Hello,
Apparently someone suddenly got a good idea that you need to be root to
reprogram the keyboard, and got a patch merged into the Linux kernel:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=0b360adbdb54d5b98b78d57ba0916bc4b8871968
The result is that the ke
Daniël Mantione wrote:
Apparently someone suddenly got a good idea that you need to be root to
[snip]
The result is that the keyboard unit is no longer able to catch keys like
escape, shift+tab alt+F1..F12 etc. on the Linux console. This affects the
Perhaps the programming can be reverted wh
Op Fri, 13 Jul 2007, schreef Micha Nelissen:
> Daniël Mantione wrote:
> > Apparently someone suddenly got a good idea that you need to be root to
> [snip]
> > The result is that the keyboard unit is no longer able to catch keys like
> > escape, shift+tab alt+F1..F12 etc. on the Linux console. T
Daniël Mantione schrieb:
> Hello,
>
> Apparently someone suddenly got a good idea that you need to be root to
> reprogram the keyboard, and got a patch merged into the Linux kernel:
>
> http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=0b360adbdb54d5b98b78d57ba0916b
The linux kernel developpers are actually not a new phenomena. They have
been described in great detail in The Hitchhiker's Guide to the Galaxy
(http://en.wikipedia.org/wiki/The_Hitchhiker's_Guide_to_the_Galaxy) under
the name of "Sirius Cybernetics Corporation"
(http://en.wikipedia.org/wik
Op Fri, 13 Jul 2007, schreef Ales( Katona:
> I think that together with the debian gpm crap it's safe to flag linux
> as a non-target for the IDE and be done with it. It's IMHO not worth
> anyone's nerves to try and hit this moving tty/console target anymore...
Well, I need the IDE for compiler
I think that together with the debian gpm crap it's safe to flag linux
as a non-target for the IDE and be done with it. It's IMHO not worth
anyone's nerves to try and hit this moving tty/console target anymore...
Ales
___
fpc-devel maillist - fpc-devel
> Apparently someone suddenly got a good idea that you need to be root to
> reprogram the keyboard, and got a patch merged into the Linux kernel:
>
> http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=0b360adbdb54d5b98b78d57ba0916bc4b8871968
>
> The result is that th
On 7/13/07, Peter Popov <[EMAIL PROTECTED]> wrote:
The linux kernel developpers are actually not a new phenomena.
In my university we were once trying to build a linux driver for an
ISA board we had constructed, but it wouldn't work in anyway! we
studyed the problem hours after hours and nothin
On 17 Jul 2007, at 23:20, Marco van de Voort wrote:
The result is that the keyboard unit is no longer able to catch
keys like
escape, shift+tab alt+F1..F12 etc. on the Linux console. This
affects the
Free Pascal IDE and any other program using the keyboard unit.
Install the IDE setuid.
On 18 Jul 2007, at 14:08, Jonas Maebe wrote:
Install the IDE setuid.
That would be an extremely bad idea with the current stability
record of the IDE.
Not to mention that it allows you to open and overwrite any arbitrary
file.
Jonas
___
fpc
Jonas Maebe wrote:
On 18 Jul 2007, at 14:08, Jonas Maebe wrote:
Install the IDE setuid.
That would be an extremely bad idea with the current stability record
of the IDE.
Not to mention that it allows you to open and overwrite any arbitrary file.
Looking at that kernel patch, I see that
> On 18 Jul 2007, at 14:08, Jonas Maebe wrote:
>
> >> Install the IDE setuid.
> >
> > That would be an extremely bad idea with the current stability
> > record of the IDE.
>
> Not to mention that it allows you to open and overwrite any arbitrary
> file.
Yes. Just like we all have for decades
On Wed, 18 Jul 2007, Marco van de Voort wrote:
> > On 18 Jul 2007, at 14:08, Jonas Maebe wrote:
> >
> > >> Install the IDE setuid.
> > >
> > > That would be an extremely bad idea with the current stability
> > > record of the IDE.
> >
> > Not to mention that it allows you to open and overwri
On Tuesday 17 July 2007 11:20:54 pm Marco van de Voort wrote:
> > Apparently someone suddenly got a good idea that you need to be root to
> > reprogram the keyboard, and got a patch merged into the Linux kernel:
> >
> > http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit
> >di
> On Tuesday 17 July 2007 11:20:54 pm Marco van de Voort wrote:
> > > Apparently someone suddenly got a good idea that you need to be root to
> > > reprogram the keyboard, and got a patch merged into the Linux kernel:
> > >
> > > http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=co
> On Wed, 18 Jul 2007, Marco van de Voort wrote:
>
> > > On 18 Jul 2007, at 14:08, Jonas Maebe wrote:
> > >
> > > >> Install the IDE setuid.
> > > >
> > > > That would be an extremely bad idea with the current stability
> > > > record of the IDE.
> > >
> > > Not to mention that it allows you t
On 18 Jul 2007, at 17:42, Marco van de Voort wrote:
On Wed, 18 Jul 2007, Marco van de Voort wrote:
On 18 Jul 2007, at 14:08, Jonas Maebe wrote:
Install the IDE setuid.
That would be an extremely bad idea with the current stability
record of the IDE.
Not to mention that it allows you to
While I agree that it could cause some PR trouble, I don't see how this
is our problem. It's not like anyone blames the software makers for
windows security issues...
>
> If you install the IDE as setuid root, then every user starting the
> IDE will run the IDE as if he were root. That means he can
Michael Van Canneyt wrote:
> On Wed, 18 Jul 2007, Marco van de Voort wrote:
>> > On 18 Jul 2007, at 14:08, Jonas Maebe wrote:
>> >
>> > >> Install the IDE setuid.
>> > >
>> > > That would be an extremely bad idea with the current stability
>> > > record of the IDE.
>> >
>> > Not to mention that it
On 18 Jul 2007, at 18:01, Ales( Katona <[EMAIL PROTECTED]>
wrote:
While I agree that it could cause some PR trouble, I don't see how
this
is our problem. It's not like anyone blames the software makers for
windows security issues...
This has nothing at all to do with "pr trouble", but w
> On 18 Jul 2007, at 17:42, Marco van de Voort wrote:
>
> >> arguments like "the kernel forcing us to do so" will not help us
> >> then.
> >
> > What is the security hole exactly?
>
> If you install the IDE as setuid root, then every user starting the
> IDE will run the IDE as if he were root
Why? If they allow it it's their problem. If there's no sane way to do
something and we do it this way it's their problem that it's allowed...
I just don't see as how this whole thing is "our" problem.
I guess we could ask on install, "do you want a rootkit or no shortcuts?"...
>
> This has nothi
Jonas Maebe wrote / napísal(a):
Oh and btw, setuid is generaly used afaik. It's a normal thing to allow
temporary root access on normal programs in linux. Ofcourse doing it on
something like fpIDE is somewhat questionable (heh the possibilities
:D), but I don't see it as such a great risk. The mo
And to add to my last setuid stuff.. I think that if we properly audit
the IDE code so that:
a) fpc is called in the uid of the original ide starter
b) the "console" is run in the uid of the original ide starter
c) compiler programs are called in the uid of the original IDE starter
I think it's o
Michael Van Canneyt wrote:
On Wed, 18 Jul 2007, Marco van de Voort wrote:
On 18 Jul 2007, at 14:08, Jonas Maebe wrote:
Install the IDE setuid.
That would be an extremely bad idea with the current stability
record of the IDE.
Not to mention that it allows you to open and overwrite any arbit
Ales wrote:
While I agree that it could cause some PR trouble, I don't see how this
is our problem. It's not like anyone blames the software makers for
windows security issues...
You cannot seriously mean that. I agree 100% with Jonas here. PLEASE
rethink your position Ales :-)
--
Regards,
C
Ales wrote:
And to add to my last setuid stuff.. I think that if we properly audit
the IDE code so that:
a) fpc is called in the uid of the original ide starter
b) the "console" is run in the uid of the original ide starter
c) compiler programs are called in the uid of the original IDE starter
Why? You have your good ol' PING doing it. I agree tho that if a wrapper
can do it for us it's safest. Or if the ide can do it on start, and
always setuid(userid) itself right after setting the proper things. I
don't see a problem with ANY program being setuid if it has a proper
reason, and is audi
Ales wrote:
Why? You have your good ol' PING doing it.
Unbelievable strawman argument there.
This is not at all a critique of the IDE, but please don't compare the
complexity of "ping" and "fpide"(!)
I agree tho that if a wrapper can do it for us it's safest. Or if the
ide can do it on start
Strawman yes, but if we setuid to userid right after setting the console
stuff, there's nothing left to audit. We're not malicious software
makers so there's no chance anything else could happen? Or am I missing
something here?
eg:
fp starts
fp sets itself to uid 0
fp sets the required things as
Ales wrote:
Strawman yes, but if we setuid to userid right after setting the console
stuff, there's nothing left to audit. We're not malicious software
makers so there's no chance anything else could happen? Or am I missing
something here?
eg:
fp starts
fp sets itself to uid 0
fp sets the requi
Op Wed, 18 Jul 2007, schreef Michael Van Canneyt:
>
>
> On Wed, 18 Jul 2007, Marco van de Voort wrote:
>
> > > On 18 Jul 2007, at 14:08, Jonas Maebe wrote:
> > >
> > > >> Install the IDE setuid.
> > > >
> > > > That would be an extremely bad idea with the current stability
> > > > record o
Op Wed, 18 Jul 2007, schreef Sergei Gorelkin:
> Jonas Maebe wrote:
> >
> > On 18 Jul 2007, at 14:08, Jonas Maebe wrote:
> >
> > > > Install the IDE setuid.
> > >
> > > That would be an extremely bad idea with the current stability record
> > > of the IDE.
> >
> > Not to mention that it allow
On Wed, 18 Jul 2007, Ales( Katona wrote:
> Why? You have your good ol' PING doing it. I agree tho that if a wrapper
> can do it for us it's safest. Or if the ide can do it on start, and
> always setuid(userid) itself right after setting the proper things. I
> don't see a problem with ANY program
Op Wed, 18 Jul 2007, schreef Jonas Maebe:
>
> On 17 Jul 2007, at 23:20, Marco van de Voort wrote:
>
> > > The result is that the keyboard unit is no longer able to catch keys
> > > like
> > > escape, shift+tab alt+F1..F12 etc. on the Linux console. This affects
> > > the
> > > Free Pascal IDE
Op Wed, 18 Jul 2007, schreef Michael Van Canneyt:
> On Wed, 18 Jul 2007, Ales( Katona wrote:
>
> > Why? You have your good ol' PING doing it. I agree tho that if a wrapper
> > can do it for us it's safest. Or if the ide can do it on start, and
> > always setuid(userid) itself right after settin
On Wed, 18 Jul 2007, Daniël Mantione wrote:
>
>
> Op Wed, 18 Jul 2007, schreef Michael Van Canneyt:
>
> > On Wed, 18 Jul 2007, Ales( Katona wrote:
> >
> > > Why? You have your good ol' PING doing it. I agree tho that if a wrapper
> > > can do it for us it's safest. Or if the ide can do it on
Op Wed, 18 Jul 2007, schreef Michael Van Canneyt:
>
>
> On Wed, 18 Jul 2007, Daniël Mantione wrote:
>
> >
> >
> > Op Wed, 18 Jul 2007, schreef Michael Van Canneyt:
> >
> > > On Wed, 18 Jul 2007, Ales( Katona wrote:
> > >
> > > > Why? You have your good ol' PING doing it. I agree tho that
On Wed, 18 Jul 2007, Daniël Mantione wrote:
>
>
> Op Wed, 18 Jul 2007, schreef Michael Van Canneyt:
>
> >
> >
> > On Wed, 18 Jul 2007, Daniël Mantione wrote:
> >
> > >
> > >
> > > Op Wed, 18 Jul 2007, schreef Michael Van Canneyt:
> > >
> > > > On Wed, 18 Jul 2007, Ales( Katona wrote:
>
Op Wed, 18 Jul 2007, schreef Michael Van Canneyt:
> > > well then that's it... If you want to use these keys, you'll have to run
> > > your
> > > programs as root...
> > >
> > > Or use a GUI IDE like Lazarus...
> >
> > You just proposed this yourself, but before executing the IDE?
>
> ? I pr
On Wed, 18 Jul 2007, Daniël Mantione wrote:
>
>
> Op Wed, 18 Jul 2007, schreef Michael Van Canneyt:
>
> > > > well then that's it... If you want to use these keys, you'll have to
> > > > run your
> > > > programs as root...
> > > >
> > > > Or use a GUI IDE like Lazarus...
> > >
> > > You j
Op Wed, 18 Jul 2007, schreef Michael Van Canneyt:
>
>
> On Wed, 18 Jul 2007, Daniël Mantione wrote:
>
> >
> >
> > Op Wed, 18 Jul 2007, schreef Michael Van Canneyt:
> >
> > > > > well then that's it... If you want to use these keys, you'll have to
> > > > > run your
> > > > > programs as r
On Wed, 18 Jul 2007, Daniël Mantione wrote:
>
>
> Op Wed, 18 Jul 2007, schreef Michael Van Canneyt:
>
> >
> >
> > On Wed, 18 Jul 2007, Daniël Mantione wrote:
> >
> > >
> > >
> > > Op Wed, 18 Jul 2007, schreef Michael Van Canneyt:
> > >
> > > > > > well then that's it... If you want to u
Op Wed, 18 Jul 2007, schreef Michael Van Canneyt:
> > The "scary" thing is the setuid root. The communication channel can be
> > standard i/o and there is nothing scary about that.
>
> There is: a user using the keyboard unit should then distribute the
> (setuid) program too, and that is not a
> Ales wrote:
> A project the size of the IDE is unauditable, given it's size.
> This again is not meant to criticize the IDE - any project of the size
> is unauditable.
Not that it is doable for us for the IDE, but OpenBSD seems to think
otherwise.
But I still think not making a separation betwe
> Op Wed, 18 Jul 2007, schreef Michael Van Canneyt:
> > Under the assumption a setuid root program is the only possible option:
> >
> > The safest - and in my opinion only correct - way is to write a small
> > setuid
> > root program which sets the proper TTY stuff, and then executes the IDE as
> On Wed, 18 Jul 2007, Dani?l Mantione wrote:
> > What is bad about such a solution?
>
> It's not KIS. If you can't have certain keys without being root, well then
> you'll have to learn to live with it.
IMHO either give up the textmode IDE, or try to support it to the fullest
extend.
> This is
Therefore, console is popular as well.
I second this! So far I've using FPC to develop server-side application (using
PSP/PWU) which has no X installed on the server machine and I only have SSH
access to the machine. fpIDE is the best text mode IDE on Linux.
-Bee-
has Bee.ography at:
http:/
On Thu, 19 Jul 2007, Bisma Jayadi wrote:
> > Therefore, console is popular as well.
>
> I second this! So far I've using FPC to develop server-side application (using
> PSP/PWU) which has no X installed on the server machine and I only have SSH
> access to the machine. fpIDE is the best text mo
Bisma Jayadi wrote:
(using PSP/PWU) which has no X installed on the server machine and I
only have SSH access to the machine. fpIDE is the best text mode IDE on
Linux.
But SSH access means using a vt100 kind of terminal, not the linux
console aka linux framebuffer.
Micha
___
Am 19. Jul 2007 um 12:16 schrieb Tomas Hajny:
Marco van de Voort wrote:
Op Wed, 18 Jul 2007, schreef Michael Van Canneyt:
Under the assumption a setuid root program is the only possible
option:
The safest - and in my opinion only correct - way is to write a
small
setuid
root program whi
Marco van de Voort wrote:
Ales wrote:
A project the size of the IDE is unauditable, given it's size.
This again is not meant to criticize the IDE - any project of the size
is unauditable.
Not that it is doable for us for the IDE, but OpenBSD seems to think
otherwise.
Sure, because it's a prod
53 matches
Mail list logo
