Re: Are file permissions in files on external devices silly?
On Sat, 2008-11-22 at 11:47 +0100, Mario Vukelic wrote: > On Fri, 2008-11-21 at 16:19 +, Andrew Sayers wrote: > > To address the actual point, security of files on removable media can > > only be handled at the hardware level, by making sure bad people don't > > steal your disks. Bad guys can be assumed to have root access to at > > least one box that they can plug a drive into, so complex permissions > > systems on removable media serve only to frustrate ordinary users. > > I have to disagree here. I have several USB disks attached to my > computer, and while I agree that this provides no security against an > attack, it does provide protection against user errors, just as it does > on internal disks. A disk being external does not preclude that several > users access it and want protection from the other guy unintentionally > deleting their files. Such cases can be handled, for sure. You can mark disks with, for example, a magic file in the root directory, so that the system knows that permissions must be acknowledged. Even better, the magic file could be associated with the machine that created the permissions (and for which the user and group ids make sense.) Other machines would just ignore the permissions. I'm not a kernel hacker; it's hard for me to estimate the effort for implementing such an idea. But it sounds viable to me. Cheers, M. S. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: fast-user-switch-applet
On Fri, 2009-03-06 at 11:29 +, Mat Tomaszewski wrote: > Nicolò Chieffo wrote: > > quote from the blog: > > "A couple of people have said that the menu looks “sparse” or “bare” ... > The "less is more" philosophy is neither new, nor obsolete. I personally > believe that "less" and "more" can co-exist, but there's a very fine > line between "sparseness" and making your desktop look like an aircraft > cockpit. Ultimately, it all comes down to carefully considering every > single element of the UI in the broader context of overall look&feel, > use case scenarios etc. Wholeheartedly agreed. > I've got my part in the decision to remove the icons from the fusa > applet and I can see why it is controversial. I think part of that comes > from the fact that almost all other menus use icons, and there seems to > be lack of consistency. The lack of consistency doesn't bother me, and I don't have any serious aesthetic concerns with the menu, either. Still, I have personally noted that I continuously have problems when using it. They may arise from the fact that I was used to the older one, and grew accustomed to look for the proper icon (which is faster) instead of reading through the options. With this version, I always have to read the options carefully, in order to make sure that I'm picking the right one. Indeed it happened to me already a few times that I was in a hurry and selected the wrong option. This can be quite bad, specially given the current broken state of the GNOME session manager. Of course, this is just anecdote so far, but it looks to me this may be one of those cases where actual user testing would make a difference. Cheers, M. S. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Replacing network-offline (old version 2xmonitor) with NM wlan 0% signal strength icon
On Mon, 2009-03-16 at 14:24 +, (``-_-´´) -- BUGabundo wrote: ... > On Monday 16 March 2009 10:58:55 Mat Tomaszewski wrote: ... > > The request to change the icon came originally from various OEMs we > > cooperate with > > So OEMs now count more then Community? > Thanks, that was exactly what *we* wanted to here. I'm sorry to have to point this out, but this is the sort of attitude that doesn't bring us any further. Actually, we simply don't know the background here. For example, if these OEMs actually ran controlled experiments, they have hard data that, as far as I can tell, no one in the "open" community has. Unless we find a way to run controlled, repeatable experiments by ourselves, all we are doing here is bikeshedding, and hard data wins over bikeshedding anytime. Additionally, I don't think that mailing-list bikeshedding is the right way to design good interactive software, anyway. Canonical's design team is definitely paying attention to us (as we can see from their active participation in this list) but they are aren't making their decisions solely based on our input, which, in my opinion, is also the right thing for them to do. Best wishes, M. S. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: aufs based upgrade tests
On Thu, 2009-03-19 at 15:56 +0100, Vincenzo Ciancia wrote: ... > How can this be rare if the user is supposed to test things after the > upgrade? I didn't think about it but it's actually risky - every > application can potentially be non-forward-compatible. Users should be > adviced to use the guest user account to test new applications, or > perhaps it can be done in a way that only a special account sees the new > system? Seconded, you start your session once with the new version installed, and there's often no way back. Applications will surely update their configuration data as soon as they're started, and there's no guarantee that they'll work when the older system is reinstated. As a possible solution, what about putting user accounts under aufs as well? This would have the advantage of allowing for testing how applications update their configuration data, which is also a good idea because this is a common source of bugs. Cheers, M. S. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Removing single program from multi program packages
On Mon, 2009-03-23 at 11:55 -0300, Derek Broughton wrote: ... > While I don't know how this _could_ be done, I agree that there are good > reasons why it _should_. My particular pet peeve are the screensaver > packages, where there are some screensavers that I want removed because > they don't actually hide the screen. Unlike your game example, this isn't > even something that can be handled by editing the menus, you have to > physically remove the program. On the other hand, this sounds like something that could actually be a security issue for some people, and that may have to be addressed by the package maintainer by, for example, splitting the package. Still, this doesn't mean that Ubuntu requires a general mechanism for cherry-picking files from an installed package. Ubuntu's (and Debian's) package system is already quite complex, and, being the core piece of infrastructure it is, you don't want to mess with it unless it is really necessary. Cheers, M. S. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Current situation of amarok, and of latex tools
On Mon, 2009-05-25 at 13:24 +0200, Remco wrote: ... > Downgrade > conversion is probably not feasible for any but the most popular > packages. I completely agree with your message. Of course, expecting every package to provide a downgrade converter is unrealistic. On the other hand, how often do projects upgrade to a new, incompatible format? In the large majority of cases, you will be able to just downgrade the software and keep working as if nothing had happened. For those cases where downgrades really represent possible data loses, providing a warning so that people know that they'll lose data if they decide to downgrade is probably enough. We should not forget that a downgrade option wouldn't be aimed at the casual Ubuntu user, but at those people wanting to leave in the bleeding edge in order to test the latest and greatest. These people should be table to take care of their data and to deal with the temporary breakage caused by a bad upgrade (as long as that upgrade is reversible with reasonable effort, that is). For this reason, there's no need to overengineer the solution. A relatively simple "keep older package versions in the repository for a longer time and make dpkg/apt more amenable to downgrades" should do. Cheers, M. S. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Fallback plan if Empathy isn't ready for Karmic?
On Wed, 2009-06-24 at 11:39 +0100, Andrew Sayers wrote: > I'm glad to hear that upstream is so active, but a usable version will > have to land very soon in order for the small band of Karmic testers to > give it enough use to clear out all the bugs that will come from a large > number of Ubuntu newbies. I'll ask again nearer the time about how > things are progressing. How difficult would it be to produce a Jaunty backport as well? Does Empath have many dependencies on packages that are only in Karmic? I'd be glad to test, but can't run Karmic as yet because I depend on my computers for work. Cheers, M. S. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Pidgin and Yahoo! login
On Wed, 2009-06-24 at 12:08 -0400, Mackenzie Morgan wrote: > On Wednesday 24 June 2009 11:54:27 am Adrian Perez wrote: > > There's any chance or prospect to integrating the new Yahoo! protocol > > support present in new upstream Pidgin 2.5.7 into jaunty-updates or > > maybe jaunty-proposed-updates? We are all experiencing login problems > > with Yahoo! as you people may know. > > New protocol? I thought it was just a different IP address, based on > discussion > in the bug report. Indeed, you can currently work around the problem by connecting to a server that still supports the older protocol. Yahoo! could deactivate this alternative server at any time, though. M. S. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Provide a GUI option in the installer to enable popcon
On Thu, 2009-06-25 at 00:19 +0200, Vincenzo Ciancia wrote: > >From the appcenter wiki page: > > "If Linux has an Achilles heel, from the point of view of a Windows > user, it's installing new software. Be prepared to enter a new world in > which Windows Update is a model of simplicity by comparison, and in > which you may feel as if you need a Ph.D. in physics merely to install > new applications or updates. > > — Preston Gralla, “Living free with Linux: 2 weeks without Windows”, > Computerworld" > > I am surprised: all the people I ever heard talking of ubuntu, including > non-geeks, appreciate the simplicity of adding and removing > applications. Perhaps that comment is a bit outdated even if, since the > beginning of times, comparing synaptic with windows tools is a laughable > joke, to say the least. This is becoming off-topic for this thread, but it is an important point in and by itself. The comment is not so outdated. Gralla's article [1] is from January 2009 and applies to Ubuntu 8.04, at least according to the included screenshots. If you read the article right after the text quoted above, you will notice that his problem was rather that he tried to apply his Windows-power-user knowledge to Ubuntu, with disastrous results. Windows users are used to search the Internet for the desired application, download an installer, run it, answer the questions and reboot (of course!). We all know that Ubuntu has a much better way of doing things, but Windows people simply do not expect things to be as easy. This is Linux, you know, it most be hard! By the way, this is not the first time I see this phenomenon. A coworker of mine, who is a very competent computer scientist, put together a Ubuntu media center for his living room. I had to invest lots of effort into convincing him of looking for proper package repositories for the software he needed (and, as it turned out, there were plenty of those!). His usual method was to run a Google search, pick the first result, and follow whatever instructions he would find there. Of course, he always managed to mess things up in a matter of minutes. Another good friend of mine, also an accomplished computer scientist, would always tell me that he was reinstalling his RedHat server. At some point, I started to wonder why his server needed so frequent reinstallations. It turned out he was installing most of his software from source code, and he was also indiscriminately overwriting RedHat-installed system files by running make install without paying attention to the preset destination directories. I'm convinced that expert users are, by far, the hardest to migrate. Efforts like AppCenter will definitely help in this area, but we should think of making available a "Quick Migration Guide for Veteran Windows Users" as well. [1] http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9126042&pageNumber=3 -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Pidgin and Yahoo! login
On Thu, 2009-06-25 at 13:52 +0200, Vincenzo Ciancia wrote:
> Martin, please could you advice a server or link some web page with a
> list of server?
Sure.
All I had to do (unfortunately, I cannot find the original link right
now) was entering
cn.scs.msg.yahoo.com
into the "Page Server" field ("Advanced" configuration tab) of the Yahoo
protocol in Pidgin. I think the original value was almost identical, I
only had to add the "cs." segment at the beginning. This is working for
me right now, but, as I said, we don't know if this server will remain
available.
M. S.
--
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
