On Tue, 10 Aug 2021 at 15:19:10 -0700, Josh Triplett wrote:
> Bastien Roucariès wrote:
> > I suppose that [EFI] will be x86_64-efi-none (or maybe x86_64-windows-efi
> > ) and
> > i686-uefi-none ?
It's certainly not x86_64-windows-efi. The EFI environment isn't Windows
(even though it borrows
On 11.08.21 08:46, Marc Haber wrote:
On Wed, 11 Aug 2021 01:09:29 -0400, Calum McConnell
wrote:
On Wed, 2021-08-11 at 00:51 +, Paul Wise wrote:
On Tue, Aug 10, 2021 at 5:38 PM Andrey Rahmatullin wrote:
"So, Arch Linux, one of the main reasons, there's a couple, but the
main
reason is t
Dear Debian Team,
hopefully I am writing this to the right email address. (In case I am not, I
would be happy about being refered.) Recently I got interested in operating
systems. Now I want to try to experiment with modifying one.
Is the complete source code of any Debian Version available so
Le 11/08/2021 à 13:34, Horler, Johannes a écrit :
> Dear Debian Team,
>
>
> hopefully I am writing this to the right email address. (In case I am
> not, I would be happy about being refered.) Recently I got interested in
> operating systems. Now I want to try to experiment with modifying one.
>
On 8/11/21 7:34 AM, Horler, Johannes wrote:
Dear Debian Team,
hopefully I am writing this to the right email address. (In case I am
not, I would be happy about being refered.) Recently I got interested
in operating systems. Now I want to try to experiment with modifying one.
Is the complet
On Wed, Aug 11, 2021 at 11:34:27AM +, Horler, Johannes wrote:
> Dear Debian Team,
>
>
> hopefully I am writing this to the right email address. (In case I am
> not, I would be happy about being refered.) Recently I got interested in
> operating systems. Now I want to try to experiment with mo
Am Mittwoch, 11. August 2021, 13:34:27 CEST schrieb Horler, Johannes:
Hi Johannes,
every code of every debian package in debian/main is downloadable from the
repo.
You also get all needed stuff for the most used compiler and interpereter
languages, C, python, perl, lua, java, whatever you want
On Tue, Aug 10, 2021 at 03:19:10PM -0700, Josh Triplett wrote:
>Bastien Roucariès wrote:
>> I am going to compile shell.efi from source.
>>
>> I whish to install to something stable, but I need an arch triplet in order
>> to
>> put in a multiarch (like) location.
>>
>> I suppose that it will be
❦ 11 August 2021 11:27 +02, Steffen Möller:
> I have no exact idea what to change, though. A rolling Debian would be
> cool, yes, but also a bit late when compared with environments that
> Conda offers or the ease that comes with multiple installations of conda
> to e.g. avoid name conflicts. If
On Wed, Aug 11, 2021 at 04:08:13PM +0200, Vincent Bernat wrote:
> I think we have more systemic issues. I am quite impressed how Nix/NixOS
> is able to pull so many packages and modules with so few people. But
> they use only one workflow, one way to package, one init system, etc.
> Looking at Arch
On 2021-08-11 14:08 +0200, Hans wrote:
> And best: It is all GPL licensed,
It's all free software, but many licences are used, not just the GPL.
Wookey
--
Principal hats: Linaro, Debian, Wookware, ARM
http://wookware.org/
signature.asc
Description: PGP signature
Hi Wouter,
sorry for the late reply but I think it's still relevant...
(just thus rather leaving almost full quote as context.)
On Thu, Jul 08, 2021 at 11:25:26AM +0200, Wouter Verhelst wrote:
> On Mon, Jul 05, 2021 at 12:31:10PM +, Holger Levsen wrote:
> > On Mon, Jul 05, 2021 at 02:09:36PM
On Wed, Aug 11, 2021 at 12:24 PM Xavier wrote:
> Second: a lot of package have also their public source repo. See
> https://tracker.debian.org and follow "VCS" links to access to
> git/svn/... repo.
Aside from the VCS links on packages that use a VCS, the package
tracker also links to sources.de
I am fine with Debian's release cycle but It would be nice to see more
packages. For example Debian is missing KDE's Amarok music manager. I
am happy to see Debian 11 gained KDE Elisa music manager. I am sad to
see that VirtualBox is not available on Debian 11. I had to jerry-rig
it using the Ubunt
All,
I just ran across this article
https://blog.ikuamike.io/posts/2021/package_managers_privesc/ I tested
the attacks on Debian 11 and they work successfully giving me a root
shell prompt.
Tim
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Wed, 2021-08-11 at 23:30 -0400, Timothy M Butterworth wrote:
> All,
>
> I just ran across this article
> https://blog.ikuamike.io/posts/2021/package_managers_privesc/ I tested
> the attacks on Debian 11 and they work successfully giving me a root
On Thu, Aug 12, 2021 at 3:22 AM Timothy M Butterworth wrote:
> Debian is missing KDE's Amarok music manager.
Amarok was removed as it required the obsolete Qt 4 library. Now that
upstream has finally ported it to Qt5, it could be reintroduced to
Debian.
https://tracker.debian.org/pkg/amarok
http
Timothy M Butterworth:
> All,
>
> I just ran across this article
> https://blog.ikuamike.io/posts/2021/package_managers_privesc/ I tested
> the attacks on Debian 11 and they work successfully giving me a root
> shell prompt.
>
> Tim
>
Hi Tim,
All of the attacks presented assumes that the local
On Wed, Aug 11, 2021 at 11:30:27PM -0400, Timothy M Butterworth wrote:
> I just ran across this article
> https://blog.ikuamike.io/posts/2021/package_managers_privesc/ I tested
> the attacks on Debian 11 and they work successfully giving me a root
> shell prompt.
I don't think calling this "privile
On Wed, Aug 11, 2021 at 10:55:44PM -0500, Brian Thompson wrote:
> Thank you for bringing this to everyone's attention. This are very real
> vulnerabilities.
How are they vulnerabilities?
> NPM has similar issues with stopping malicious packages from being
> published to the FTP server.
That's no
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Thu, 2021-08-12 at 07:38 +0200, Niels Thykier wrote:
> Timothy M Butterworth:
> > All,
> >
> > I just ran across this article
> > https://blog.ikuamike.io/posts/2021/package_managers_privesc/ I
> > tested
> > the attacks on Debian 11 and they wor
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Thu, 2021-08-12 at 10:44 +0500, Andrey Rahmatullin wrote:
> On Wed, Aug 11, 2021 at 10:55:44PM -0500, Brian Thompson wrote:
> > Thank you for bringing this to everyone's attention. This are very
> > real
> > vulnerabilities.
> How are they vulner
On Thu, Aug 12, 2021 at 01:12:37AM -0500, Brian Thompson wrote:
> Would you agree that there is an issue with sudo access that is enabled
> by default on most Debian and Debian-based distributions? The bug may
> not be in apt, but it definitely lives somewhere.
Do you think "sudo access" itself is
On Thu, Aug 12, 2021 at 01:17:03AM -0500, Brian Thompson wrote:
> > > Thank you for bringing this to everyone's attention. This are very
> > > real
> > > vulnerabilities.
> > How are they vulnerabilities?
> They are vulnerabilities because the user is susceptible to this kind of
> attack by defaul
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On Thu, 2021-08-12 at 11:19 +0500, Andrey Rahmatullin wrote:
> On Thu, Aug 12, 2021 at 01:12:37AM -0500, Brian Thompson wrote:
> > Would you agree that there is an issue with sudo access that is
> > enabled
> > by default on most Debian and Debian-ba
❦ 12 August 2021 10:39 +05, Andrey Rahmatullin:
>> I just ran across this article
>> https://blog.ikuamike.io/posts/2021/package_managers_privesc/ I tested
>> the attacks on Debian 11 and they work successfully giving me a root
>> shell prompt.
> I don't think calling this "privilege escalation"
On Thu, Aug 12, 2021 at 08:32:14AM +0200, Vincent Bernat wrote:
> >> I just ran across this article
> >> https://blog.ikuamike.io/posts/2021/package_managers_privesc/ I tested
> >> the attacks on Debian 11 and they work successfully giving me a root
> >> shell prompt.
> > I don't think calling this
On Thu, Aug 12, 2021 at 01:25:06AM -0500, Brian Thompson wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> On Thu, 2021-08-12 at 11:19 +0500, Andrey Rahmatullin wrote:
> > On Thu, Aug 12, 2021 at 01:12:37AM -0500, Brian Thompson wrote:
> > > Would you agree that there is an issue with
❦ 12 August 2021 11:38 +05, Andrey Rahmatullin:
>> >> I just ran across this article
>> >> https://blog.ikuamike.io/posts/2021/package_managers_privesc/ I tested
>> >> the attacks on Debian 11 and they work successfully giving me a root
>> >> shell prompt.
>> > I don't think calling this "privile
29 matches
Mail list logo
