On Tue, 9 Dec 2003 11:04, David B Harris <[EMAIL PROTECTED]> wrote:
> Or are you saying that you used [EMAIL PROTECTED] for your
> computing needs, including storing your unencrypted GPG, unencrypted SSH
> key (or encrypted, in which case both of which use the passwords you've
> posted), your email
On Tue, Dec 09, 2003 at 02:51:53AM +0100, Moritz Moeller-Herrmann wrote:
> > On Fri, Dec 05, 2003 at 03:02:42PM +0800, Cameron Patrick wrote:
>
> >> Except that AFAIK .desktops are still semantically richer than the
> >> existing Debian system, and have more momentum behind them outside of
> >> De
On Mon, 8 Dec 2003, Matthew Garrett wrote:
> Steve Langasek wrote:
>
> >But an ssh key on removable media is not vulnerable to keysniffing
> >alone, where a password is.
>
> There's no inherent increase in security from using a key on a
> USB device other than the fact that attackers aren't thinki
On Mon, Dec 08, 2003 at 01:28:20PM +1100, Russell Coker wrote:
> Another problem is that host keys require SUID ssh client in the
> default configuration.
This hasn't been true since OpenSSH 3.3, and therefore since before
woody. See ssh-keysign(8).
openssh (1:3.3p1-0.0woody1) testing-security; u
Package: wnpp
Severity: wishlist
* Package name: giftui
Version : 0.3.1
Upstream Author : <[EMAIL PROTECTED]>
* URL : http://giftui.tuxfamily.org/
* License : GPL
Description : Graphical user interface to giFT
gifTui is a graphical user interface to the g
On Thu, Dec 04, 2003 at 06:31:02PM +0100, Jan Nieuwenhuizen wrote:
> Peter S Galbraith <[EMAIL PROTECTED]> writes:
> > another package's was using convert in the build stage to convert
> > some images and it was failing. The bug was elevated to
> > release-critical. I don't think it would be fair
On Thu, Dec 04, 2003 at 03:29:02PM -0800, Tom wrote:
> Just rambling... I'm sure there's tons of holes in what I just said.
All this rambling is getting pretty damn tedious as I try to read
through two weeks' worth of debian-devel backlog. Could you please try
to keep debian-devel posts to well-th
您好:
较完备的电子技术光盘
详细请进: http://www.newsunmcu.com/gpzl.html
Andrew Suffield wrote:
> On Fri, Dec 05, 2003 at 03:02:42PM +0800, Cameron Patrick wrote:
>> Except that AFAIK .desktops are still semantically richer than the
>> existing Debian system, and have more momentum behind them outside of
>> Debian. Upstream packages are much more likely to ship to .d
Andreas Metzler wrote:
> Billy Biggs <[EMAIL PROTECTED]> wrote:
>> Steve Greenland ([EMAIL PROTECTED]):
>>> On 04-Dec-03, 14:44 (CST), Nathanael Nerode <[EMAIL PROTECTED]>
>>> wrote:
>>> > There's now a standard used by KDE and GNOME which has more features
>>> > than the Debian menu system.
>
>>
Package: wnpp
Severity: wishlist
* Package name: makeztxt
Version : 1.6.0
Upstream Author : John Gruenenfelder <[EMAIL PROTECTED]>
* URL : http://gutenpalm.sf.net/
* License : GPL
Description : Create zTXT databases from ASCII files to read them in a
Pal
On Mon, Dec 08, 2003 at 06:47:44PM -0500, Matt Zimmerman wrote:
> Yes, but building the complete Debian package is hopefully not necessary for
> bootstrapping purposes, only to get a working make binary.
So it would be wort to look at the LFS scripts, to get a minimum system boot
strapped.
On th
On Mon, 08 Dec 2003 18:38:25 -0500
Joe Drew <[EMAIL PROTECTED]> wrote:
> On Mon, 2003-12-08 at 15:37, David B Harris wrote:
> > I've also yet to see anybody post their IP address, userid, and
> > password for their publicly-accessible servers to a public mailing list
> > :)
>
> I have. root, even.
On Tue, Dec 09, 2003 at 09:52:39AM +1100, Herbert Xu wrote:
> Matt Zimmerman <[EMAIL PROTECTED]> wrote:
> >
> > There are quite a few, but make is a bad example, as it has included a
> > shell script to build itself for just this purpose.
>
> But its debian/rules is a makefile since the policy r
On Mon, 2003-12-08 at 15:37, David B Harris wrote:
> I've also yet to see anybody post their IP address, userid, and
> password for their publicly-accessible servers to a public mailing list
> :)
I have. root, even.
http://lists.debian.org/debian-devel/2002/debian-devel-200206/msg01187.html
--
On Sun, Dec 07, 2003 at 02:02:10PM +1100, Russell Coker wrote:
> The recent versions of the package have significant problems if you want to
> convert to or from devfs. The Debian mkinitrd has become too complex to
> manage so I have chosen not to bother.
This seems strange, perhaps the process
Matt Zimmerman <[EMAIL PROTECTED]> wrote:
>
> There are quite a few, but make is a bad example, as it has included a
> shell script to build itself for just this purpose.
But its debian/rules is a makefile since the policy requires it
to be so, right? :)
--
Debian GNU/Linux 3.0 is out! ( http://
Dennis Stampfer <[EMAIL PROTECTED]> writes:
> timeoutd loggs user out when they reached timeout-restrictions like max.
> login-time, max. idle-time, etc.
>
> Is there any way to querry how long a X-user is idle?
You might look at the xscreensaver driver source; the basic answer is
"yes, about fou
On Mon, 2003-12-08 at 03:18, Matthew Garrett wrote:
> Steve Langasek wrote:
>
> >But an ssh key on removable media is not vulnerable to keysniffing
> >alone, where a password is.
>
> If such behaviour becomes common, the keysniffers will simply copy
> anything that looks like an SSH key that exi
On Mon, 08 Dec 2003 03:18:53 +
Matthew Garrett <[EMAIL PROTECTED]> wrote:
> Steve Langasek wrote:
> >But an ssh key on removable media is not vulnerable to keysniffing
> >alone, where a password is.
>
> If such behaviour becomes common, the keysniffers will simply copy
> anything that looks li
Hi,
* Marc Haber ([EMAIL PROTECTED]) [031128 10:55]:
> I would like to know whether the attacker was able to log in to auric,
> even as unprivilieged user. Did she actively try to compromise auric?
>
> What kind of verification of auric's integrity was done / is planned
> to be done?
>
> [more q
Hi!
We will see here the assurance measures related to life cycle support.
This is an area where Debian shines out even from the other open
source projects.
ALC_DVS.2 Sufficiency of security measures (EAL6, EAL7)
ALC_DVS.2.1D The developer shall produce development security
documentation
Chad Walstrom wrote:
> On Mon, Dec 08, 2003 at 04:20:07PM +, Colin Watson wrote:
> > That always struck me as a rather poor idea. What if we have two
> > versions of a package, 1:1.0 and 2:1.0? Both will be foo_1.0_$ARCH.deb
> > at the moment.
>
> IIRC, the actual filename in the archive is
>
Dennis Stampfer <[EMAIL PROTECTED]> writes:
> Hi -devel,
>
> the program timeoutd was originally written when using X was not a matter
> of course:
>
> timeoutd loggs user out when they reached timeout-restrictions like max.
> login-time, max. idle-time, etc.
>
> Some users asked for X-Support.
On Mon, Dec 08, 2003 at 07:09:59PM +0100, Dennis Stampfer wrote:
> Is there any way to querry how long a X-user is idle? If not, do you
> think it's okay to write something like "IDLE-Logout does not work
> with X" into Readme.Debian and into the config-file(,manpage, ...)?
I'm not sure to be h
Matt Zimmerman <[EMAIL PROTECTED]> writes:
> On Sun, Dec 07, 2003 at 10:42:10PM +0100, Goswin von Brederlow wrote:
>
> > Having or not having is of the order of several 100MB. The shear
> > number of debs makes the impact.
>
> Fortunately, the actual effect is much smaller since nearly all packa
Hi -devel,
the program timeoutd was originally written when using X was not a matter
of course:
timeoutd loggs user out when they reached timeout-restrictions like max.
login-time, max. idle-time, etc.
Some users asked for X-Support. Well, X works well with "No login
allowed at all" and "Login r
您好,这是一份善意的商业邮件,如本信息对您无帮助,请随手删除,并深表歉意。
---
免费发布供求信息的好去处http://www.bizwds.com 网络实名:商务之窗
为你在深圳找寻客户、合作伙伴、供应商,做24小时的网上生意!
请登录我们网站http://www.bizwds.com 网络实名:商务之窗
---
[EMAIL PROTECTED]
Package: wnpp
Severity: wishlist
* Package name: mecab-jumandic
Version : 4.0
Upstream Author : Sadao Kurohashi <[EMAIL PROTECTED]>
* URL or Web page : http://www.kc.t.u-tokyo.ac.jp/nl-resource/juman.html
* License : BSD
Description : Juman dictionaries compiled for M
I just sent my first-ever message to the LDAP gateway to reset my
password. I got the below message back. BTW, my clock is accurate.
I used the exact "echo" command given in the docs.
Also, I received no other reply.
What gives?
-- John
On Mon, Dec 08, 2003 at 05:14:43PM +, [EMAIL PROTEC
Hi!
I haven't (seriously) used Firebird since a year and there's no chance
I'll be using anytime soon. It's low maintenance software though as
upstream is focused on firebird 1.5/2.0
Therefore I am going to orhpan:
* firebird
* php4-interbase (depending on firebird)
Drop me note if you want to t
On Mon, Dec 08, 2003 at 04:20:07PM +, Colin Watson wrote:
> That always struck me as a rather poor idea. What if we have two
> versions of a package, 1:1.0 and 2:1.0? Both will be foo_1.0_$ARCH.deb
> at the moment.
IIRC, the actual filename in the archive is
foo_1.0-${EPOCH}%3a${DEBVE
On Tue, Dec 02, 2003 at 01:05:50AM +1000, Anthony Towns wrote:
> On Mon, Dec 01, 2003 at 01:35:38PM +0100, Stefano Zacchiroli wrote:
> > The same happened to me with a bug reported against pbbuttonsd (don't
> > have the number at hand right now). As a personal opinion I think the
> > crontabs of th
On Sun, Dec 07, 2003 at 04:10:36PM +, Scott James Remnant wrote:
> make? You'll need make installed to make make. There are a huge number
> of legitimate circular build dependencies, outlawing them won't help.
There are quite a few, but make is a bad example, as it has included a
shell scri
On Sun, Dec 07, 2003 at 10:42:10PM +0100, Goswin von Brederlow wrote:
> Having or not having is of the order of several 100MB. The shear
> number of debs makes the impact.
Fortunately, the actual effect is much smaller since nearly all packages
have md5sums already.
--
- mdz
您好,这是一份善意的商业邮件,如本信息对您无帮助,请随手删除,并深表歉意。
---
免费发布供求信息的好去处http://www.bizwds.com 网络实名:商务之窗
为你在深圳找寻客户、合作伙伴、供应商,做24小时的网上生意!
请登录我们网站http://www.bizwds.com 网络实名:商务之窗
---
[EMAIL PROTECTED]
Russell Coker wrote:
> On Mon, 8 Dec 2003 23:14, "Julian Mehnle" <[EMAIL PROTECTED]> wrote:
> > You cannot verify the IP address *exactly*, but you can verify
> > whether the IP address lies within a range. Dial-up users could at
> > least register a certain address range, so as to vastly mitigate
On Mon, 8 Dec 2003 23:14, "Julian Mehnle" <[EMAIL PROTECTED]> wrote:
> > One problem with this is developer's machines that are on dial-up
> > Internet connections. ÂIn the case of such machines you can verify the
> > host key but not the IP address.
>
> You cannot verify the IP address *exactly*,
Russell Coker wrote:
> On Mon, 8 Dec 2003 13:16, Patrick Ouellette <[EMAIL PROTECTED]> wrote:
> > Instead of a smartcard/token/whatever physical device, this incident
> > could possibly have been thwarted by requiring developers to
> > pre-register their machine with the project (using ssh host key
On Sun, Dec 07, 2003 at 09:16:58PM -0500, Patrick Ouellette wrote:
> Instead of a smartcard/token/whatever physical device, this incident
> could possibly have been thwarted by requiring developers to pre-register
> their machine with the project (using ssh host key for example). The
> attacker wo
本公司专业经营各种无线摄像器材,满足各类人士的需求。本产品小巧灵活,
可以用于对婴儿的监控,和防盗,在电脑上加一块视频转接卡就可以录象了,
把你想要的录下来。(你要做别的事情我就不管了)本产品使用很方便
不需要布线,用节电池就能工作了,心动不如行动 赶快跟我们联系。QQ79651785
[EMAIL PROTECTED]
公司网址:http://www.happyshops.net/camera
最大优点:1,发射器的尺寸是现阶段最小的(20*20*20 MM)有很好的隐蔽性。
2,彩色视频和无线音频同步。(既有图像又有声音)
3,
The developer's reference lists erlangen as one of the upload queues.
However, I used it last week (as I assumed that I wouldn't be able to
upload the way I usually did, i.e. directly to ftp-master via ssh).
However, I was wondering how long it would take (I haven't really seen
any announcement th
Package: wnpp
Version: N/A; reported 2003-12-08
Severity: wishlist
* Package name: debsigs-ng
Version : 0.1
Upstream Author : Andreas Barth <[EMAIL PROTECTED]>
* URL : http://debsigs.turmzimmer.net/
* License : GPL
Description : create and verify signature
On Sun, Dec 07, 2003 at 09:53:11PM +0100, Marc Haber wrote:
> >So, why can't this be done without an exim4-config package in Debian, with
> >something like the following arrangement:
> > exim4-daemon
> > provides/conflicts: mail-transport-agent
> > postinst:
> >
44 matches
Mail list logo
