Re: Bug#262507: ITP: resmgr -- resource manager library

[Julien BLACHE]

Andrew Suffield <[EMAIL PROTECTED]> wrote:

Hi,

>> Could you point out the security issues you see in resmgr ?

[...security implications of fd passing]

> While it may make sense on some public terminals or demonstration
> systems, you do not want it on hosts where device security is
> important.

Of course, that's why I want to avoid having strong dependencies on
resmgrd itself, so it won't be installed behind the admin's back. It
should be possible and easy to install it, but it shouldn't be done
automagically.

>>  - resmgrd won't be started until configured (no default config
>>is shipped in the package, only an example config file);
>
> And that's probably a good idea too (along with documentation that
> clearly states what it does and does *not* do).

This documentation needs to be written, I'll add that to my todo list.

I still need to have a closer look at the code before anything serious
happens (= upload to unstable).

JB.

-- 
 Julien BLACHE - Debian & GNU/Linux Developer - <[EMAIL PROTECTED]> 
 
 Public key available on  - KeyID: F5D6 5169 
 GPG Fingerprint : 935A 79F1 C8B3 3521 FD62 7CC7 CD61 4FD7 F5D6 5169 

MMS Notification You cannot do that!

[$B#M#M#SDLCN(B]

$B

Bug#279062: ITP: kboincspy -- A BOINC monitoring tool for KDE

[Frank S. Thomas]

Package: wnpp
Severity: wishlist


* Package name: kboincspy
  Upstream Author : Roberto A. Virga <[EMAIL PROTECTED]>
* URL : http://sourceforge.net/projects/kboincspy/
* License : GPL
  Description : A BOINC monitoring tool for KDE

KBoincSpy is a KDE monitoring utility for the BOINC distributed client.
Designed to be the successor of KSetiSpy, it offers support for a 
virtually unlimited number of BOINC projects through a plugin-based
architecture.

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.8
Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15)

Re: software updates file in /usr -- policy bug?

[Adeodato Simó]

* Stephen Stafford [Sat, 30 Oct 2004 17:38:52 +]:
> I'm not going to upload this before etch (assuming it's even ready 
> before then - how long is sarge's release likely to be?).  Right now I 
> don't want to make too many uploads of new features...I'd like a release 
> sometime sooner rather than later after all :)

  you could upload to experimental, and let interested people play with it.

-- 
Adeodato Simó
EM: asp16 [ykwim] alu.ua.es | PK: DA6AE621
 
A. Because it breaks the logical sequence of discussion
Q. Why is top posting bad?

Re: Preparation of the next stable Debian GNU/Linux update [Oct 24]

[Martin Schulze]

Michelle Konzack wrote:
> The five missing files are not on ftp://security.debian.org/
> but the diff.gz and dsc are still there.
> 
> 
> 
> 
> 
> 

I can confirm that they are missing.

I've forwarded this to the person with proper facilities.

> Should I fill a Bugreport ?
> And if yes, against what ?

There is no useful pseudo package for it.

Regards,

Joey

-- 
This is GNU/Linux Country.  On a quiet night, you can hear Windows reboot.

Bug#279128: ITP: libcarp-assert-more-perl -- Convenience wrappers for libcarp-assert-perl

[Allard Hoeve]

Package: wnpp
Severity: wishlist

* Package name: libcarp-assert-more-perl
  Version : 1.06
  Upstream Author : Andy Lester <[EMAIL PROTECTED]>
* URL : 
http://search.cpan.org/~petdance/Carp-Assert-More-1.06/More.pm
* License : GPL, Artistic
  Description : Convenience wrappers for libcarp-assert-perl

 Carp::Assert::More is a set of wrappers around the Carp::Assert functions
 to make the habit of writing assertions even easier.
 .
 The standard Carp::Assert only allows the use of the function assert. This
 function takes a boolean as an argument and results in quite elaborate 
statements 
 inside the assert call to properly test a case. Carp:Assert::More makes 
available 
 functions like assert_isa, assert_isnumeric, etc, which help to write cleaner,
 less bugprone code.

-- System Information:
Debian Release: 3.1
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.4.27-i686
Locale: LANG=C, LC_CTYPE=C

ITP: zope-cmfarchetypes -- A developers framework for rapidly developing and deploying rich, full featured content types

[Fabio Tranchitella]

Package: wnpp
Severity: whishlist

* Package name: zope-cmfarchetypes
  Version : 1.2.5-rc5
  Upstream Author : Archetypes Development Team
   <[EMAIL PROTECTED]>
* URL : http://voxel.dl.sourceforge.net/sourceforge/
archetypes/Archetypes-1.2.5-rc5.tar.gz
* License : GPL
  Description : A developers framework for rapidly developing 
and deploying rich, full featured content types

Formerly known as CMFTypes, Archetypes is a developers framework
 for rapidly developing and deploying rich, full featured content
 types within the context of Zope/CMF and Plone.
 .
 Archetypes is based around the idea of an _Active Schema_. Rather
 than provide a simple description of a new data type Archetype
 schemas do the actual work and heavy lifting involved in using
 the new type. Archetype Schemas serve as easy extension points
 for other developers as project specific components can be
 created and bound or you can choose among the rich existing set
 of features.
 .
 Features
 * Simple schemas with working default policy.
 * Power and flexibility with lowered incidental complexity.
 * Integration with rich content sources such as Office Product Suites.
 * Full automatic form generation
 * i18n content on a field basis
 .
 Homepage: http://www.sourceforge.net/projects/archetypes

This source package will generate the following binary packages:
 * zope-cmfarchetypes
 * zope-cmftransforms
 * zope-generator
 * zope-validation

--
Fabio Tranchitella


signature.asc
Description: Questa parte del messaggio =?ISO-8859-1?Q?=E8?= firmata

ITP: zope-cmactionicons -- Zope form validation for CMF and Plone

[Fabio Tranchitella]

Package: wnpp
Severity: whishlist

* Package name: zope-cmfactionicons
  Version : 0.9
  Upstream Author : Tres Seaver, <[EMAIL PROTECTED]>
* URL : http://zope.org/Members/tseaver/CMFActionIcons/
CMFActionIcons-0.9/CMFActionIcons-0.9.tar.gz
* License : ZPL 1.0
  Description : Actions and icons add-on for Zope Content Management
Framework

This product is a add-on for the Zope Content Management Framework
(CMF). It should be useful with Plone, CPS, and other CMF-derived
extensions, as well.

The product provides:
 * A new tool, portal_actionicons, which serves as a registry 
   mapping object actions (using category and action ID) to a
   descriptive title, a priority, and an icon ID. The tool
   post-processes a set of actions (i.e., those generated by 
   the portal_actions tool), decorating them with additional
   information, and sorting them according to priority.

 * ZPT macros which build either horizontal or vertical icon 
   bars for a set of actions.

--
Fabio Tranchitella


signature.asc
Description: Questa parte del messaggio =?ISO-8859-1?Q?=E8?= firmata

ITP: zope-cmformcontroller -- Zope form validation for CMF and Plone

[Fabio Tranchitella]

Package: wnpp
Severity: whishlist

* Package name: zope-cmfformcontroller
  Version : 1.0.3
  Upstream Author : Geoff Davis <[EMAIL PROTECTED]>
* URL : http://voxel.dl.sourceforge.net/sourceforge/
collective/CMFFormController-1.0.3-beta.tar.gz
* License : Free custom license
  Description : Zope form validation for CMF and Plone

CMFFormController replaces the portal_form form validation
mechanism from Plone.  It should work just fine in plain CMF as
well.

--
Fabio Tranchitella


signature.asc
Description: Questa parte del messaggio =?ISO-8859-1?Q?=E8?= firmata

ITP: zope-cmfquickinstallertool -- Zope add-on to easy install CMF/Plone products.

[Fabio Tranchitella]

Package: wnpp
Severity: whishlist

* Package name: zope-cmfquickinstallertool
  Version : 1.5.0
  Upstream Author : Philipp Auersperg (phil at bluedynamics.com)
* URL : http://voxel.dl.sourceforge.net/sourceforge/
collective/CMFQuickInstallerTool-1.5.0.tgz
* License : GPL
  Description : Zope add-on to easy install CMF/Plone products.

CMFQuickInstaller is a Zope add-on to make easy to install CMF/Plone
products.

--
Fabio Tranchitella


signature.asc
Description: Questa parte del messaggio =?ISO-8859-1?Q?=E8?= firmata

ITP: zope-plonetranslations -- Translation files for Plone 2.0

[Fabio Tranchitella]

Package: wnpp
Severity: whishlist

* Package name: zope-plonetranslations
  Version : 0.5
  Upstream Author : Jodok Batlogg <[EMAIL PROTECTED]>
* URL : http://dev.clearwind.ca/Files/Plone/
Nightly/PloneTranslations-0.5.tar.gz
* License : GPL
  Description : Translation files for Plone 2.0

This product contains the translation files for Plone 2.0.

--
Fabio Tranchitella


signature.asc
Description: Questa parte del messaggio =?ISO-8859-1?Q?=E8?= firmata

ITP: zope-ploneerrorreporting -- Error Reporting Tool for Plone 2.0

[Fabio Tranchitella]

Package: wnpp
Severity: whishlist

* Package name: zope-ploneerrorreporting
  Version : 0.11
  Upstream Author : Geoff Davis 
* URL : http://voxel.dl.sourceforge.net/sourceforge/
collective/PloneErrorReporting-0.11.tar.gz
* License : GPL
  Description : Error Reporting Tool for Plone 2.0

The plone error reporting tools helps the site manager to post bug
reports more easily.

--
Fabio Tranchitella


signature.asc
Description: Questa parte del messaggio =?ISO-8859-1?Q?=E8?= firmata

ITP: zope-pts -- Placeless Translation Service for Zope

[Fabio Tranchitella]

Package: wnpp
Severity: whishlist

* Package name: zope-pts
  Version : 1.0-rc8
  Upstream Author : Jodok Batlogg <[EMAIL PROTECTED]>
* URL : http://voxel.dl.sourceforge.net/sourceforge/
collective/PlacelessTranslationService-1.0-rc8.
tar.gz
* License : GPL
  Description : Placeless Translation Service for Zope

PTS is a way of internationalizing (i18n'ing) and localizing (l10n'ing)
software for Zope 2. It's based on the files supported by the GNU
gettext set of utilities.

--
Fabio Tranchitella


signature.asc
Description: Questa parte del messaggio =?ISO-8859-1?Q?=E8?= firmata

Re: Apt-Torrent project

[Matt Zimmerman]

On Sat, Oct 30, 2004 at 07:05:12PM +1000, Matthew Palmer wrote:

> If we can get individually-signed .debs, you won't even need to worry so
> much about getting the torrent files off a trusted mirror...

You don't need individually-signed .debs for that; the existing
(experimental) archive signing mechanism works fine in this scenario.

-- 
 - mdz

Re: Apt-Torrent project

[Matt Zimmerman]

On Sun, Oct 31, 2004 at 12:01:30AM -0500, Adam Majer wrote:

> BT doesn't make too much sense here. It is only useful for large files
> that do not change often, like woody iso images.

I think there are ways that the bittorrent model can be applied
successfully.

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=199316

has some of my thoughts on the subject.

-- 
 - mdz

Re: Apt-Torrent project

[Matt Zimmerman]

(CCing the BTS, where this feature request is already tracked)

On Sat, Oct 30, 2004 at 10:35:53AM +0200, Arnaud Kyheng wrote:

> I love the Debian project, and I have worked on a new development for 
> it: Apt-Torrent :)
> 
> Apt-Torrent is an apt proxy to the Bittorrent network. For security, the 
> package listing, and the .torrent files are downloaded from a regular 
> http server, as usual for a package, but then the whole package is 
> fetched via bittorrent protocol and forwarded to apt :)

Interesting; I hadn't considered implementing this as a proxy.  It would
probably be better to subclass an existing HTTP server implementation,
rather than to implement a subset of HTTP in your package.

-- 
 - mdz