12AM +0100, Torreggiani Marcello wrote:
> hi!
Hello.
> I had just installed Debian-Netinst, because I would a minimal installation
> of Debian.
>
> I have a wish, I would add a new partition profile to the installation
> (when the installer program askes if you w
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, Nov 03, 2005 at 12:05:07AM +0100, Henning Makholm wrote:
> Scripsit Andreas Barth <[EMAIL PROTECTED]>
> > * Anthony Towns (aj@azure.humbug.org.au) [051101 17:23]:
> >> On Tue, Nov 01, 2005 at 12:41:09PM +0100, Henning Makholm wrote:
> >> > So,
Hi!
ekg2 consists of a main program, and a dozen or so plugins, currently
all in one package. Most of the dependancies come from shlibs, which
investigates both the main program and the plugins.
As it is with plugins, different people use different subsets of them.
Since the current setup causes
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Am Fr den 4. Nov 2005 um 5:16 schrieb Noah Meyerhans:
> Within the security team, there has recently been some talk of pushing
> for per-user temp directories by default in etch. I'd like to see what
That whould be no good idea for security environ
pe, 2005-11-04 kello 13:00 +0100, Klaus Ethgen kirjoitti:
> Am Fr den 4. Nov 2005 um 5:16 schrieb Noah Meyerhans:
> > Within the security team, there has recently been some talk of pushing
> > for per-user temp directories by default in etch. I'd like to see what
>
> That whould be no good idea
Klaus Ethgen <[EMAIL PROTECTED]> wrote:
> Am Fr den 4. Nov 2005 um 5:16 schrieb Noah Meyerhans:
>> Within the security team, there has recently been some talk of pushing
>> for per-user temp directories by default in etch. I'd like to see what
>
> That whould be no good idea for security enviro
On Fri, Nov 04, 2005 at 01:00:48PM +0100, Klaus Ethgen wrote:
> With tempdir in users home all applications like for example gpg write
> temporary files to this location which ends up unencrypted on a disk
...alongside the private keys in ~/.gnupg?
--
Jon Dowland
http://jon.dowland.name/
--
T
Frank Küster writes:
> Michael Poole <[EMAIL PROTECTED]> wrote:
>
>> Andrew Suffield writes:
>>
>>> On Thu, Nov 03, 2005 at 12:48:53PM -0800, Erast Benson wrote:
CDDL works similar way, except on per-file basis.
>>>
>>> This is incomprehensible gibberish.
>>
>> This is unsupportable hyperbole
* Wouter Verhelst:
>> Lets assume you have GPL-ed project dpkg. Any change to foo.c must be
>> contributed back to the community.
>
> No, that's not true.
>
> Any *distributed* changes to foo.c must be contributed back to the
> community.
Huh? Why do you think so?
--
To UNSUBSCRIBE, email to
Starting some time in the past month, dupload always gives this error
after checking the package and making the initial connection to the
anonymous FTP upload queue:
dupload fatal error: Can't upload (package).dsc: Illegal PORT command.
at /usr/bin/dupload line 508
Yet dput works fine.
Any sug
Michael Poole <[EMAIL PROTECTED]> wrote:
> Frank Küster writes:
>
>> Michael Poole <[EMAIL PROTECTED]> wrote:
>>
>>> Andrew Suffield writes:
>>>
On Thu, Nov 03, 2005 at 12:48:53PM -0800, Erast Benson wrote:
> CDDL works similar way, except on per-file basis.
This is incomprehens
Hi Petter, hi all,
(Sorry I didn't have time to watch your movies yet)
This thread turned to be very interesting in the light of the recent
discussion on -tetex-maint about TEXMF tree reorganization.
Petter Reinholdtsen <[EMAIL PROTECTED]> wrote:
> Or even better, ship the defaults in /usr/shar
On Fri, Nov 04, 2005 at 02:05:43PM +0100, Florian Weimer wrote:
> * Wouter Verhelst:
>
> >> Lets assume you have GPL-ed project dpkg. Any change to foo.c must be
> >> contributed back to the community.
> >
> > No, that's not true.
> >
> > Any *distributed* changes to foo.c must be contributed back
On Fri, Nov 04, 2005 at 12:17:52PM +0100, Marcin Owsiany wrote:
>
> Since there are currently 16 plugins, I don't want to investigate each
> one manually. Ideally, there would be a tool, which would run ldd on
> each plugin in turn and show the list of all direct and indirect
> dependancies (with
Wouter Verhelst writes:
> Any *distributed* changes to foo.c must be contributed back to the
> community.
That's not true either. Any distributed changes must be made available to
those to whom the changes were distributed. In practice changes usually
become available to the community but that i
Scripsit Steve Langasek <[EMAIL PROTECTED]>
> On Thu, Nov 03, 2005 at 12:05:07AM +0100, Henning Makholm wrote:
>> I have now a frst draft of a status-change mail system running. it
>> works from the archive mirror on merkel, [...]
> Thanks for running with this. Ideally, we would get this integ
Glenn Maynard <[EMAIL PROTECTED]> wrote:
> On Fri, Nov 04, 2005 at 02:05:43PM +0100, Florian Weimer wrote:
>> * Wouter Verhelst:
>>
>> >> Lets assume you have GPL-ed project dpkg. Any change to foo.c must be
>> >> contributed back to the community.
>> >
>> > No, that's not true.
>> >
>> > Any *di
On Thu, Nov 03, 2005 at 12:32:08PM -0800, Erast Benson wrote:
> today. may be not tomorrow. People are smart enough to not discard
> non-glibc ports and will come up with the solution.
Why don't you use glibc then? Your problem would be solved.
Debian GNU/kFreeBSD uses glibc according to their web
On Fri, Nov 04, 2005 at 08:19:32AM -0500, Adam Kessel wrote:
> Starting some time in the past month, dupload always gives this error
> after checking the package and making the initial connection to the
> anonymous FTP upload queue:
>
> dupload fatal error: Can't upload (package).dsc: Illegal POR
On Wed, Nov 02, 2005 at 06:21:41PM +0100, Gabor Gombas wrote:
> On Thu, Nov 03, 2005 at 12:11:32AM +1100, Hamish Moffatt wrote:
>
> > I read all of your points as criticisms of Linux. That is disappointing.
>
> Why is criticism disappointing? The goals of Linux and the Linux
> development model d
On Fri, Nov 04, 2005 at 01:16:31PM +0100, Frank K?ster wrote:
> What do the security people mean with per-user temp directories? It's
> clear that $HOME/tmp would be bad, but /tmp/$USERNAME/ with proper
> permissions doesn't sound so awkward.
Sorry for not being more clear. The default (only?) b
On Fri, Nov 04, 2005 at 01:00:48PM +0100, Klaus Ethgen wrote:
> That whould be no good idea for security environment where you do
> special think to secure /tmp (make it in memory and encrypt swap). With
> tempdir in users home all applications like for example gpg write
> temporary files to this l
On Fri, Nov 04, 2005 at 08:12:39AM +0100, Javier Fern?ndez-Sanguino Pe?a wrote:
> > There are a number of outstanding "insecure tempfile vulnerabilities",
> > and there has been some talk that they're both too numerous and of low
> > enough impact that they're not even worth releasing DSAs for. Ne
* Glenn Maynard ([EMAIL PROTECTED]) [051104 14:40]:
> On Fri, Nov 04, 2005 at 02:05:43PM +0100, Florian Weimer wrote:
> > * Wouter Verhelst:
> >
> > >> Lets assume you have GPL-ed project dpkg. Any change to foo.c must be
> > >> contributed back to the community.
> > >
> > > No, that's not true.
>
Re: Noah Meyerhans in <[EMAIL PROTECTED]>
> Sorry for not being more clear. The default (only?) behavior of
> libpam_tmpdir is to set $TMP and $TMPDIR to /tmp/user/$UID.
The only difficult point I can see is that (the same) $TMPDIR should
also be available in chroots. I bind-mount /tmp in my chro
On Fri, 4 Nov 2005, Lars Wirzenius wrote:
I don't think the suggestion was to make TMP=~/tmp, but TMP=/tmp/$USER,
where /tmp/$USER is owned by the user in question and is inaccessible to
others.
It would be a lot better to use TMP=/tmp/users/$USER, as user names are
pretty likely to clash with
>> Starting some time in the past month, dupload always gives this error
>> after checking the package and making the initial connection to the
>> anonymous FTP upload queue:
>>
>> dupload fatal error: Can't upload (package).dsc: Illegal PORT command.
>> at /usr/bin/dupload line 508
>>
>> Yet d
This one time, at band camp, Adam Kessel said:
> Starting some time in the past month, dupload always gives this error
> after checking the package and making the initial connection to the
> anonymous FTP upload queue:
>
> dupload fatal error: Can't upload (package).dsc: Illegal PORT command.
>
Daniel Ruoso <[EMAIL PROTECTED]> writes:
> Em Qui, 2005-11-03 às 21:39 +0200, Yavor Doganov escreveu:
>> At Thu, 3 Nov 2005 02:38:51 -0800 (PST), Nick Jacobs wrote:
>> > You mean, it's seriously been proposed that a significant amount of
>> > work should be done to restore support for a processor
On Fri, Nov 04, 2005 at 02:49:44PM +0100, Francesco P. Lovergine wrote:
> On Fri, Nov 04, 2005 at 12:17:52PM +0100, Marcin Owsiany wrote:
> >
> > Since there are currently 16 plugins, I don't want to investigate each
> > one manually. Ideally, there would be a tool, which would run ldd on
> > each
Wouter Verhelst <[EMAIL PROTECTED]> writes:
> On Thu, Nov 03, 2005 at 12:48:53PM -0800, Erast Benson wrote:
>> On Thu, 2005-11-03 at 12:18 -0800, Thomas Bushnell BSG wrote:
>> > The GPL does not force developers to "contribute their changes back".
>> > That's exactly the *point*.
>> Lets assume yo
On Fri, Nov 04, 2005 at 09:51:19AM -0500, Noah Meyerhans wrote:
> > Where was that talk done? I've been the one auditing that and there have
> > been
> > DSAs for most of the bugs I've reported to the audit team. Granted, they are
> > not being issued inmediately (I usually provide the report and
On Wed, Nov 02, 2005 at 11:30:20AM +0100, Peter Van Eynde wrote:
> Hello,
>
> Mea culpa. I did a stupid thing with sbcl: in version 1:0.9.6.0-1 I used the
> following construction:
[...]
> So is there anything else I can do?
Yes, bootstrap it once for each arch manually. This really is
someth
On Fri, 4 Nov 2005 01:42:08 -0500, Joey Hess <[EMAIL PROTECTED]> said:
> One problem I have experienced is that if I manually start cups via
> its init script, as root, the cups daemon ends up running as a less
> privliged user that cannot write to /root/tmp, and the failure mode is
> quite horrib
On Thu, Nov 03, 2005 at 08:49:35PM -0500, Michael Poole wrote:
> Only quoting the first part of the second definition changes the
> meaning significantly -- but that is what is necessary to make it
> apply at all.
Complete bullshit. Get a life.
--
.''`. ** Debian GNU/Linux ** | Andrew Suffie
On Fri, 4 Nov 2005, Christian Perrier wrote:
> >
> > As for relicensing it, fuck off. I need to find a ClueBat(tm) attachment
> > for
> > the Sodomotron 2000.
> >
>
> ...which could certainly have been written:
>
>
> As one of the dpkg authors, I do not intent to relicence it.
>
>
> I actual
On Fri, Nov 04, 2005 at 06:35:03PM +0100, Kurt Roeckx wrote:
> On Wed, Nov 02, 2005 at 11:30:20AM +0100, Peter Van Eynde wrote:
> > Hello,
> >
> > Mea culpa. I did a stupid thing with sbcl: in version 1:0.9.6.0-1 I used
> > the
> > following construction:
> [...]
> > So is there anything else I
Gabor Gombas <[EMAIL PROTECTED]> writes:
> On Sat, Oct 29, 2005 at 10:21:13PM -0700, Philippe Troin wrote:
>
> > An other issue that always annoyed me is that assuming a NIS server
> > and a NIS client which both install say exim. I want to give some
> > users membership in the group Debian-exim
Thomas Bushnell BSG wrote:
> Wouter Verhelst <[EMAIL PROTECTED]> writes:
>
> > On Thu, Nov 03, 2005 at 12:48:53PM -0800, Erast Benson wrote:
> >> On Thu, 2005-11-03 at 12:18 -0800, Thomas Bushnell BSG wrote:
> >> > The GPL does not force developers to "contribute their changes back".
> >> > That's
Package: wnpp
Severity: wishlist
Owner: Paul Wise <[EMAIL PROTECTED]>
* Package name: etl-dev
Version : 0.04.06
Upstream Author : Robert B. Quattlebaum Jr. <[EMAIL PROTECTED]>
* URL : http://www.deepdarc.com/2005/11/01/synfig-developer-preview/
* License : GPL
Package: wnpp
Severity: wishlist
Owner: Mohammed Sameer <[EMAIL PROTECTED]>
* Package name: unidesc
Version : 2.15.1
Upstream Author : Bill Poser
* URL : http://billposer.org/Software/unidesc.html
* License : GPL
Description : Programs for finding out what
On Fri, Nov 04, 2005 at 02:27:38PM +0100, Frank Küster wrote:
> Michael Poole <[EMAIL PROTECTED]> wrote:
>> The CDDL (based as it is on the MPL) allows you to mix
>> CDDL-licensed files in a project with files under CDDL-incompatible
>> licenses and distribute the resulting executable.
> Sorry, I
[Frank Küster]
> Actually that wouldn't be hard for teTeX, since it looks for
> texmf.cnf at multiple places and reads them all. Even the order is
> as intended - a file in /etc/texmf would override settings from the
> file in /usr/share/texmf.
Very good. Should make it possible to implement a
On Fri, Nov 04, 2005 at 03:54:01PM +0100, Andreas Barth wrote:
> * Glenn Maynard ([EMAIL PROTECTED]) [051104 14:40]:
> > On Fri, Nov 04, 2005 at 02:05:43PM +0100, Florian Weimer wrote:
> > > * Wouter Verhelst:
> > >
> > > >> Lets assume you have GPL-ed project dpkg. Any change to foo.c must be
> >
Package: wnpp
Severity: wishlist
Owner: Paul Wise <[EMAIL PROTECTED]>
* Package name: synfig
Version : 0.61.00-38
Upstream Author : Robert B. Quattlebaum Jr. <[EMAIL PROTECTED]>
* URL : http://www.synfig.com/
* License : GPL
Description : vector-based 2D a
Package: wnpp
Severity: wishlist
Owner: Paul Wise <[EMAIL PROTECTED]>
Package: wnpp
Severity: wishlist
Owner: Paul Wise <[EMAIL PROTECTED]>
* Package name: synfigstudio
Version : 0.61.00-39
Upstream Author : Robert B. Quattlebaum Jr. <[EMAIL PROTECTED]>
* URL : http://
Hi,
I knew you would read this mail considering the subject. ;-)
Below is a list of 311 packages that currently have a version in
unstable that is not properly reflected by the existence of an
orig.tar.gz file (that's 3.3% of the whole sid archive).
Feel free to point me to false positives, as I
* Frank Küster:
>> Because that's what the GPL says, in relatively plain language.
>
> I cannot find it there. Moreover, if it was in there, the GPL would
> fail the Dissident test and the Dessert Island test.
The GPL does fail the Dissident test because it does not permit
anonymous changes.
Scripsit Florian Weimer <[EMAIL PROTECTED]>
> The GPL does fail the Dissident test because it does not permit
> anonymous changes.
Your copy of the GPL must have been garbled in transmission.
Please fetch a fresh copy from a trusted source.
--
Henning Makholm "Gå ud i solen eller regne
On Fri, Nov 04, 2005 at 06:21:09PM +0100, Javier Fernández-Sanguino Peña wrote:
> A final point for consideration: libpam_tmpdir is not going to drive symlink
> attacks through temporary files away. There are packages that use temporary
> directories but are _not_ tmp. Some examples: the system's
Scripsit Steve Langasek <[EMAIL PROTECTED]>
> If you're interested in making this happen I'll be happy to give
> you any info I can;
OK, here are some questions.
1) The copy of britney in merkel:/org/ftp.debian.org/ does not seem
to be synced regularly. Is there a place where one can see th
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Erast Benson <[EMAIL PROTECTED]> writes:
> On Thu, 2005-11-03 at 22:19 +0100, Adam Borowski wrote:
>> Or, *freedoms*. If a hardware vendor wants to profit from Linux users,
>> they need to lift the limitations on the access to knowledge about their
Frank Küster wrote:
> Because one of the changes in the new version was crucial for the
> function of the program, the postinst script fails to initialize it, and
> the whole installation process fails.
I agree this is the right thing to happen. A package which has been
configured is expected to
On Fri, 04 Nov 2005, Bernd Eckenfels wrote:
> starts them. I suspect it is doing that because there is a bootflag on the
> partition. I am not sure if the kernel can du that for all devices it auto
It looks for all type 0xFD partitions.
> detected (i havd md0 on sda1/sdb1 and md1 on sda2/sdb2, on
On Thu, 3 Nov 2005 23:16:43 -0500, Noah Meyerhans <[EMAIL PROTECTED]> said:
> Within the security team, there has recently been some talk of
> pushing for per-user temp directories by default in etch. I'd like
> to see what people's reaction to such a proposal would be.
> session optional pam_t
On Thu, Nov 03, 2005 at 01:20:06PM -0500, Nathanael Nerode wrote:
> Steve Langasek wrote:
> > We're only talking about keeping old binary packages around which
> > are no longer available from the new source package, which is precisely the
> > case that is at issue with library transitions.
> Ahhh
In article <[EMAIL PROTECTED]> you wrote:
> It will autorun/enable *all* md devices it can, not just md0. All of them
> will be available to bootstrap, and telling the kernel (through the command
> line) to mount a root partition in /dev/md1 will work just fine). This was
> true the last time I tr
On Wed, Nov 02, 2005 at 02:40:07PM +0100, Loïc Minier wrote:
> On Wed, Nov 02, 2005, Steve Langasek wrote:
> > For the record: there currently is not a 0-day NMU policy in effect. There
> > was a 0-day NMU policy through the sarge release, and there are 0-day NMU
> > policies during BSPs, but the
On Thursday 03 November 2005 20.51, Erast Benson wrote:
> HW vendors will *never* open their IP in
> drivers.
Ok, this becomes a bit OT here, but let me just remark that Linux today
supports a *lot* of hardware, and that quite a few drivers (some RAID
controllers, Intel SATA stuff, most of the S
On Friday 04 November 2005 19.00, Andrew Suffield wrote:
> Complete bullshit. Get a life.
Ahhh, yet another instance of asuffield.
-- vbi
--
featured product: GNU Privacy Guard - http://gnupg.org
pgpToLVOlXVEk.pgp
Description: PGP signature
On Friday 04 November 2005 14.33, John Hasler wrote:
> Wouter Verhelst writes:
> > Any *distributed* changes to foo.c must be contributed back to the
> > community.
>
> That's not true either. Any distributed changes must be made available
> to those to whom the changes were distributed. In pract
On Fri, Nov 04, 2005 at 10:13:50PM +0100, Roland Stigge wrote:
> I knew you would read this mail considering the subject. ;-)
> Below is a list of 311 packages that currently have a version in
> unstable that is not properly reflected by the existence of an
> orig.tar.gz file (that's 3.3% of the w
72 matches
Mail list logo
