Re: Script to tell if Qpopper is running.
Pol, Thanks for the hint... "mon" just alerts you, I have a program that does that already BUT "monit" looks like it might work! Again, thanks! Ken On Sat, 23 Nov 2013, Pol Hallen wrote: Has anyone written a script that will run under a cron job that checks to make sure that the pop3 server is running and if not will restart it? apt-get install mon Pol -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/528fe336.1050...@fuckaround.org -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/pine.lnx.4.64.1311230041090.14...@mail.pcez.com
Re: MIT discovered issue with gcc
Hi Andrew, hi all, > I understand that Debian has a bunch of vulnerabilities as described in > the following PDF. > > http://pdos.csail.mit.edu/~xi/papers/stack-sosp13.pdf > > Just a small quote: > > "This paper presents the first systematic approach for > reasoning about and detecting unstable code. We implement > this approach in a static checker called Stack, and > use it to show that unstable code is present in a wide > range of systems software, including the Linux kernel and > the Postgres database. We estimate that unstable code > exists in 40% of the 8,575 Debian Wheezy packages that > contain C/C++ code. We also show that compilers are > increasingly taking advantage of undefined behavior for > optimizations, leading to more vulnerabilities related to > unstable code." This should be taken with a grain of salt. (I'm doing research in the area of automated software analysis myself.) It clearly is a well-written paper with a nice tool. Yet "unstable code" results from code that would otherwise be considered bogus anyway (they give a nice list in Figure 3 in their paper), thus it is not necessarily the case that compilers introduce completely new bugs - they just might make the existing ones worse. The use of the term "vulnerabilities" could be very misleading here: not all bugs yield security issues - many of them might just lead to unexpected behaviour, and not be exploitable to gain elevated privileges or the like. Consider the fact that Debian's source packages contain more than 200 million lines of code. If we trust Steve McConnell's "Code Complete" book, industry average lies at 15-50 errors per 1000 lines of code, which is more than 1 in 100 lines. In a very simplified way of reasoning, I'd dare to conclude that at least 2 million further bugs remain to be discovered. > > This looks very serious indeed, but a quick search of Debian mailing > lists didn't show anything being acknowledged for this issue should > Debian users be concerned? > Probably not more than before, but as much as always: you are using code that hasn't be proved to be correct. But with open-source software at least you know what code you are using, and which bugs are being found. Hope this helps, Michael pgpBNu5wEeJR_.pgp Description: PGP signature
php 5.2 on debian wheezy
All, An application we're using is in need for php5.2 and we lack the time to make it work with the latest version. google search shows a lot of 5.3 to 5.2 downgrade for squeeze but not for wheezy naturally. May i ask if anyone has done so recently, and if you could provide a how to? Thanks
Re: MIT discovered issue with gcc
On Sat, Nov 23, 2013 at 6:18 AM, Michael Tautschnig wrote: > > > > > This looks very serious indeed, but a quick search of Debian mailing > > lists didn't show anything being acknowledged for this issue should > > Debian users be concerned? > > > > Probably not more than before, but as much as always: you are using code > that > hasn't be proved to be correct. But with open-source software at least you > know > what code you are using, and which bugs are being found. > What I have told people in presentations is that "the only truly secure computer is one that is turned off, unplugged, packed in concrete, and fired into the sun." Any program at a level not very much above Hello World in the language of your choice is likely to have bugs. I mean, you would have to swear off all software, turn off your computers, get rid of your cell phone, etc. At this point, I'm not quite willing to go that far. As Michael said, it's something to be aware of, but not something to keep you awake at night worrying. --b
Re: MIT discovered issue with gcc
Deja gnu? On Sat, Nov 23, 2013 at 10:34 AM, Andrew McGlashan wrote: > Hi, > > The following link shows the issue in a nutshell: > > http://www.securitycurrent.com/en/research/ac_research/mot-researchers-uncover-security-flaws-in-c > > [it refers to the PDF that I mentioned] > > -- > Kind Regards > AndrewM I seem to remember discussing the strange optimizations that optimized away range checks because the code that was being firewalled "had to be correct". Ten years ago, it was engineers that understood pointers but didn't understand logic. This time around, maybe it's a new generation of sophomoric programmers, or maybe we have moles in our ranks. The sky is not falling, but it sounds like I don't want to waste my time with Clang yet. And I probably need to go make myself persona non-grata again in some C language forums -- Joel Rees Be careful where you see conspiracy. Look first in your own heart. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/caar43io_4l7+vil8vqzpzro+fdm1vhpphepomp88hiwbn+f...@mail.gmail.com
Installing Debian inside Windows 7 utilizing VirtualBox
Hi Members,
I would like to run Debian and test new software packages utilizing Debian
as a virtual environment. inside my Windows 7 OS. I would like to be able
to install Debian in this fashion and have the ability to utilize a Debian
GUI desktop as well.
Question #1 please:
Would kindly like to know if Oracle's VM VirtualBox is the recommended
"virtualization software package" to install to accomplish this procedure.
Question #2 please:
Which "Stable" version of Debian ("Squeeze" or "Wheezy") is recommended
that would best serve this purpose?
I have been reading about VirtualBox and studying the steps involved to
install Debian in this manner. I'm sure I will have additional questions
but would simply like to start with my initial questions above.
A couple of how-to links I've discovered:
Installing with a GUI desktop:
https://jtreminio.com/2012/07/setting-up-a-debian-vm-step-by-step/
Installing without a GUI desktop
http://williamjturkel.net/2013/05/31/installing-debian-linux-in-a-vm/
Thank you
beaglebone black lxde hdmi problem
dear folks, installed debian wheezy 7.2 (http://rcn-ee.net/deb/rootfs/wheezy/) and additional lxde on a beaglebone black which works everytime as expected as long as i connect a pc monitor with a hdmi to dvi adapter to beaglebone's hdmi port but if i connect the hdmi port to my full hd tv my tv responds no device connected (even if i reboot beaglebone afterwards) if i than connect my pc monitor instead of the full hd tv (without a reboot between) i can see something but its not readable (like a wrong frequency) one important note, beaglebone is not able to provide sound with any resolutions over hdmi so i would need to have different settings please can you guide me to fix this issue? please correct me if this is the wrong list to solve the problem thank you br Andre -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/002501cee85b$e3962920$aac27b60$@chello.at
Re: MIT discovered issue with gcc
Aren't many of the constructs used as examples in the paper are commonly
used in c programming. For example it is very common to see a function
that has a pointer as a parameter defined as:
int func(void *ptr)
{
if(!ptr) return SOME_ERROR;
/* rest of function*/
return 1;
}
Isn't it interesting that their one example will potentially dereference
the null pointer even before compiler optimizations (from the paper):
struct tun_struct *tun=;
struct sock *sk = tun->sk;
if(*tun) return POLLERR;
The check to see that tun is non-null should occur before use, as in -
quite frankly it is useless to check after as tun cannot be the null
pointer (the program hasn't crashed):
struct tun_struct *tun=;
if(*tun) return POLLERR;
struct sock *sk = tun->sk;
I am under the impression that these problems are rather widely known among
c programmers (perhaps not the kids fresh out of college). But this is why
teams need to have experienced people.
Furthermore, it is very common to find code that works before optimization,
and fails at certain optimization levels. Recently, I was compiling a
library that failed its own tests under the optimization level set in the
makefile but passed its own test at a lower level of optimization.
PS: I liked their first example, as it appears to be problematic.
On Sat, Nov 23, 2013 at 8:17 AM, Joel Rees wrote:
> Deja gnu?
>
> On Sat, Nov 23, 2013 at 10:34 AM, Andrew McGlashan
> wrote:
> > Hi,
> >
> > The following link shows the issue in a nutshell:
> >
> >
> http://www.securitycurrent.com/en/research/ac_research/mot-researchers-uncover-security-flaws-in-c
> >
> > [it refers to the PDF that I mentioned]
> >
> > --
> > Kind Regards
> > AndrewM
>
> I seem to remember discussing the strange optimizations that optimized
> away range checks because the code that was being firewalled "had to
> be correct".
>
> Ten years ago, it was engineers that understood pointers but didn't
> understand logic. This time around, maybe it's a new generation of
> sophomoric programmers, or maybe we have moles in our ranks.
>
> The sky is not falling, but it sounds like I don't want to waste my
> time with Clang yet. And I probably need to go make myself persona
> non-grata again in some C language forums
>
> --
> Joel Rees
>
> Be careful where you see conspiracy.
> Look first in your own heart.
>
>
> --
> To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmas...@lists.debian.org
> Archive:
> http://lists.debian.org/caar43io_4l7+vil8vqzpzro+fdm1vhpphepomp88hiwbn+f...@mail.gmail.com
>
>
Re: Script to tell if Qpopper is running.
On Nov 23, 2013, at 1:43 AM, Account for Debian group mail wrote: > "monit" looks like it might work! Monit runs here. It does restart stuff, among a lot of other cool things... -- Glenn English Disclaimer: Any disclaimer attached to this message may be ignored. smime.p7s Description: S/MIME cryptographic signature
Re: MIT discovered issue with gcc
Second question:
Doesn't memcpy allow for overlapping memory, but strcpy does not? Isn't
this why memcpy is preferred over strcpy?
On Sat, Nov 23, 2013 at 10:09 AM, Robert Baron <
robertbartlettba...@gmail.com> wrote:
> Aren't many of the constructs used as examples in the paper are commonly
> used in c programming. For example it is very common to see a function
> that has a pointer as a parameter defined as:
>
> int func(void *ptr)
> {
> if(!ptr) return SOME_ERROR;
> /* rest of function*/
> return 1;
> }
>
> Isn't it interesting that their one example will potentially dereference
> the null pointer even before compiler optimizations (from the paper):
>
> struct tun_struct *tun=;
> struct sock *sk = tun->sk;
> if(*tun) return POLLERR;
>
> The check to see that tun is non-null should occur before use, as in -
> quite frankly it is useless to check after as tun cannot be the null
> pointer (the program hasn't crashed):
>
> struct tun_struct *tun=;
> if(*tun) return POLLERR;
> struct sock *sk = tun->sk;
>
> I am under the impression that these problems are rather widely known
> among c programmers (perhaps not the kids fresh out of college). But this
> is why teams need to have experienced people.
>
> Furthermore, it is very common to find code that works before
> optimization, and fails at certain optimization levels. Recently, I was
> compiling a library that failed its own tests under the optimization level
> set in the makefile but passed its own test at a lower level of
> optimization.
>
> PS: I liked their first example, as it appears to be problematic.
>
>
>
> On Sat, Nov 23, 2013 at 8:17 AM, Joel Rees wrote:
>
>> Deja gnu?
>>
>> On Sat, Nov 23, 2013 at 10:34 AM, Andrew McGlashan
>> wrote:
>> > Hi,
>> >
>> > The following link shows the issue in a nutshell:
>> >
>> >
>> http://www.securitycurrent.com/en/research/ac_research/mot-researchers-uncover-security-flaws-in-c
>> >
>> > [it refers to the PDF that I mentioned]
>> >
>> > --
>> > Kind Regards
>> > AndrewM
>>
>> I seem to remember discussing the strange optimizations that optimized
>> away range checks because the code that was being firewalled "had to
>> be correct".
>>
>> Ten years ago, it was engineers that understood pointers but didn't
>> understand logic. This time around, maybe it's a new generation of
>> sophomoric programmers, or maybe we have moles in our ranks.
>>
>> The sky is not falling, but it sounds like I don't want to waste my
>> time with Clang yet. And I probably need to go make myself persona
>> non-grata again in some C language forums
>>
>> --
>> Joel Rees
>>
>> Be careful where you see conspiracy.
>> Look first in your own heart.
>>
>>
>> --
>> To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
>> with a subject of "unsubscribe". Trouble? Contact
>> listmas...@lists.debian.org
>> Archive:
>> http://lists.debian.org/caar43io_4l7+vil8vqzpzro+fdm1vhpphepomp88hiwbn+f...@mail.gmail.com
>>
>>
>
about MS email retrieve
Hi, My work email is Microsoft exchange one. It seems that the Microsoft exchange can be accessed either via outlook or webpage. I use icedove, currently has the ExQuilla plugin to retrieve email, but seems ExQuilla going to expire. So I wonder, how can I retrieve this email? what is interesting is that, we share the same account (username as well as password) in all servers, such as for the login of windows, for the HPC, for the email, even wireless connection. I wonder, how can they update and connect these in one big database? Since they shared the same account, and there is a local server here to collect Microsoft exchange email, I wonder, can I simply logged in this server and read these as some directory or something? Thanks ahead for your suggestions, BR, -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/5290c842.9020...@gmail.com
Re: MIT discovered issue with gcc
On 2013-11-23 15:18, Robert Baron wrote: > Second question: > > Doesn't memcpy allow for overlapping memory, but strcpy does not? Isn't > this why memcpy is preferred over strcpy? IIRC memcpy does not, but memmove does. See: http://linux.die.net/man/3/memcpy -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/5290ca48.4050...@gmxpro.net
Re: about MS email retrieve
Le 23/11/2013 16:22, lina a écrit : > Hi, > > My work email is Microsoft exchange one. It seems that the Microsoft > exchange can be accessed either via outlook or webpage. > > I use icedove, currently has the ExQuilla plugin to retrieve email, but > seems ExQuilla going to expire. > > So I wonder, how can I retrieve this email? What I do at work is use davmail (http://davmail.sourceforge.net). There is a debian package, and is needs that java is installed. Works fine with a exchange 2010 server through the webservice. Let's hope your mail admin allows the DAV/Webservice connection. It also works for calendar with lightning and the caldav definition of calendar. > > what is interesting is that, we share the same account (username as well > as password) in all servers, such as for the login of windows, for the > HPC, for the email, even wireless connection. > I wonder, how can they update and connect these in one big database? It's called a user databas used for authentication of all services. In a free world you would do this with a LDAP server, in MS world it is done with Active Directory (based on LDAP among other things). -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/5290d292.4060...@rail.eu.org
Re: MIT discovered issue with gcc
[...] > Isn't it interesting that their one example will potentially dereference > the null pointer even before compiler optimizations (from the paper): > > struct tun_struct *tun=; > struct sock *sk = tun->sk; > if(*tun) return POLLERR; > > The check to see that tun is non-null should occur before use, as in - > quite frankly it is useless to check after as tun cannot be the null > pointer (the program hasn't crashed): > [...] They do say in the paper that the code possibly dereferences a null pointer, irrespective of optimisation or not. Thus the code was always broken, it might just have been missed, because compilers could have considered reordering the instructions or maybe substitute the expression tun->sk for sk. Best, Michael pgpYayGM_Ly7b.pgp Description: PGP signature
Re: about MS email retrieve
On Sat, 23 Nov 2013 23:22:42 +0800 lina wrote: > Hi, > > My work email is Microsoft exchange one. It seems that the Microsoft > exchange can be accessed either via outlook or webpage. > > I use icedove, currently has the ExQuilla plugin to retrieve email, > but seems ExQuilla going to expire. > > So I wonder, how can I retrieve this email? > > what is interesting is that, we share the same account (username as > well as password) in all servers, such as for the login of windows, > for the HPC, for the email, even wireless connection. > I wonder, how can they update and connect these in one big database? > Since they shared the same account, and there is a local server here > to collect Microsoft exchange email, I wonder, can I simply logged in > this server and read these as some directory or something? > No. Exchange stores email in an encrypted relational database, and if certain things go wrong, *nobody* can read it. I have failed a couple of times to restore a broken mailbox, using the official MS tools, though they usually work. Exchange is a humungous beast, designed to provide appropriate security for military, medical and legal email (i.e. only US security services can read it) and everyone else, even a one-man-band using the Small Business Server, has to live with it as there are no MS alternatives. As Erwan has said, login to an MS domain is to a single login server (with replicated backups in larger organisations) which uses, basically, LDAP and Kerberos to issue time-limited tickets to authorise appropriate activities. With the right privileges, fairly standard LDAP tools can be used to query and manipulate the database. Generally, users won't have much in the way of privileges, and you shouldn't be able to login to any server directly. A couple of other possibilities, if the administrators are friendly: Exchange can also provide POP3 and IMAP4 connections, but these are not enabled by default. The Outlook interface, as you probably know, uses an undisclosed proprietary protocol which changes regularly. Outlook 2013 is not compatible with Exchange 2003 and earlier, for example, other than by the (probably reluctantly) standard POP3 or IMAP4. -- Joe -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20131123164134.7fe98...@jretrading.com
Re: about MS email retrieve
On 11/23/2013 06:41 PM, Joe wrote: > has to live with it as there are no MS alternatives. Not quite. Citadel and Kolab offer the same functionality, but in a more secure, modular architecture. Recently OpenChange is a transparent replacement: http://www.zentyal.org/2013/10/zentyal-launches-the-only-native-microsoft-exchange-replacement/ though hopefully it is not as insecure and bugridden. I don't know when, if or how it would be ported to Debian. Regards, /Lars -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/5290ef1f.6000...@gmail.com
Re: Installing Debian inside Windows 7 utilizing VirtualBox
On 24/11/13 01:52, Wally Lepore wrote:
> Hi Members,
>
> I would like to run Debian and test new software packages utilizing
> Debian as a virtual environment. inside my Windows 7 OS. I would like to
> be able to install Debian in this fashion and have the ability to
> utilize a Debian GUI desktop as well.
>
> Question #1 please:
> Would kindly like to know if Oracle's VM VirtualBox is the recommended
> "virtualization software package" to install to accomplish this procedure.
There is no officially "recommended" virtualization solution for running
Debian on a Windoof host.
My preference is to use VirtualBox, but there is at least one other
application that will do the job.
>
> Question #2 please:
> Which "Stable" version of Debian ("Squeeze" or "Wheezy") is recommended
> that would best serve this purpose?
Squeeze is no longer "stable", though it's a stable release.
Wheezy is the current "stable".
You can install the Debian release of your choice, be it Etch, Squeeze,
Sid, etc, or mixed.
I'd recommend Wheezy, but the "recommended" release would be determined
by what you want Debian to do. i.e. is it to run "production" purposes?
if so choose the current stable (Wheezy), does it need to support very
recent hardware? - if so you'd probably find testing or unstable a
better choice. Do you require specific versions of software? Then you
may have to pick the release that supports those versions.
>
> I have been reading about VirtualBox and studying the steps involved to
> install Debian in this manner. I'm sure I will have additional questions
> but would simply like to start with my initial questions above.
>
> A couple of how-to links I've discovered:
>
> Installing with a GUI desktop:
> https://jtreminio.com/2012/07/setting-up-a-debian-vm-step-by-step/
>
> Installing without a GUI desktop
> http://williamjturkel.net/2013/05/31/installing-debian-linux-in-a-vm/
>
> Thank you
>
>
Installing Debian into VirtualBox is simple, except for a couple of
quick, simple, choose and click options to create the VirtualBox machine
that you'll install Debian into the process is identical to installing
onto bare metal.
Create a new machine, choose Linux as the OS, select Debian as the Linux
type, agree to the default hard drive size or change it to suit your
needs, choose dynamic or fixed for drive size and pick a suitable name
for the machine.
Once the machine is created you can adjust RAM size and various other
machine parameters - similar to how you would select components to make
a new computer. All that is achieved from the Settings option for the
machine.
Change or add storage devices and types (hard drives, floppy, cd/dvd
drives). Use either the host CD/DVD or a virtual CD (uses iso images
instead of physical CDs). Choose boot order and start the machine.
Install Debian.
Done.
Kind regards.
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/5290ead5.4030...@gmail.com
RE: Installing Debian inside Windows 7 utilizing VirtualBox
From: Wally Lepore [mailto:wallylep...@gmail.com]
Sent: Saturday, November 23, 2013 9:52 AM
To: debian-user@lists.debian.org
Subject: Installing Debian inside Windows 7 utilizing VirtualBox
Hi Members,
I would like to run Debian and test new software packages utilizing Debian
as a virtual environment. inside my Windows 7 OS. I would like to be able to
install Debian in this fashion and have the ability to utilize a Debian GUI
desktop as well.
Question #1 please:
Would kindly like to know if Oracle's VM VirtualBox is the recommended
"virtualization software package" to install to accomplish this procedure.
Question #2 please:
Which "Stable" version of Debian ("Squeeze" or "Wheezy") is recommended that
would best serve this purpose?
I have been reading about VirtualBox and studying the steps involved to
install Debian in this manner. I'm sure I will have additional questions but
would simply like to start with my initial questions above.
A couple of how-to links I've discovered:
Installing with a GUI desktop:
https://jtreminio.com/2012/07/setting-up-a-debian-vm-step-by-step/
Installing without a GUI desktop
http://williamjturkel.net/2013/05/31/installing-debian-linux-in-a-vm/
Thank you
I am running Wheezy and Jessie/sid, in different MS Windows 7 directories of
course, in the current version of VMware Player without any problems
whatsoever.
I have also evaluated the Oracle VM, but prefer the VMware player as I have
not run into any problems with installing Debian.
Download the iso and follow the installer prompts.
Stephen P. Molnar, Ph.D.Life is a fuzzy
set
Foundation for Chemistry Stochastic and
multivariate
www.FoundationForChemistry.com
(614)312-7528 (c)
Skype: smolnar1
Re: MIT discovered issue with gcc
The researchers' point was that an attacker might be able to remap that memory
page so that dereferencing a null pointer would NOT segfault. (I don't actually
know how feasible this is; I'm just paraphrasing their argument. They footnote
this claim but I didn't bother to read the cited sources.)
Checking if tun is null is [apparently] a valid precautionary measure -- not
useless -- except an optimizer might remove it. The order of these statements
is definitely wrong, but the authors are claiming that this optimization turns
an otherwise innocuous bug into an exploitable vulnerability.
Anyway, I don't see what this has to do with Debian. It's an interesting paper,
but Debian can't find and fix all upstream bugs, nor do I think most users
would be happy if suddenly everything was compiled without any optimizations.
--
Mark E. Haase
> On Nov 23, 2013, at 10:09 AM, Robert Baron
> wrote:
>
> Aren't many of the constructs used as examples in the paper are commonly
> used in c programming. For example it is very common to see a function that
> has a pointer as a parameter defined as:
>
> int func(void *ptr)
> {
> if(!ptr) return SOME_ERROR;
> /* rest of function*/
> return 1;
> }
>
> Isn't it interesting that their one example will potentially dereference the
> null pointer even before compiler optimizations (from the paper):
>
> struct tun_struct *tun=;
> struct sock *sk = tun->sk;
> if(*tun) return POLLERR;
>
> The check to see that tun is non-null should occur before use, as in - quite
> frankly it is useless to check after as tun cannot be the null pointer (the
> program hasn't crashed):
>
> struct tun_struct *tun=;
> if(*tun) return POLLERR;
> struct sock *sk = tun->sk;
>
> I am under the impression that these problems are rather widely known among c
> programmers (perhaps not the kids fresh out of college). But this is why
> teams need to have experienced people.
>
> Furthermore, it is very common to find code that works before optimization,
> and fails at certain optimization levels. Recently, I was compiling a
> library that failed its own tests under the optimization level set in the
> makefile but passed its own test at a lower level of optimization.
>
> PS: I liked their first example, as it appears to be problematic.
>
>
>> On Sat, Nov 23, 2013 at 8:17 AM, Joel Rees wrote:
>> Deja gnu?
>>
>> On Sat, Nov 23, 2013 at 10:34 AM, Andrew McGlashan
>> wrote:
>> > Hi,
>> >
>> > The following link shows the issue in a nutshell:
>> >
>> > http://www.securitycurrent.com/en/research/ac_research/mot-researchers-uncover-security-flaws-in-c
>> >
>> > [it refers to the PDF that I mentioned]
>> >
>> > --
>> > Kind Regards
>> > AndrewM
>>
>> I seem to remember discussing the strange optimizations that optimized
>> away range checks because the code that was being firewalled "had to
>> be correct".
>>
>> Ten years ago, it was engineers that understood pointers but didn't
>> understand logic. This time around, maybe it's a new generation of
>> sophomoric programmers, or maybe we have moles in our ranks.
>>
>> The sky is not falling, but it sounds like I don't want to waste my
>> time with Clang yet. And I probably need to go make myself persona
>> non-grata again in some C language forums
>>
>> --
>> Joel Rees
>>
>> Be careful where you see conspiracy.
>> Look first in your own heart.
>>
>>
>> --
>> To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
>> with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
>> Archive:
>> http://lists.debian.org/caar43io_4l7+vil8vqzpzro+fdm1vhpphepomp88hiwbn+f...@mail.gmail.com
>
Re: Installing Debian inside Windows 7 utilizing VirtualBox
On Sat, 23 Nov 2013, Wally Lepore wrote:
> Hi Members,
>
> I would like to run Debian and test new software packages utilizing
> Debian as a virtual environment. inside my Windows 7 OS. I would like
> to be able to install Debian in this fashion and have the ability to
> utilize a Debian GUI desktop as well.
>
> Question #1 please:
> Would kindly like to know if Oracle's VM VirtualBox is the recommended
> "virtualization software package" to install to accomplish this
> procedure.
On Windows? No. Microsoft recommends you to use THEIR virtualization
software -- VirtualPC or Hyper-V -- but OSes other than Windows "are
not supported." Doesn't mean Linux won't run on them, but ALL Windows
software is Windows-centric. So, there will probably be problems. Just
use VirtualBox. It will run most any OS that will run on PC Intel-based
hardware with Windows, Linux or OSX hosts.
FYI: I could never get GNOME3 to work on VirtualBox running on Linux
hosts -- Fedore 12 and Debian Wheezy, both 64-bit. Virtual graphic card
problem, I think. Never bothered to troubleshoot. I don't like
GNOME3.
VMWare is an excellent alternate choice.
>
> Question #2 please:
> Which "Stable" version of Debian ("Squeeze" or "Wheezy") is
> recommended that would best serve this purpose?
If your software needs to run on both, you'll have to compile and test
it on both.
>
> I have been reading about VirtualBox and studying the steps involved
> to install Debian in this manner. I'm sure I will have additional
> questions but would simply like to start with my initial questions
> above.
>
> A couple of how-to links I've discovered:
>
> Installing with a GUI desktop:
> https://jtreminio.com/2012/07/setting-up-a-debian-vm-step-by-step/
>
> Installing without a GUI desktop
> http://williamjturkel.net/2013/05/31/installing-debian-linux-in-a-vm/
Read VirtualBox's User Guide, too. Excellent.
B
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20131123093459.60120...@debian7.boseck208.net
Re: autostart for users
On Jo, 21 nov 13, 12:15:57, Florian Lindner wrote: > Hello, > > I want to give users the possbility to autostart programms on boot. > My first idea would be to put a line like that in /etc/rc.local Not on boot, but on login (into an XDG compliant WM/DE): $HOME/.config/autostart/ Most DEs have GUIs to add things there. Kind regards, Andrei -- http://wiki.debian.org/FAQsFromDebianUser Offtopic discussions among Debian users and developers: http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic http://nuvreauspam.ro/gpg-transition.txt signature.asc Description: Digital signature
Re: Circular initscript dependency prevents use of aptitude on wheezy
On Jo, 21 nov 13, 15:22:39, Hendrik Boom wrote: > Somehow, I seem to have a circular initscript dependency. > It seems to be complaining about the package mediatomb; furthemore, the > problem first appeared shortly after I installed mediatomb. > I tried uninstalling mediatomb, but it gets nowhere, because aptitude > balks upon detecting the circular dependency. > > I ran > > aptitude upgrade | tee mediatomb-problem > > Here's the relevant message, out of all the stuff it produces: > > insserv: There is a loop between service mediatomb and modutils if stopped > insserv: loop involving service modutils at depth 2 > insserv: loop involving service mediatomb at depth 1 > insserv: Stopping modutils depends on mediatomb and therefore on system > facility `$all' which can not be true! > insserv: exiting now without changing boot order! > update-rc.d: error: insserv rejected the script header You have a lot of cruft on your system. I'd try aptitude search ~c and if the list looks reasonable then follow-up with aptitude purge ~c If you still have problems you can use 'dpkg -S' to find other initscripts not belonging to any installed packages and remove them. Kind regards, Andrei -- http://wiki.debian.org/FAQsFromDebianUser Offtopic discussions among Debian users and developers: http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic http://nuvreauspam.ro/gpg-transition.txt signature.asc Description: Digital signature
Question about bogofilter -R
I'm trying to understand Bogofilter better. I have been using it with so-so success for about a year, but always by copy-and-paste of other people's scripts from the internet. Now I'm attempting to read the doc.s and understand. But --- it's rather slow going: In 'man bogofilter', under CLASSIFICATION OPTIONS, there is : "The -R option tells bogofilter to output an R data frame in text form on the standard output. See the section on integration with R, below, for further detail." and 'below' is: " The -R option tells bogofilter to generate an R data frame. The data frame contains one row per token analyzed. Each such row contains the token, the sum of its database "good" and "spam" counts, the "good" count divided by the number of non-spam messages used to create the training database, the "spam" count divided by the spam message count, Robinson´s f(w) for the token, the natural logs of (1 - f(w)) and f(w), and an indicator character (+ if the token´s f(w) value exceeded the minimum deviation from 0.5, - if it didn´t). There is one additional row at the end of the table that contains a label in the token field, followed by the number of words actually used (the ones with + indicators), Robinson´s P, Q, S, s and x values and the minimum deviation. The R data frame can be saved to a file and later read into an R session (see the R project website[5] for information about the mathematics package R). Provided with the bogofilter distribution is a simple R script (file bogo.R) that can be used to verify bogofilter´s calculations. Instructions for its use are included in the script in the form of comments. " I have processed some spam and ham to create a bogofilter database. I want to use the -R option to create the TEXT data frame and examine its contents. I use the following: $ bogofilter -R > bogo-rframe This should, to my understanding, write a text file in bogo-rframe, but it has been running for about an hour and shows no sign of terminating. What is wrong? Please help. There were about 3500 messages of spam and of ham, and the scoring took well under a minute. Do I really need to use R to look at what is perported to be a text file? TIA
Re: autostart for users
On Sat, 2013-11-23 at 21:04 +0200, Andrei POPESCU wrote: > On Jo, 21 nov 13, 12:15:57, Florian Lindner wrote: > > Hello, > > > > I want to give users the possbility to autostart programms on boot. > > My first idea would be to put a line like that in /etc/rc.local > > Not on boot, but on login (into an XDG compliant WM/DE): > > $HOME/.config/autostart/ > > Most DEs have GUIs to add things there. That's correct, but something completely different ;). A startup of the system isn't equal to the start of a desktop session ;). -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1385235254.1787.1.camel@archlinux
Re: MIT discovered issue with gcc
On Sat, Nov 23, 2013 at 1:16 PM, Mark Haase wrote: > Anyway, I don't see what this has to do with Debian. It's an interesting > paper, but Debian can't find and fix all upstream bugs, nor do I think most > users would be happy if suddenly everything was compiled without any > optimizations. Although Debian *developers* can't find and fix all upstream bugs, the Debian project, as the funnel between code and users, provides an interesting location to perform this sort of automated static analysis on all source code flowing through it, and present that information to both the package maintainers and users of the packages. -- Darius Jahandarie -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/cafanwtw2r+2w0e3ewvcmse-zcvbxfgugs6sp+ppu9q6gv7x...@mail.gmail.com
Re: about MS email retrieve
On Sat, 23 Nov 2013 20:08:31 +0200 Lars Noodén wrote: > On 11/23/2013 06:41 PM, Joe wrote: > > has to live with it as there are no MS alternatives. > > Not quite. Citadel and Kolab offer the same functionality, but in a > more secure, modular architecture. Recently OpenChange is a > transparent replacement: > > > http://www.zentyal.org/2013/10/zentyal-launches-the-only-native-microsoft-exchange-replacement/ > > though hopefully it is not as insecure and bugridden. I don't know > when, if or how it would be ported to Debian. > I meant 'published by Microsoft'. There are a number of mail servers available for Windows, most being much less complex than Exchange, most small businesses not needing anything as complex as Exchange. But a business using MS servers will move to third-party products reluctantly. Everything on the machine that isn't part of the server operating system is a potential accident waiting to happen. The ecosystem is fragile enough, without foreign software being added. I would not consider installing even Firefox on a client's Windows server. -- Joe -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20131123202057.7581d...@jretrading.com
Re: MIT discovered issue with gcc
On 11/22/2013 7:34 PM, Andrew McGlashan wrote: > http://www.securitycurrent.com/en/research/ac_research/mot-researchers-uncover-security-flaws-in-c "the team ran Stack against the Debian Linux archive, of which 8575 out of 17432 packages contained C/C++ code. For a whopping 3471 packages, STACK detected at least one instance of unstable code." So 3471 Wheezy packages had one ore more instances of gcc introduced anomalies. And the kernel binary they tested had 32. As an end user I'm not worried about this at all. But I'd think developers may want to start taking a closer look at how gcc does its optimizations and creates these anomalies. If the flaws are serious they should obviously takes steps to mitigate or eliminate this. I didn't read the full paper yet, but I'm wondering how/if the optimization flag plays a part in this. I.e. does "O2" produce these bugs but "OO" (default) or "Og" (debugging) does not? -- Stan -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/52911cb9.5010...@hardwarefreak.com
Re: MIT discovered issue with gcc
On Saturday, November 23, 2013 04:23:05 PM Stan Hoeppner wrote: > I didn't read the full paper yet, but I'm wondering how/if the > optimization flag plays a part in this. I.e. does "O2" produce these > bugs but "OO" (default) or "Og" (debugging) does not? Or -O3... -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201311231636.18718.neal.p.mur...@alum.wpi.edu
Re: MIT discovered issue with gcc
[Not sure this really needs to be cc-ed to security@]
On Sun, Nov 24, 2013 at 12:09 AM, Robert Baron
wrote:
> Aren't many of the constructs used as examples in the paper are commonly
> used in c programming. For example it is very common to see a function that
> has a pointer as a parameter defined as:
>
> int func(void *ptr)
> {
> if(!ptr) return SOME_ERROR;
> /* rest of function*/
> return 1;
> }
>
> Isn't it interesting that their one example will potentially dereference the
> null pointer even before compiler optimizations (from the paper):
>
> struct tun_struct *tun=;
> struct sock *sk = tun->sk;
> if(*tun) return POLLERR;
>
> The check to see that tun is non-null should occur before use, as in - quite
> frankly it is useless to check after as tun cannot be the null pointer (the
> program hasn't crashed):
This one has been thrashed to death.
Yes, the standard (after considerable reworking overseen by certain
groups with an axe to grind) says that, not only is dereferencing
before testing evil (i.e., undefined), but even adding to a pointer
before testing it is evil.
Committees really should not be allowed to define language semantics.
Make suggestions, sure, but actually define them, no.
> struct tun_struct *tun=;
> if(*tun) return POLLERR;
> struct sock *sk = tun->sk;
Yes, this arrangement is less liable to induce error on the part of
the programmer.
The compiler should be immune to such issues of induced error,
especially if it is able to reliably optimize out theoretically
undefined code (which is seriously, seriously evil).
> I am under the impression that these problems are rather widely known among
> c programmers (perhaps not the kids fresh out of college). But this is why
> teams need to have experienced people.
>
> Furthermore, it is very common to find code that works before optimization,
> and fails at certain optimization levels. Recently, I was compiling a
> library that failed its own tests under the optimization level set in the
> makefile but passed its own test at a lower level of optimization.
Completely separate issue.
> PS: I liked their first example, as it appears to be problematic.
As I noted (too obliquely, perhaps?) the my comments why you
top-posted over, this is nothing at all new. The holy grail of
optimization has been known to induce undefined behavior in compiler
writers since way before B or even Algol.
The guys responsible for optimization sometimes forget that falsifying
an argument is not falsifying the conclusion, among other things.
> On Sat, Nov 23, 2013 at 8:17 AM, Joel Rees wrote:
>>
>> Deja gnu?
>>
>> On Sat, Nov 23, 2013 at 10:34 AM, Andrew McGlashan
>> wrote:
>> > Hi,
>> >
>> > The following link shows the issue in a nutshell:
>> >
>> >
>> > http://www.securitycurrent.com/en/research/ac_research/mot-researchers-uncover-security-flaws-in-c
>> >
>> > [it refers to the PDF that I mentioned]
>> >
>> > --
>> > Kind Regards
>> > AndrewM
>>
>> I seem to remember discussing the strange optimizations that optimized
>> away range checks because the code that was being firewalled "had to
>> be correct".
>>
>> Ten years ago, it was engineers that understood pointers but didn't
>> understand logic. This time around, maybe it's a new generation of
>> sophomoric programmers, or maybe we have moles in our ranks.
>>
>> The sky is not falling, but it sounds like I don't want to waste my
>> time with Clang yet. And I probably need to go make myself persona
>> non-grata again in some C language forums
>>
>> --
>> Joel Rees
>>
>> Be careful where you see conspiracy.
>> Look first in your own heart.
--
Joel Rees
Be careful where you see conspiracy.
Look first in your own heart.
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/CAAr43iMM1OuT_cxYADAophvNtT95VxP=bfj+-nosgp+7agf...@mail.gmail.com
Re: MIT discovered issue with gcc
On Sun, Nov 24, 2013 at 12:18 AM, Robert Baron wrote: > Second question: > > Doesn't memcpy allow for overlapping memory, but strcpy does not? Isn't > this why memcpy is preferred over strcpy? >[...] The reason memcpy() is preferred over strcpy() is the same as the reason strncpy() is preferred over strcpy(). memcpy() is actually considered a no-no in some circles, and perhaps correctly so. (Especially in C++, where classes are supposed to define their own copying, and it's almost always more optimal to explicitly copy each member instead of calculating the size, mass copying, and going back and overwriting the members that are subject to issues like deep copy. Remember that memcpy() is able to copy an odd number of bytes, so the size calculation contains a bit more than is obvious to the programmer.) -- Joel Rees Be careful where you see conspiracy. Look first in your own heart. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/caar43iof7wca3zugtzewvhddjzk98ava2oatgw_mavruoyz...@mail.gmail.com
Re: MIT discovered issue with gcc
On Sun, Nov 24, 2013 at 6:23 AM, Stan Hoeppner wrote: > On 11/22/2013 7:34 PM, Andrew McGlashan wrote: > >> http://www.securitycurrent.com/en/research/ac_research/mot-researchers-uncover-security-flaws-in-c > > "the team ran Stack against the Debian Linux archive, of which 8575 out > of 17432 packages contained C/C++ code. For a whopping 3471 packages, > STACK detected at least one instance of unstable code." > > So 3471 Wheezy packages had one ore more instances of gcc introduced > anomalies. And the kernel binary they tested had 32. > > As an end user I'm not worried about this at all. But I'd think > developers may want to start taking a closer look at how gcc does its > optimizations and creates these anomalies. If the flaws are serious > they should obviously takes steps to mitigate or eliminate this. > > I didn't read the full paper yet, but I'm wondering how/if the > optimization flag plays a part in this. I.e. does "O2" produce these > bugs but "OO" (default) or "Og" (debugging) does not? The paper says some of the surprise optimizations happen at even the default optimization level. And I remember one that definitely does, although I don't remember where I put the code where I played with it. -- Joel Rees Be careful where you see conspiracy. Look first in your own heart. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CAAr43iNP44POMkEYUB6c+iuXceHHFTCM+1bexE5XvKaP=-q...@mail.gmail.com
I have a new toshiba laptop with intel core i7 processor
I have a new toshiba laptop with intel core i7 processor and I’ve already had installed, but when the system reboots I get this [1511.659335] generic- usb 0003:0457: 1037.009a: usb*submit*urb (ctrl) failed and if I disable the usb 3.0 I get this port 4 hub 2-1:1.0 disable by hub (eMI?), re-enabling. I want information about this or what can i do about it? -- *GPimentel*
Re: MIT discovered issue with gcc
On Sun, Nov 24, 2013 at 3:53 AM, Darius Jahandarie wrote: > Although Debian *developers* can't find and fix all upstream bugs, the > Debian project, as the funnel between code and users, provides an > interesting location to perform this sort of automated static analysis > on all source code flowing through it, and present that information > to both the package maintainers and users of the packages. Some Debian folks are working on that in conjunction with Fedora. We could use some help, especially with packaging new checkers and with writing firehose output converters for existing checkers. Please get involved, links below. PS: STACK isn't currently possible to package because it needs a special build of llvm that isn't in Debian yet. https://fedoraproject.org/wiki/StaticAnalysis https://github.com/fedora-static-analysis/firehose http://debile.debian.net/ http://firewoes.debian.net/ http://debuild.me/ https://wiki.debian.org/HowToPackageForDebian#Check_points_for_any_package -- bye, pabs http://wiki.debian.org/PaulWise -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/caktje6hzr-p2nnhku_24rp7vgsb02jet_fb9cy2bwurcgaa...@mail.gmail.com
Setting up wordpress on wheezy using the debian packages?
Can someone point me at step-by-step instructions for going from sudo aptitude install wordpress on a freshly scrubbed, newly installed Wheezy system to a working wordpress website on the same machine? I've read the README.Debian in /usr/share/doc/wordpress/ and the stuff in examples/ but they are just hints, I think. I've googled till I'm blue in the face, but all I find is people who insist on installing wordpress from the downloadable tarball at the wordpress development site and ignore the debian package entirely. I'd much rather do things the "Debian way". Somebody must have done it, I would think -- or what's the point of having a Debian package in the first place? If you have, can you share your recipe? All help will be appreciated! Rick -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/ec8aa022-d5a6-4ce7-a59d-7c261508e...@pobox.com
Totem in stable cannot play any type of video, need your help.
Hello everybody, This is my first mail here. I am debian stable user. My Totem cannot play any type of video, included free format such as webm, ogg, and mkv. When I open any video, it says, "An error occurred: Could not determine type of stream." Need your help. Bo -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1385258903.6835.7.camel@bo-pc
Re: about MS email retrieve
> What I do at work is use davmail (http://davmail.sourceforge.net). There > is a debian package, and is needs that java is installed. I have JDK and JRE installed, just a bit hesitated to switch to davmail since I have been using icedove from beginning and it has been really long already. > > Works fine with a exchange 2010 server through the webservice. Let's > hope your mail admin allows the DAV/Webservice connection. Here is the reply I received days ago from our IT. " Please be advised our email accounts do not run on pop3/imap/smtp. It is on Microsoft Exchange, so you can only use email clients which has support for Microsoft Exchange, such as Microsoft Outlook. " >> I wonder, how can they update and connect these in one big database? > > It's called a user databas used for authentication of all services. In a > free world you would do this with a LDAP server, in MS world it is done > with Active Directory (based on LDAP among other things). So intelligent. Thanks, -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/52916adb.1040...@gmail.com
Re: Installing Debian inside Windows 7 utilizing VirtualBox
On 24/11/13 01:52, Wally Lepore wrote:
> Hi Members,
>
> I would like to run Debian and test new software packages utilizing
> Debian as a virtual environment. inside my Windows 7 OS. I would like to
> be able to install Debian in this fashion and have the ability to
> utilize a Debian GUI desktop as well.
>
> Question #1 please:
> Would kindly like to know if Oracle's VM VirtualBox is the recommended
> "virtualization software package" to install to accomplish this procedure.
There is not "Debian recommended" virtualization solution for a Windoof
host.
I recommend VirtualBox, but there are other working applications.
>
> Question #2 please:
> Which "Stable" version of Debian ("Squeeze" or "Wheezy") is recommended
> that would best serve this purpose?
Wheezy is stable, Squeeze is old stable.
Wheezy would, conditionally, be your best choice.
Conditions would be what do you want to do (is the versions of software
important) - you may find you need to run a specific release of mixture
of releases.
>
> I have been reading about VirtualBox and studying the steps involved to
> install Debian in this manner. I'm sure I will have additional questions
> but would simply like to start with my initial questions above.
Install VirtualBox
Create new machine (Linux, Debian) - follow the prompts changing to suit
you needs (virtual hard drive size, dynamic or fixed size, name of
machine, amount of RAM). Takes two minutes.
Edit the Settings on the new machine to change defaults as required. Add
additional hard/optical drives, change the type of drive, add floppy,
choose sound and network card types, select phsyical or virtual optical
drive (virtual uses ISO images), set network protocols.
Takes 5 minutes to look at all the options.
Choose the boot order and start the VM.
Install Debian as if it was a bare metal install - the documentation on
the *VirtualBox* site is good, but it's unlikely you'll require it as
the process is suitable for chickens if you put a bit of bread on the
Enter key.
>
> A couple of how-to links I've discovered:
>
> Installing with a GUI desktop:
> https://jtreminio.com/2012/07/setting-up-a-debian-vm-step-by-step/
>
> Installing without a GUI desktop
> http://williamjturkel.net/2013/05/31/installing-debian-linux-in-a-vm/
I look to Debian for documentation first e.g.:-
https://wiki.debian.org/VirtualBox
Then the application developer/s e.g.:-
https://www.virtualbox.org/manual/ch02.html#installation_windows
After that I'll consult third-party guides
>
> Thank you
>
>
As for installing Debian into Windoof's VM best ask Mr Jerry Stuckle
about the joys and triumphs of that.
But if you're still keen:-
https://wiki.debian.org/InstallingDebianOn/VMs/MicrosoftVirtualPc2007/etch
Kind regards
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/52917c90@gmail.com
