Josselin Mouette writes:
> it has been brought to my attention (through #512803) that su does not
> clean the environment at all. [... ]
>
> Before I work around this specific issue in the fugliest way, shouldn’t
> we prevent su from preserving the environment?
compare this:
su -c env
to
Le samedi 24 janvier 2009 à 09:04 +0100, Reinhard Tartler a écrit :
> the latter command indeed prunes the environment, and calling
>
> su -c gnome-terminal -
>
> sucessfully fails (heh) with failing to open a display. whats the
> problem here?
"su -" is actually pruning the environment as it s
Charles Plessy wrote:
> I felt a bit afraid that in some
> situations where some packages are temporarly mutually incompatible, we can
> end
> up in a situation where the source package that depends on it is not
> rebuidable
> unless the tests are disabled.
I found this kind of situation when pa
Josselin Mouette writes:
> I think Steve has a point, and as he explains, this is not a big
> security issue; however it is breaking the expectations you have when
> logging as another user. For example, it is not expected that starting
> an application as the other user will re-use the running o
Le samedi 24 janvier 2009 à 11:00 +0100, Reinhard Tartler a écrit :
> Well, then how about gnome-keyring or other applications not expecting
> that behaviour should then check the effective user id in addition to
> the session cookie in the environment variable?
>
> In any case, this behaviour sho
On Sat Jan 24 11:00, Reinhard Tartler wrote:
> Josselin Mouette writes:
>
> > I think Steve has a point, and as he explains, this is not a big
> > security issue; however it is breaking the expectations you have when
> > logging as another user. For example, it is not expected that starting
> > a
Package: wnpp
Severity: wishlist
Owner: Stefano Zacchiroli
* Package name: ocaml-autoconf
Upstream Author : Richard Jones, Stefano Zacchiroli, et al.
* URL : http://ocaml-autoconf.forge.ocamlcore.org/
* License : BSD (3-clauses)
Programming Lang: m4
Description :
* Stefano Zacchiroli [Sat, 24 Jan 2009 11:45:04 +0100]:
> RFC: this package will consists of just one file:
> /usr/share/ocaml-autoconf/ocaml.m4 , and this puzzles me a bit as
> overkilling. Nevertheless, I've no clue about how autoconf extensions
> should be packaged, and my naive attempts to fin
On Sat, 2009-01-24 at 11:07 +0100, Josselin Mouette wrote:
> The question is whether we can consider safe to pass authentication
> tokens as environment variables. Either we do, and we fix applications
> that pass environment where they shouldn’t. Either we don’t, and we have
> to find another way
Le samedi 24 janvier 2009 à 10:05 +, Matthew Johnson a écrit :
> Well, if they are using DBUS this should be fine. You cannot connect to
> a session bus with a uid other than the one it is running as (including
> root)
Clearly that’s not the case, since the original issue happens over
D-Bus. I
On Sat Jan 24 14:08, Josselin Mouette wrote:
> Le samedi 24 janvier 2009 à 10:05 +, Matthew Johnson a écrit :
> > Well, if they are using DBUS this should be fine. You cannot connect to
> > a session bus with a uid other than the one it is running as (including
> > root)
>
> Clearly that’s not
* Daniel Glassey [Fri, 23 Jan 2009 17:28:16 +]:
> On Fri, Jan 23, 2009 at 4:20 PM, Adeodato Simó wrote:
> > Hello,
> > a person from the Ubuntu community forwarded this mail of yours to a
> > Debian list.
> > All these problems you enumerate should be responsibility of the
> > designated ma
I am asked to act as a sponsor of phpunit [*] package. However there's
a situation that needs an advice. There's JS in the package that was
run through the filter which deletes comments and spaces. In fact it is
like Java script passed through obfuscator.
I suggested to maintainer
"Dmitry E. Oboukhov" writes:
> JS - is an interpreter language, _theoretically_ it is possible to
> _restore_ the source, but if following DFSG then in fact the source is
> not included into archive. This is a bug of the Serious level (at least
> for Debian/main).
>
> Am I right? Please help
On Sat, 24 Jan 2009 22:23:33 +0300
"Dmitry E. Oboukhov" wrote:
> I am asked to act as a sponsor of phpunit [*] package. However there's
> a situation that needs an advice. There's JS in the package that was
> run through the filter which deletes comments and spaces. In fact it is
On Sun, Jan 25, 2009 at 6:23 AM, Dmitry E. Oboukhov wrote:
> Judging by the apt-file output the same JS is used in a few more packages:
>
> $ apt-file search yahoo-dom-event.js
...
> Am I right? Please help me to make a decision: what is better to do?
Remove the file from the binary package and
>> Judging by the apt-file output the same JS is used in a few more packages:
>>
>> $ apt-file search yahoo-dom-event.js
PW> ...
>> Am I right? Please help me to make a decision: what is better to do?
PW> Remove the file from the binary package and depend on the yui package:
PW> http://lintian.d
On Sun, Jan 25, 2009 at 7:27 AM, Dmitry E. Oboukhov wrote:
> yes yes, but
> this file is 30kb
> yui package is 7Mb
Then you should submit a request for splitting yui up a bit, perhaps
into libjs-yui-doc, libjs-yui-animation, libjs-yui-assets and so on.
I also note that the yui source package do
On Sat, Jan 24, 2009 at 10:23:33PM +0300, Dmitry E. Oboukhov wrote:
> I am asked to act as a sponsor of phpunit [*] package. However there's
> a situation that needs an advice. There's JS in the package that was
> run through the filter which deletes comments and spaces. In fact it
Package: wnpp
Severity: wishlist
Owner: Jelmer Vernooij
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
* Package name: dulwich
Version : 0.1.0
Upstream Author : James Westby
John Carr
Jelmer Vernooij
* URL
> New whohas tool displays other distributions that have your package
> ---
>
> Unstable features a new tool, `whohas`, which searches through a list of
> distributions and displays those that also carry a version of a given
> packa
Ondrej Certik wrote:
> This whohas command is awesome, great job!
Yes. And the openSUSE URLs suck!
Emilio
signature.asc
Description: OpenPGP digital signature
Package: wnpp
Severity: wishlist
X-Debbugs-CC: debian-devel@lists.debian.org
Package name: auto07p
Version: 0.6
Upstream Author: Eusebius Doedel
URL: http://indy.cs.concordia.ca/auto/
License: BSD with some part GPL
Description: AUTO is a software for continuati
How can I get information about pt_BR translations status? I am with
free time to help in what will be necessary.
Klebson Porfirio DCE-UFAL
2009
E-mail/MSN: klebs...@gmail.com - Jabber: kleb...@jabber.org
Usuário Linux #481658 Gn
Package: wnpp
Severity: wishlist
X-Debbugs-CC: debian-devel@lists.debian.org
Package name: omaque
Version: 0.9.1
Upstream Author: David Palacio ]
URL: http://github.com/dpalacio/omaque/tree/master
http://www.kde-
apps.org/content/show.php/Omaque+(comicboo
Package: wnpp
Severity: wishlist
Owner: Vincent Fourmond
* Package name: jmol
Version : 11.6
Upstream Author : Jmol team
* URL : http://jmol.sourceforge.net/
* License : LGPL
Programming Lang: Java, Javascript
Description : java molecular graphics syste
Quoting Klebson Porfirio (klebs...@gmail.com):
> How can I get information about pt_BR translations status? I am with
> free time to help in what will be necessary.
That would be debian-l10n-portugu...@lists.debian.org.
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a s
27 matches
Mail list logo