Your message dated Sun, 13 Oct 2013 09:54:29 +0000
with message-id <[email protected]>
and subject line Bug#725883: Removed package(s) from unstable
has caused the Debian Bug report #477623,
regarding xemacs21-bin: fix to bug 177236 is bogus -- please do not disable
inet connections
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
477623: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=477623
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: xemacs21-bin
Version: 21.4.21-3
Severity: normal
The fix to 177236 is completely bogus (and yes, I do use connection
over the net, because, well, it works over the net[1]). For a start,
the manpage still states that you can use MIT-MAGIC-COOKIE-1 and
GNU_PORT and GNU_HOST environment variables.
Secondly, it would be completely consistent with the manpage, and
indeed sensible, to look for an xauth listing with the $IPADDR:999, or
the presence of a file in the $GNU_SECURE environment variable and
only bind then. In fact, *THAT IS WHAT GNUSERV APPEARS TO DO*[2]. No
xauth listing with an appropriate :999, and the user obviously doesn't
want an inet connection. If they have set a :999, then they obviously
do, and they would be responsible for any security. Just like it
should be. To disable it outright because there might be an
unknown[3] security hole is just silly. Might as well not allow ssh
to bind to a port 22 either.
Please reenable INTERNET_DOMAIN_SOCKETS. Thankyou.
[1] And you can always run multiple copies like I do, by invoking it
via a script that chooses what GNU_PORT to run on -- works better than
working out how to supply a differing socket
[2] In fact, one has to wonder what the original reporter was doing to
create a socket, since setup_table() in gnuserv.c only returns non
zero if there is a XAUTH match via line 618, or if there is a host
match in the GNU_SECURE file. So the user must have set one of these,
*IN WHICH CASE THEY WERE ASKING FOR AN INTERNET CONNECTION*.
[3] And unlikely. Since the first thing it does is to check whether
the host is permitted to connect via having the requisite :999 xauth
listing or a GNU_SECURE file, it should be fairly trivial to *prove*
its correctness rather than to remove outright functionality.
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1,
'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.24 (SMP w/2 CPU cores)
Locale: LANG=en_AU, LC_CTYPE=en_AU (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash
Versions of packages xemacs21-bin depends on:
ii libc6 2.7-10 GNU C Library: Shared libraries
ii libdb4.6 4.6.21-7 Berkeley v4.6 Database Libraries [
ii libgpmg1 1.20.3~pre3-3 General Purpose Mouse - shared lib
ii libice6 2:1.0.4-1 X11 Inter-Client Exchange library
ii libldap-2.4-2 2.4.7-6.2 OpenLDAP libraries
ii libncurses5 5.6+20080419-1 Shared libraries for terminal hand
ii libsm6 2:1.0.3-1+b1 X11 Session Management library
ii libx11-6 2:1.0.3-7 X11 client-side library
ii libxau6 1:1.0.3-2 X11 authorisation library
ii libxext6 2:1.0.4-1 X11 miscellaneous extension librar
ii libxmu6 2:1.0.4-1 X11 miscellaneous utility library
ii libxt6 1:1.0.5-3 X11 toolkit intrinsics library
ii xemacs21-support 21.4.21-3 highly customizable text editor --
xemacs21-bin recommends no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
Version: 21.4.22-4+rm
Dear submitter,
as the package xemacs21 has just been removed from the Debian archive
unstable we hereby close the associated bug reports. We are sorry
that we couldn't deal with your issue properly.
For details on the removal, please see http://bugs.debian.org/725883
The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.
This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
[email protected].
Debian distribution maintenance software
pp.
Ansgar Burchardt (the ftpmaster behind the curtain)
--- End Message ---
