Hi all,
Fedora-ARM 12 is now available!
The RFS is available at:
http://ftp.linux.org.uk/pub/linux/arm/fedora/rootfs/rootfs-f12.tar.bz2
The following package groups are available: Base, Core, Base-X,
GNOME-Desktop, XFCE-Desktop, Java, Java-Development, Admin-Tools,
System-Tools, Web Server, and
The Cooperative Bug Isolation Project (CBI) is now available for Fedora
12. CBI (http://www.cs.wisc.edu/cbi/) is an ongoing research effort to
find and fix bugs in the real world. We distribute specially modified
versions of popular open source software packages. These special
versions
On 11/18/2009 02:15 AM, peng chen wrote:
hello, fedora-buildsys-list:
when I requset a build task for pakcage anaconda to koji,
one errie error come out.
It detailed as follow:
pg.DatabaseError: error ' ERROR: new row for relation task violates
check constraint task_weight_check
On 11/18/2009 02:15 AM, peng chen wrote:
hello, fedora-buildsys-list:
when I requset a build task for pakcage anaconda to koji,
one errie error come out.
It detailed as follow:
pg.DatabaseError: error ' ERROR: new row for relation task violates
check constraint task_weight_check '
/attachments/20091118/b463b957/attachment.html
--
Message: 2
Date: Wed, 18 Nov 2009 08:51:54 -0500
From: Mike Bonnet mi...@redhat.com
Subject: Re: Postgresql Database Error
To: fedora-buildsys-list@redhat.com
Message-ID: 4b03fbfa.2000...@redhat.com
Content-Type: text
On 11/18/09 07:55, Josephine Tannhäuser wrote:
I think this is a script which reads your currently used architecture
and provide a dl link. please insert a x86_64 livecd and try it again!
Wrong. Going there with Fedora 11/x86_64 (firefox) offers the 32bit
version too.
cheers,
Gerd
--
On Tue, 2009-11-17 at 11:33 +0100, Christoph Höger wrote:
Hi,
I just wanted to report an evolution crash report with abrt. All I get
(besides a stacktrace) is libcurl failed HTTP Post.
It would help if your bug report would be more informative:
What version of abrt?
Can you give the
On Tuesday 17 November 2009 08:54:38 Jindrich Novy wrote:
Do you see anything broken on non-x86_64 arches? I checked the F12 repo and
everything looks sane to me.
You are right, it was a problem on my side.
Jindrich
--
José Abílio
--
fedora-devel-list mailing list
On Wed, 18 Nov 2009 10:29:10 +0100, Denys wrote:
Did anybody submit bugs successfully using this tool?
Yes.
Well, with F-12 and a segfault in Claws Mail, it created a bugzilla ticket
for me, but I couldn't get it to upload/attach the backtrace. Not even
when retrying multiple times to send
2009/11/18 Gerd Hoffmann kra...@redhat.com
On 11/18/09 07:55, Josephine Tannhäuser wrote:
I think this is a script which reads your currently used architecture
and provide a dl link. please insert a x86_64 livecd and try it again!
Wrong. Going there with Fedora 11/x86_64 (firefox) offers
On Wed, 18 Nov 2009 00:38:31 +0100, Martin wrote:
https://bugzilla.redhat.com/show_bug.cgi?id=537587
Hm... on a very quick first look, you obviously don't follow
https://fedoraproject.org/wiki/Packaging:NamingGuidelines#Package_Release
The difference being that *you* point out a specific
On 11/12/2009 06:50 PM, Dan Williams wrote:
On Thu, 2009-11-12 at 10:31 -0700, Nathanael D. Noblet wrote:
Hello,
I've been running F12/rawhide from a preupgrade from F11 for a couple
weeks now. I've just recently noticed the abrt feature. I started
submitting the bugs it found in the
On Tue, Nov 17, 2009 at 03:56:16PM -0500, Chris Ball wrote:
Hi,
I'm not sure how much of this can/should be automated.
Sorry, not quite following -- what is the caution around automatically
creating a new snapshot before each yum transaction? Why shouldn't it
be automated?
AIUI it
Hi,
a new firefox (3.6 beta 2) just hit rawhide (a.k.a f13). There are some
changes which affect everyone who builds with xulrunner-devel-unstable
package.
Mozilla decided to merge all include directories to one (mozbz#398573)
and stop shipping stable/unstable packages. So all
Compose started at Wed Nov 18 08:15:06 UTC 2009
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
2009/11/18 Orcan Ogetbil oget.fed...@gmail.com:
On Tue, Nov 17, 2009 at 10:18 AM, Jesse Keating wrote:
On Mon, 2009-11-16 at 17:11 -0600, Jason L Tibbitts III wrote:
Actually not if done in conjunction with a release bump, such as we do
with a mass rebuild.
Only if we make a promise to
may be, but sponsors or reviewers doesn't have entire day free time.
I have only asked reporter to post spec file + src.rpm file.
The difference being that *you* point out a specific item in the
guidelines (helpful!) whereas the reviewer pointed at the top-level Wiki
page for maintainers
On Tue, 2009-11-17 at 23:34 -0500, Chris Ball wrote:
Given the above, do you think you'd be okay with having:
Filesystem snapshot that will be active on next boot: drop-down
Shouldn't it say next time volume is mounted instead of next boot?
We can always special case rootfs to say next
I'm trying to build cairomm 1.8.4 in devel, but the tags that I get are
dist-f12, and when I try and actually do the build I get an error saying:
/usr/bin/koji build dist-f12
'cvs://cvs.fedoraproject.org/cvs/pkgs?rpms/cairomm/devel#cairomm-1_8_4-1_fc12'
Usage: koji build [options] target URL
On 11/18/2009 10:29 AM, Rick L. Vinyard, Jr. wrote:
Shouldn't I be getting f13 tags with make tag?
If you run: cvs update -d in the top level checkout directory, you will. ;)
~spot
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
On Wed, 18 Nov 2009 12:44:50 -0200, Itamar wrote:
may be, but sponsors or reviewers doesn't have entire day free time.
True, but an entire day is not needed. And nobody forces you to become a
reviewer [or a sponsor] and spend any time at all on reviewing or guiding
[new] packagers. The
On Wed, Nov 18, 2009 at 1:43 PM, Michael Schwendt mschwe...@gmail.com wrote:
On Wed, 18 Nov 2009 12:44:50 -0200, Itamar wrote:
may be, but sponsors or reviewers doesn't have entire day free time.
True, but an entire day is not needed. And nobody forces you to become a
reviewer [or a sponsor]
Hi David,
Shouldn't it say next time volume is mounted instead of next
boot? We can always special case rootfs to say next boot of
course (since rootfs can't be unmounted until next boot).
Good point. That's fine.
Also, what is the mechanism to configure this? Just a simple
Toshio Kuratomi a.bad...@gmail.com writes:
On Wed, Nov 18, 2009 at 12:08:15AM -0500, Orcan Ogetbil wrote:
Is RPM so hard to hack to work this around?
There's many things that need to be changed in rpm but IMHO this isn't one
of them. RPM produces predictable versioning. Hacking it up with
Michael Schwendt wrote:
On Wed, 18 Nov 2009 08:53:16 -0700, Jr. wrote:
Tom \spot\ Callaway wrote:
On 11/18/2009 10:29 AM, Rick L. Vinyard, Jr. wrote:
Shouldn't I be getting f13 tags with make tag?
If you run: cvs update -d in the top level checkout directory, you
will.
;)
I did.
On Wed, Nov 18, 2009 at 1:55 AM, Josephine Tannhäuser
josephine.tannhau...@googlemail.com wrote:
2009/11/18, Gregory Maxwell gmaxw...@gmail.com:
I noticed that http://fedoraproject.org/get-fedora appears to be
strongly promoting i386 Fedora over x86_64. Is this intentional or an
oversight?
I
Yikes! When was it decided that non-root users get to play root?
Ref:
https://bugzilla.redhat.com/show_bug.cgi?id=534047
This is horrible!
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
On 11/17/09 9:14 PM, Chris Ball wrote:
Hi,
Multitouch means, several mousepointers and you can move them all
seperately.
No, that's what multi-pointer means. Multi-Pointer X is already in
F12.
...
Multitouch refers to technologies that involve extrapolating from
motion of
On 11/18/2009 10:38 PM, nodata wrote:
Yikes! When was it decided that non-root users get to play root?
Ref:
https://bugzilla.redhat.com/show_bug.cgi?id=534047
This is horrible!
The subject of the mail doesn't actually match the description in the
bug report. Richard Hughes says:
On 11/18/2009 07:04 AM, Ikem Krueger wrote:
The X level support is already in F12 - see:
http://fedoraproject.org/wiki/Features/XI2
Application level support will come later
Do you know when?
I ask, because Windows and Mac OS already have them and Linux is a bit
behind with it.
2009/11/18 Rahul Sundaram sunda...@fedoraproject.org:
If you have a problem with this, do explain why. Not suggesting it is
not a problem but being more descriptive does help.
Well, the security is dependent on the strength of the
repository/package signature verification scheme. I am not
A package I'm building has an (optional) test which does a local
non-root fuse mount in order to run some tests. In Koji this gives
the error:
fuse: device not found, try 'modprobe fuse' first
So I have a couple of questions about this:
I think in RHEL 5.4 the fuse module was added to the
2009/11/18 Rahul Sundaram sunda...@fedoraproject.org:
On 11/18/2009 10:38 PM, nodata wrote:
Yikes! When was it decided that non-root users get to play root?
Ref:
https://bugzilla.redhat.com/show_bug.cgi?id=534047
This is horrible!
The subject of the mail doesn't actually match the
Compose started at Wed Nov 18 08:15:06 UTC 2009
New package bucardo
Postgres replication system for both multi-master and multi-slave
operations
New package gwsmhg
A PyGTK GUI wrapper for hg and mq
New package picocontainer
Dependency-injection container
New package
On Wed, 2009-11-18 at 18:08 +0100, nodata wrote:
Yikes! When was it decided that non-root users get to play root?
Ref:
https://bugzilla.redhat.com/show_bug.cgi?id=534047
This is horrible!
Seems fair as the default for a desktop installation.
Once we get the new user management stuff
Am 2009-11-18 18:08, schrieb nodata:
Yikes! When was it decided that non-root users get to play root?
Ref:
https://bugzilla.redhat.com/show_bug.cgi?id=534047
This is horrible!
Just to elaborate:
A local user is allowed to install software on the machine without being
prompted for the root
nodata wrote:
Am 2009-11-18 18:08, schrieb nodata:
Yikes! When was it decided that non-root users get to play root?
Ref:
https://bugzilla.redhat.com/show_bug.cgi?id=534047
This is horrible!
Just to elaborate:
A local user is allowed to install software on the machine without
being
Am 2009-11-18 18:14, schrieb Rahul Sundaram:
On 11/18/2009 10:38 PM, nodata wrote:
Yikes! When was it decided that non-root users get to play root?
Ref:
https://bugzilla.redhat.com/show_bug.cgi?id=534047
This is horrible!
The subject of the mail doesn't actually match the description in
On Wed, 18 Nov 2009, Jon Ciesla wrote:
nodata wrote:
Am 2009-11-18 18:08, schrieb nodata:
Yikes! When was it decided that non-root users get to play root?
Ref:
https://bugzilla.redhat.com/show_bug.cgi?id=534047
This is horrible!
Just to elaborate:
A local user is allowed to install
Am 2009-11-18 18:45, schrieb Bastien Nocera:
On Wed, 2009-11-18 at 18:08 +0100, nodata wrote:
Yikes! When was it decided that non-root users get to play root?
Ref:
https://bugzilla.redhat.com/show_bug.cgi?id=534047
This is horrible!
Seems fair as the default for a desktop installation.
On 11/18/2009 11:19 PM, nodata wrote:
Thanks. I have changed the title to:
All users get to install software on a machine they do not have the
root password to
.. if the packages are signed and from a signed repository. So, you left
out the important part. Explain why this is a problem in a
Am 2009-11-18 18:48, schrieb Rahul Sundaram:
On 11/18/2009 11:19 PM, nodata wrote:
Thanks. I have changed the title to:
All users get to install software on a machine they do not have the
root password to
.. if the packages are signed and from a signed repository. So, you left
out the
Seth Vidal wrote:
On Wed, 18 Nov 2009, Jon Ciesla wrote:
nodata wrote:
Am 2009-11-18 18:08, schrieb nodata:
Yikes! When was it decided that non-root users get to play root?
Ref:
https://bugzilla.redhat.com/show_bug.cgi?id=534047
This is horrible!
Just to elaborate:
A local user is
On 11/18/2009 06:49 PM, Seth Vidal wrote:
On Wed, 18 Nov 2009, Jon Ciesla wrote:
nodata wrote:
Am 2009-11-18 18:08, schrieb nodata:
Yikes! When was it decided that non-root users get to play root?
Ref:
https://bugzilla.redhat.com/show_bug.cgi?id=534047
This is horrible!
Just to
On 11/18/2009 11:27 PM, nodata wrote:
Why is it a problem? For all of the reasons that it has never been a
problem before. For the reason that the user is not the administrator or
the box, for the reason that the user is the user for a reason, for the
reason that by default Linux should act
On Wed, 18 Nov 2009, Jon Ciesla wrote:
Seth Vidal wrote:
On Wed, 18 Nov 2009, Jon Ciesla wrote:
nodata wrote:
Am 2009-11-18 18:08, schrieb nodata:
Yikes! When was it decided that non-root users get to play root?
Ref:
https://bugzilla.redhat.com/show_bug.cgi?id=534047
This is
On Wed, 18 Nov 2009, Dennis J. wrote:
You have PackageKit installed on servers? really?
Why shouldn't he? AFAIK there is nothing in the package warning users not to
install this on a server.
like I said in another email - I think of installing things on servers as
'barest minimal' and
Am 2009-11-18 19:04, schrieb Seth Vidal:
On Wed, 18 Nov 2009, Jon Ciesla wrote:
Seth Vidal wrote:
On Wed, 18 Nov 2009, Jon Ciesla wrote:
nodata wrote:
Am 2009-11-18 18:08, schrieb nodata:
Yikes! When was it decided that non-root users get to play root?
Ref:
Seth Vidal wrote:
On Wed, 18 Nov 2009, Jon Ciesla wrote:
Seth Vidal wrote:
On Wed, 18 Nov 2009, Jon Ciesla wrote:
nodata wrote:
Am 2009-11-18 18:08, schrieb nodata:
Yikes! When was it decided that non-root users get to play root?
Ref:
Xorg has a lot of catching up to do. Just be patient.
I am not very good at it. xD
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
On Wed, 18 Nov 2009, nodata wrote:
-sv
I do if it's in the default DVD install, or was pulled in in an
upgrade. I've never intentionally installed it, and yes I do. Never
imagined it would be a problem. I'll remove it.
Maybe you and I have a different concept of 'Servers'. But I tend to
On 11/18/2009 11:38 PM, Ikem Krueger wrote:
Xorg has a lot of catching up to do. Just be patient.
I am not very good at it. xD
Alternatively, make yourself busy by contributing :-) Help us.
http://join.fedoraproject.org
Rahul
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
I noticed that http://fedoraproject.org/get-fedora appears to be
strongly promoting i386 Fedora over x86_64. Is this intentional or an
oversight?
I agree, that was my first impression as well.
However, if you just want a single download now button, 32-bit would get
you the widest hardware
On Wed, Nov 18, 2009 at 23:18:28 +0530,
Rahul Sundaram sunda...@fedoraproject.org wrote:
On 11/18/2009 11:19 PM, nodata wrote:
Thanks. I have changed the title to:
All users get to install software on a machine they do not have the
root password to
.. if the packages are signed
Seth Vidal wrote:
On Wed, 18 Nov 2009, nodata wrote:
-sv
I do if it's in the default DVD install, or was pulled in in an
upgrade. I've never intentionally installed it, and yes I do. Never
imagined it would be a problem. I'll remove it.
Maybe you and I have a different concept of
On Wed, Nov 18, 2009 at 17:45:26 +,
Bastien Nocera bnoc...@redhat.com wrote:
Once we get the new user management stuff into F13 [1], we'd probably
tighten that rule so that only admins are given the option, or all users
but with the need to authenticate as an admin.
This seems pretty
On Wed, 2009-11-18 at 17:45 +, Bastien Nocera wrote:
On Wed, 2009-11-18 at 18:08 +0100, nodata wrote:
Yikes! When was it decided that non-root users get to play root?
Ref:
https://bugzilla.redhat.com/show_bug.cgi?id=534047
This is horrible!
Seems fair as the default for a
Hi,
On Wed, Nov 18, 2009 at 12:08 PM, nodata l...@nodata.co.uk wrote:
Yikes! When was it decided that non-root users get to play root?
This is hardly the first uid 0 operation we've granted users access
to in the operating system, and it won't be the last. For example, on
a timesharing Unix
On Wed, 18 Nov 2009, Jon Ciesla wrote:
Seth Vidal wrote:
On Wed, 18 Nov 2009, nodata wrote:
-sv
I do if it's in the default DVD install, or was pulled in in an
upgrade. I've never intentionally installed it, and yes I do. Never
imagined it would be a problem. I'll remove it.
Maybe
On 11/18/2009 11:44 PM, Bruno Wolff III wrote:
Besides other issues listed, the packages being installed may be privileged
programs that the admin doesn't want on the system, may start services or
schedule runs at specified times by default which might considered a
problem by the admin, the
On Wed, 18 Nov 2009, Konstantin Ryabitsev wrote:
2009/11/18 Jon Ciesla l...@jcomserv.net:
A local user is allowed to install software on the machine without being
prompted for the root password.
This is a recipe for disaster in my opinion.
So much for granting shell access on my servers.
On 11/18/2009 11:48 PM, Colin Walters wrote:
So you raise a reasonable issue, which is how do you know when the
defaults change, or new privileges are added? We don't have a very
good system for that now; ideally we would detect when new packages
are added to @gnome-desktop that include
Am 2009-11-18 19:18, schrieb Colin Walters:
Hi,
On Wed, Nov 18, 2009 at 12:08 PM, nodatal...@nodata.co.uk wrote:
Yikes! When was it decided that non-root users get to play root?
This is hardly the first uid 0 operation we've granted users access
to in the operating system, and it won't be
On Wed, Nov 18, 2009 at 13:05:31 -0500,
Seth Vidal skvi...@fedoraproject.org wrote:
like I said in another email - I think of installing things on
servers as 'barest minimal' and then adding things I require.
Nothing else.
Maybe I'm in the minority.
I don't like the idea of packages
On Wed, 18 Nov 2009, Bruno Wolff III wrote:
On Wed, Nov 18, 2009 at 23:18:28 +0530,
Rahul Sundaram sunda...@fedoraproject.org wrote:
On 11/18/2009 11:19 PM, nodata wrote:
Thanks. I have changed the title to:
All users get to install software on a machine they do not have the
root
On Wed, 2009-11-18 at 23:29 +0530, Rahul Sundaram wrote:
Should the defaults be targeted towards home users or corporate
desktop
considering the short lifecycle of Fedora and the target audience? I
am
not sure there are corporate deployments but wouldn't they be heavily
customized their
On Wed, 2009-11-18 at 23:18 +0530, Rahul Sundaram wrote:
On 11/18/2009 11:19 PM, nodata wrote:
Thanks. I have changed the title to:
All users get to install software on a machine they do not have the
root password to
.. if the packages are signed and from a signed repository. So,
On Wed, 18 Nov 2009, nodata wrote:
Am 2009-11-18 19:18, schrieb Colin Walters:
This is a major change. I vote for secure by default.
If the admin wishes this surprise-root feature to be enabled he can enable
it.
I'm not sure how this is 'surprise root'. IT will only allow installs of
On 11/18/2009 07:05 PM, Seth Vidal wrote:
On Wed, 18 Nov 2009, Dennis J. wrote:
You have PackageKit installed on servers? really?
Why shouldn't he? AFAIK there is nothing in the package warning users
not to install this on a server.
like I said in another email - I think of installing
On Wed, 2009-11-18 at 13:10 -0500, Seth Vidal wrote:
Maybe you have a different concept of security, but I don't want any
user on
the server installing software, no matter what.
right - which is why I wouldn't install PK on a server.
yum doesn't allow users to install pkgs, only root.
On Wed, 2009-11-18 at 12:16 -0600, Bruno Wolff III wrote:
On Wed, Nov 18, 2009 at 17:45:26 +,
Bastien Nocera bnoc...@redhat.com wrote:
Once we get the new user management stuff into F13 [1], we'd probably
tighten that rule so that only admins are given the option, or all users
but
2009/11/18 Seth Vidal skvi...@fedoraproject.org:
I may be wrong, but I understand that this behaviour of PackageKit
only applies to users with direct console access (i.e. not remote
shells). So, only users that are logged in via GDM or TTY would be
able to perform such tasks.
This
On Wed, 18 Nov 2009, Simo Sorce wrote:
On Wed, 2009-11-18 at 13:10 -0500, Seth Vidal wrote:
Maybe you have a different concept of security, but I don't want any
user on
the server installing software, no matter what.
right - which is why I wouldn't install PK on a server.
yum doesn't
On Wed, Nov 18, 2009 at 13:22:03 -0500,
Seth Vidal skvi...@fedoraproject.org wrote:
If there are pkgs which run daemons which are defaulting to ON when
installed or on next reboot - then we should be auditing those pkgs.
Last I checked we default to OFF and that should continue to be the
On Wed, 2009-11-18 at 13:19 -0500, Konstantin Ryabitsev wrote:
This significantly limits the number of users with powers to install
signed software -- almost to the point of where it sounds like a fair
trade-off. If someone has physical access to the machine, then heck --
it's not like they
Seth Vidal wrote:
On Wed, 18 Nov 2009, Jon Ciesla wrote:
Seth Vidal wrote:
On Wed, 18 Nov 2009, nodata wrote:
-sv
I do if it's in the default DVD install, or was pulled in in an
upgrade. I've never intentionally installed it, and yes I do. Never
imagined it would be a problem. I'll
On Wed, 2009-11-18 at 13:05 -0500, Seth Vidal wrote:
On Wed, 18 Nov 2009, Dennis J. wrote:
You have PackageKit installed on servers? really?
Why shouldn't he? AFAIK there is nothing in the package warning users not
to
install this on a server.
like I said in another email - I
On Wed, 18 Nov 2009, Dennis J. wrote:
In fact I agree with you but this doesn't really address my point.
How do you make sure the packages that are part of your minimal list don't
introduce such a backdoor with the next update?
You check them.
That's the best you can do.
It's just like
On Wed, 2009-11-18 at 13:23 -0500, Seth Vidal wrote:
I'm not sure how this is 'surprise root'. IT will only allow installs
of
pkgs signed with a key you trust from a repo you've setup.
which pretty much means: if the admin trusts the repo, then it is
okay.
if the admin doesn't trust the
Am 2009-11-18 19:28, schrieb Seth Vidal:
On Wed, 18 Nov 2009, Simo Sorce wrote:
On Wed, 2009-11-18 at 13:10 -0500, Seth Vidal wrote:
Maybe you have a different concept of security, but I don't want any
user on
the server installing software, no matter what.
right - which is why I
On Wed, 2009-11-18 at 13:28 -0500, Seth Vidal wrote:
On Wed, 18 Nov 2009, Simo Sorce wrote:
On Wed, 2009-11-18 at 13:10 -0500, Seth Vidal wrote:
Maybe you have a different concept of security, but I don't want any
user on
the server installing software, no matter what.
right -
2009/11/18 Simo Sorce sso...@redhat.com:
On Wed, 2009-11-18 at 13:19 -0500, Konstantin Ryabitsev wrote:
This significantly limits the number of users with powers to install
signed software -- almost to the point of where it sounds like a fair
trade-off. If someone has physical access to the
Am 2009-11-18 19:16, schrieb Bruno Wolff III:
On Wed, Nov 18, 2009 at 17:45:26 +,
Bastien Nocerabnoc...@redhat.com wrote:
Once we get the new user management stuff into F13 [1], we'd probably
tighten that rule so that only admins are given the option, or all users
but with the need to
On Wed, 2009-11-18 at 13:41 -0500, Konstantin Ryabitsev wrote:
2009/11/18 Simo Sorce sso...@redhat.com:
On Wed, 2009-11-18 at 13:19 -0500, Konstantin Ryabitsev wrote:
This significantly limits the number of users with powers to install
signed software -- almost to the point of where it
Once upon a time, Rahul Sundaram sunda...@fedoraproject.org said:
.. if the packages are signed and from a signed repository. So, you left
out the important part. Explain why this is a problem in a bit more
detail.
Fedora has made a big push into the multi-user desktop (which many home
On 11/18/2009 07:30 PM, Seth Vidal wrote:
On Wed, 18 Nov 2009, Dennis J. wrote:
In fact I agree with you but this doesn't really address my point.
How do you make sure the packages that are part of your minimal list
don't introduce such a backdoor with the next update?
You check them.
On 09-11-18 13:44:43, nodata wrote:
Am 2009-11-18 19:16, schrieb Bruno Wolff III:
On Wed, Nov 18, 2009 at 17:45:26 +,
Bastien Nocerabnoc...@redhat.com wrote:
Once we get the new user management stuff into F13 [1], we'd
probably tighten that rule so that only admins are given the
Am 2009-11-18 19:50, schrieb Tony Nelson:
On 09-11-18 13:44:43, nodata wrote:
Am 2009-11-18 19:16, schrieb Bruno Wolff III:
On Wed, Nov 18, 2009 at 17:45:26 +,
Bastien Nocerabnoc...@redhat.com wrote:
Once we get the new user management stuff into F13 [1], we'd
probably tighten that
On Wed, 2009-11-18 at 13:22 -0500, James Antill wrote:
7. And the most obvious one ... how hard is it to get a bad package into
one of the repos. that the machine has enabled.
Right, PK is counting on this being sufficiently difficult enough to
prevent bad things from happening. While I'd
On 11/18/2009 01:14 PM, Rahul Sundaram wrote:
On 11/18/2009 11:44 PM, Bruno Wolff III wrote:
Besides other issues listed, the packages being installed may be privileged
programs that the admin doesn't want on the system, may start services or
schedule runs at specified times by default which
Am 2009-11-18 19:14, schrieb Rahul Sundaram:
On 11/18/2009 11:44 PM, Bruno Wolff III wrote:
Besides other issues listed, the packages being installed may be privileged
programs that the admin doesn't want on the system, may start services or
schedule runs at specified times by default which
2009/11/18 Simo Sorce sso...@redhat.com:
If I have physical access to your machine, I'll own it. I may have to
use tools to get to the HDD, but it's only a question of time and
dedication.
*you* are not one of my users, and this has nothing to do with *you*
hacking in my machine. If I have
On 11/18/2009 01:22 PM, James Antill wrote:
3. Are there any attacks due to disk space used? Eg. If /var is low² I
can probably install enough pkgs to make logging stop.
I'm betting there's still enough systems out there without enough space in /usr
for the entire package set.
--CJD
--
2009/11/18 Casey Dahlin cdah...@redhat.com:
On 11/18/2009 01:22 PM, James Antill wrote:
3. Are there any attacks due to disk space used? Eg. If /var is low² I
can probably install enough pkgs to make logging stop.
I'm betting there's still enough systems out there without enough space in
On Wed, 18 Nov 2009, Konstantin Ryabitsev wrote:
2009/11/18 Casey Dahlin cdah...@redhat.com:
On 11/18/2009 01:22 PM, James Antill wrote:
3. Are there any attacks due to disk space used? Eg. If /var is low² I
can probably install enough pkgs to make logging stop.
I'm betting there's
On Wed, Nov 18, 2009 at 1:48 PM, Chris Adams cmad...@hiwaay.net wrote:
It seems the latest way of doing this is via PolicyKit. IMHO all
PolicyKit configuration should be secure by default,
secure is an meaningless term without reference to a deployment
model and threat model, but let's assume
2009/11/18 Jonathan Underwood jonathan.underw...@gmail.com:
Well, it's all a bit inconsistent presently:
$ yum install maxima
Loaded plugins: presto, refresh-packagekit
You need to be root to perform this command.
yum isn't PackageKit. Different tools, different feature-sets.
Richard.
--
On Wed, 2009-11-18 at 14:11 -0500, Colin Walters wrote:
I would agree with that, but it's not trivial. Are we just scoping in
PackageKit here, or also consolehelper @console actions? Does it
imply removing the setuid bit from /bin/ping?
It seem obvious we are talking only about this
2009/11/18 Casey Dahlin cdah...@redhat.com:
By the admin's first opportunity to change the settings the box could already
be rooted.
I'm not sure how you can root a computer from installing signed
content by a user that already has physical access to the machine.
Richard.
--
On 11/18/2009 02:10 PM, Seth Vidal wrote:
On Wed, 18 Nov 2009, Konstantin Ryabitsev wrote:
2009/11/18 Casey Dahlin cdah...@redhat.com:
On 11/18/2009 01:22 PM, James Antill wrote:
3. Are there any attacks due to disk space used? Eg. If /var is low² I
can probably install enough pkgs to
1 - 100 of 539 matches
Mail list logo
