On Sat, 10 Jul 2004 12:00:07 +0200, Dale Amon wrote:
>
> I'd like a black and white clarification of the impact
> of the change so I know for certain whether to be
> incredibly pissed off at the packager or not:
>
> "If I were to dselect today, would I still
>be able to print to fil
Has anyone invited our Mozilla packager to participate in this
discussion?
--
Carl Fink [EMAIL PROTECTED]
Jabootu's Minister of Proofreading
http://www.jabootu.com
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTE
* Don Armstrong:
> Perhaps I've missed something, but everything that I've read in the
> threads so far amounts to people either assuming that there's an issue
> and not defining it, or attempting to figure out where the issue is.
This summary is correct as far as I can see. No real security iss
On Sat, 10 Jul 2004, Michael B Allen wrote:
> My impression was that the PostScript generator had the security
> issue
Can someone please state, for the record, definitively and precisely
what this "security issue" is?
The fact that PS is a turing complete language isn't a security issue,
beyond
On Sat, 10 Jul 2004 11:19:03 -0400
Greg Folkert <[EMAIL PROTECTED]> wrote:
> Excuse the cross posting, but many are "discussing" on all of these
> lists.
>
> On Sat, 2004-07-10 at 06:47, Magnus Therning wrote:
> > >
> > > "If I were to dselect today, would I still
> > >be able to print to f
On Saturday 10 July 2004 5:47 am, Magnus Therning wrote:
> >I'd like a black and white clarification of the impact
> >of the change so I know for certain whether to be
> >incredibly pissed off at the packager or not:
> >
> > "If I were to dselect today, would I still
> > be able to pr
Excuse the cross posting, but many are "discussing" on all of these
lists.
On Sat, 2004-07-10 at 06:47, Magnus Therning wrote:
> >
> > "If I were to dselect today, would I still
> > be able to print to file a website page
> > as ps?" [Y/N]
>
> Yes. Printing PS to a file is still p
On Sat, Jul 10, 2004 at 12:47:18PM +0200, Magnus Therning wrote:
> Yes. Printing PS to a file is still possible.
Thanks. I had visions of all sorts of extra work in
order to just stand still. Now I can forget about this
and go back to writing my mail address verify
daemon...
--
On Sat, Jul 10, 2004 at 10:47:08AM +0100, Dale Amon wrote:
>On Fri, Jul 09, 2004 at 06:38:49PM -0500, Brad Sims wrote:
>> If you want postscript back; simply grab the source deb and roll your own;
>> just edit rules under the debian folder. Delete the '--with-xprint' and
>> '--disable-postscript'
On Fri, Jul 09, 2004 at 06:38:49PM -0500, Brad Sims wrote:
> If you want postscript back; simply grab the source deb and roll your own;
> just edit rules under the debian folder. Delete the '--with-xprint' and
> '--disable-postscript' lines and do 'dpkg-buildpackage -rfakeroot'. However
> I did g
On Thursday 08 July 2004 7:18 pm, Reid Priedhorsky wrote:
> Googling and searching the bug database only yielded a vague claim about a
> remote exploit (bug #247585). I also asked over on debian-user and while
> the flurry of replies showed that the removal decision was controversial
> if not unpo
Hello all,
I have just discovered that the old-style printing option
"PostScript/default" is gone from Firefox and probably Mozilla (I don't
use Mozilla). Apparently a major reason for this is that the PostScript
printing engine that was removed has security problems.
Does anyone have any solid r
also sprach Javier Fernández-Sanguino Peña <[EMAIL PROTECTED]> [2002.03.07.1054
+0100]:
> > > Debian could provide, with only some effort from package
> > > maintainers versions of daemons chrooted to given environments. This
> > > however, might break Policy (IMHO).
> >
> > how would it break
also sprach Javier Fernández-Sanguino Peña <[EMAIL PROTECTED]> [2002.03.07.1054 +0100]:
> > > Debian could provide, with only some effort from package
> > > maintainers versions of daemons chrooted to given environments. This
> > > however, might break Policy (IMHO).
> >
> > how would it break
Javier Fernández-Sanguino Peña wrote:
>
> On Tue, Jan 15, 2002 at 01:51:32PM +0100, martin f krafft wrote:
> >
> > > Debian could provide, with only some effort from package
> > > maintainers versions of daemons chrooted to given environments. This
> > > however, might break Policy (IMHO).
> >
Javier Fernández-Sanguino Peña wrote:
>
> On Tue, Jan 15, 2002 at 01:51:32PM +0100, martin f krafft wrote:
> >
> > > Debian could provide, with only some effort from package
> > > maintainers versions of daemons chrooted to given environments. This
> > > however, might break Policy (IMHO).
>
On Tue, Jan 15, 2002 at 01:51:32PM +0100, martin f krafft wrote:
>
> > Debian could provide, with only some effort from package
> > maintainers versions of daemons chrooted to given environments. This
> > however, might break Policy (IMHO).
>
> how would it break policy?
(sorry, catching up
On Tue, Jan 15, 2002 at 01:51:32PM +0100, martin f krafft wrote:
>
> > Debian could provide, with only some effort from package
> > maintainers versions of daemons chrooted to given environments. This
> > however, might break Policy (IMHO).
>
> how would it break policy?
(sorry, catching up
On Tue, Jan 15, 2002 at 01:16:12PM +0100, Javier Fern?ndez-Sanguino Pe?a wrote:
> On Tue, Jan 15, 2002 at 10:21:00AM +0100, Tarjei wrote:
[snip]
> > Debian being what it is, are there any reasons why the
> > debian bind package should not be chroot as the default
> > instalation?
>
> RTFM. T
On Tue, Jan 15, 2002 at 01:16:12PM +0100, Javier Fern?ndez-Sanguino Pe?a wrote:
> On Tue, Jan 15, 2002 at 10:21:00AM +0100, Tarjei wrote:
[snip]
> > Debian being what it is, are there any reasons why the
> > debian bind package should not be chroot as the default
> > instalation?
>
> RTFM.
Tarjei <[EMAIL PROTECTED]> writes:
> Hmm. Here's a suggestion.
>
> - This idea is based on the asumtion that espesially serversystems need
> good security.
*All* installed boxes need adequate securing. Linux worms would not
propagate if it weren't for a critical mass of idiots running unpatched
d
Hmm. Here's a suggestion.
- This idea is based on the asumtion that espesially serversystems need
good security.
1. Make a votingpage and anounce it on debian-users asking what are the
main servers people are running on their debian systems.
2. Go through the 10 highest and make sure they
also sprach Javier Fernández-Sanguino Peña <[EMAIL PROTECTED]> [2002.01.15.1316
+0100]:
> > Debian being what it is, are there any reasons why the debian bind
> > package should not be chroot as the default instalation?
>
> RTFM. That is:
> http://www.debian.org/doc/manuals/securing-debian
Javier Fernández-Sanguino Peña <[EMAIL PROTECTED]> writes:
> On Tue, Jan 15, 2002 at 10:21:00AM +0100, Tarjei wrote:
> > >
>> >
>> >I recall there being discussion a while back about packaging chroot
>> >bind. I don't know whether or not anything came of it at all. There is
>> >
>> Debian being
On Tue, Jan 15, 2002 at 10:21:00AM +0100, Tarjei wrote:
> >
> >
> >I recall there being discussion a while back about packaging chroot
> >bind. I don't know whether or not anything came of it at all. There is
> >
> Debian being what it is, are there any reasons why the debian bind
> package shou
Tarjei <[EMAIL PROTECTED]> writes:
> Hmm. Here's a suggestion.
>
> - This idea is based on the asumtion that espesially serversystems need
> good security.
*All* installed boxes need adequate securing. Linux worms would not
propagate if it weren't for a critical mass of idiots running unpatched
Hmm. Here's a suggestion.
- This idea is based on the asumtion that espesially serversystems need
good security.
1. Make a votingpage and anounce it on debian-users asking what are the
main servers people are running on their debian systems.
2. Go through the 10 highest and make sure they fo
also sprach Javier Fernández-Sanguino Peña <[EMAIL PROTECTED]> [2002.01.15.1316 +0100]:
> > Debian being what it is, are there any reasons why the debian bind
> > package should not be chroot as the default instalation?
>
> RTFM. That is:
>
>http://www.debian.org/doc/manuals/securing-debi
Javier Fernández-Sanguino Peña <[EMAIL PROTECTED]> writes:
> On Tue, Jan 15, 2002 at 10:21:00AM +0100, Tarjei wrote:
> > >
>> >
>> >I recall there being discussion a while back about packaging chroot
>> >bind. I don't know whether or not anything came of it at all. There is
>> >
>> Debian being
On Tue, Jan 15, 2002 at 10:21:00AM +0100, Tarjei wrote:
> >
> >
> >I recall there being discussion a while back about packaging chroot
> >bind. I don't know whether or not anything came of it at all. There is
> >
> Debian being what it is, are there any reasons why the debian bind
> package sho
I'd agree with your comments. I being looking at
OpenBSD (for various reasons) and the default setup is
reasonable secure (there are still some things left on
, which supprised me). Not sure if Debian needs to go
as far as OpenBSD but I think that it is a good
referance base
Jon
--- Tarjei <[EM
I recall there being discussion a while back about packaging chroot
bind. I don't know whether or not anything came of it at all. There is
Debian being what it is, are there any reasons why the debian bind
package should not be chroot as the default instalation?
One thing that might be a g
I'd agree with your comments. I being looking at
OpenBSD (for various reasons) and the default setup is
reasonable secure (there are still some things left on
, which supprised me). Not sure if Debian needs to go
as far as OpenBSD but I think that it is a good
referance base
Jon
--- Tarjei <[E
>
>
>I recall there being discussion a while back about packaging chroot
>bind. I don't know whether or not anything came of it at all. There is
>
Debian being what it is, are there any reasons why the debian bind
package should not be chroot as the default instalation?
One thing that might be
34 matches
Mail list logo