Beat the Recession - Attend this Motivational Seminar by Shiv Khera on 23 Feb 2009

2009-01-03 Thread Syed Ahmed 
Shiv Khera in Dubai - 23 February 2009 @ Traders Hotel, Dubai

 

 

check the training brief  
Click to see the complete training calendar from January - June 2009 


Kindly send in your nominations here 



Training Programs 
Click to see the complete training calendar from 
January - June 2009 

Kindly send in your nominations here 

==

  We apologize if this email has intruded into your privacy.  

 If you do not wish to receive any further emails from DIBM, please reply to 
this email with the subject header “UNSUBSCRIBE”.  

 We will remove your email from our database immediately. Copyright © DIBM, 
Dubai, U.A.E.

 ==

Re: "Semantic" shell? (for lack of better name)

2009-01-03 Thread Stefano Zacchiroli 
On Fri, Jan 02, 2009 at 08:51:12PM -0600, Bryan Bishop wrote:
> I'd like to work on a method to search for packages based off of
> recognized input file formats and recognized output file formats of
> the contained program(s). Maybe by MIME-type (RFC 2046), such as:

I'm not really able to reconcile this paragraph about "searching
packages on a recognized format basis" with the remaining part of your
post ...

Anyhow, debtags does offer a way to search for packages on the basis
of which file format they "work with". Have a look at the
"works-with-format" facet, e.g. in the debtags tag cloud [1]. It might
be less specific than what you need, for example it does not consider
the "direction" (input vs output) of the supported format. YMMV.

[1] http://debtags.alioth.debian.org/cloud/

Cheers

PS preserving the fully quoted version of your post, to the benefit of
   debtags-de...@l.a.d.o readers

> image/gif
> image/jpeg
> image/png
> image/tiff
> video/mp4
> video/mpeg
> application/x-latex
> 
> Here's the list of MIME-type assignments:
> http://www.iana.org/assignments/media-types/
> 
> However, I am by no means permanently attached to MIME. It would also
> be interesting to revise the typical --help message with some
> standardized markup for formally specifying which parameters would
> prefer what type of information. Typically, when I write my quick
> scripts, I just do a few print statements and spit out some text for
> help messages, and sometimes clean it up a bit, so to replace that
> laziness I'd have to write a tool to make that less of a pain, maybe
> throw it in next to autoproject or something.
> 
> So, this might just mean an extra file in a package, with two lines,
> the first one for input recognized, the second one for types of
> output, but this of course isn't a good map for what each parameter
> will trigger in terms of output, esp. in programs that change output
> dependent on what it discovers about the input. Also, this only really
> works for single-program packages, otherwise this needs to be done at
> some other level, i.e. a file next to each binary? Is that where this
> should go??
> 
> Personally this seems kind of an obvious thing to do, but it hasn't
> happened yet, so I'm posting to ask specifically--
> 
> (1) Has this been proposed before? Can anyone give me names, links,
> addresses, or what went wrong?
> 
> (2) Anything better than MIME for these purposes?
> 
> (3) Search terms other than 'semantic shell', anyone?
> 
> (4) What should I be asking?
> 
> I've basically written up this email on a site as well-
> http://heybryan.org/shell.html

-- 
Stefano Zacchiroli -o- PhD in Computer Science \ PostDoc @ Univ. Paris 7
z...@{upsilon.cc,pps.jussieu.fr,debian.org} -<>- http://upsilon.cc/zack/
Dietro un grande uomo c'è ..|  .  |. Et ne m'en veux pas si je te tutoie
sempre uno zaino ...| ..: | Je dis tu à tous ceux que j'aime


signature.asc
Description: Digital signature

Re: mass bug filing for undefined sn?printf use

2009-01-03 Thread Julien Cristau 
On Sun, Dec 28, 2008 at 09:53:40 +0100, Adeodato Simó wrote:

> Debian X Strike Force 
>libx11
> 
Fixed upstream and in experimental.
(http://bugs.freedesktop.org/show_bug.cgi?id=14898)

Cheers,
Julien


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: "Semantic" shell? (for lack of better name)

2009-01-03 Thread Josselin Mouette 
Le vendredi 02 janvier 2009 à 20:51 -0600, Bryan Bishop a écrit :
> I'd like to work on a method to search for packages based off of
> recognized input file formats and recognized output file formats of
> the contained program(s).

That doesn’t exist for output file formats, but for input file formats,
we already have such a registry in the app-install-data package. If you
want to look for code making use of this data, you can have a look at
gnome-app-install or at the relevant nautilus code[0].

 [0] 
http://patch-tracking.debian.net/patch/series/view/nautilus/2.24.2-1/20_open-with_install.patch

-- 
 .''`.
: :' :  We are debian.org. Lower your prices, surrender your code.
`. `'   We will add your hardware and software distinctiveness to
  `-our own. Resistance is futile.


signature.asc
Description: Ceci est une partie de message	numériquement signée

Possible MBF due to DBus security issue

2009-01-03 Thread Matthew Johnson 
In order to fix CVE-2008-4311 the default permissions on the system bus
have been tightened up. This has revealed bugs in the configurations
shipped with a number of services using the system bus which relied on
the broken behaviour and will now break.

A fixed version of dbus has been uploaded to experimental. The release
team would like this version to go into lenny, but we need to fix any
bugs caused by that version. Upstream have already started collating
patches to upstreams[0] so for many of the larger packages will already
have patches there.

Below is the list of all the packages which currently have configuration
for the system bus. I've not yet checked them to see whether or not they
have problems with their config files but will  be doing so soon and
filing bugs. It would be great if all the maintainers could check their
packages with the dbus from experimental to ensure that they still
function properly. 

All that needs to be done to fix this is to edit the config file which
is dropped in /etc/dbus-1/system.d/ to allow all of the incoming method
calls and outgoing signals. Method replies/errors and introspection
already have exceptions. 

List of packages which may be affected:

Masayuki Hatta (mhatta) 
   cups (U)

Moray Allan 
   gpe-bluetooth (U)

Michael Biebl 
   consolekit (U)
   dhcdbd (U)
   hal (U)
   knetworkmanager
   network-manager (U)
   network-manager-applet (U)
   policykit (U)
   powersave

Julien BLACHE 
   pommed

Phil Blundell 
   gpe-bluetooth (U)

Debian Bluetooth Maintainers 
   bluez-utils

Debian CUPS Maintainers 
   cups

Debian GNOME Maintainers 
   system-config-printer (U)
   system-tools-backends (U)

Debian GPE team 
   gpe-bluetooth (U)

Debian Maemo Maintainers 
   libosso
   osso-gwconnect

Debian OLPC 
   sugar

Debian VoIP Team 
   mumble

Debian/Ubuntu wpasupplicant Maintainers 
   wpasupplicant

Sebastian Dröge 
   avahi (U)
   hal (U)

Edd Dumbill 
   bluez-utils (U)

Filippo Giunchedi 
   bluez-utils (U)

Soren Hansen 
   network-manager-openvpn
   network-manager-vpnc

Mario Iseli 
   bluez-utils (U)

Matthew Johnson 
   bluemon

Simon Kelley 
   dnsmasq

Anand Kumria 
   yum

Jonny Lamb 
   libosso (U)
   odccm
   osso-gwconnect (U)

Roger Leigh 
   cups (U)

Jeff Licquia 
   cups (U)

Patrick Matthäi 
   mumble (U)

Kyle McMartin 
   wpasupplicant (U)

Loic Minier 
   avahi (U)
   libosso (U)
   osso-gwconnect (U)
   system-tools-backends (U)

Kel Modderman 
   wpasupplicant (U)

Josselin Mouette 
   system-config-printer (U)
   system-tools-backends (U)

Kenshi Muto 
   cups (U)

Thorvald Natvig 
   mumble (U)

Patrick Patterson 
   pathfinder

Martin Pitt 
   cups (U)

Martin-Éric Racine 
   cups (U)

Andres Salomon 
   yum (U)

Otavio Salvador 
   system-config-printer
   system-tools-backends (U)

Niv Sardi 
   system-tools-backends (U)

Riccardo Setti 
   galago-daemon
   network-manager (U)

Riccardo Setti 
   dhcdbd (U)

Sjoerd Simons 
   avahi (U)
   dhcdbd (U)
   hal (U)

Jonas Smedegaard 
   sugar (U)

Jose Carlos Garcia Sogo 
   system-tools-backends

Brian Sutherland 
   smart-notifier

Philippe De Swert 
   gpe-bluetooth (U)

Reinhard Tartler 
   wpasupplicant (U)

Enrico Tassi 
   network-manager-pptp

Utopia Maintenance Team 
   avahi
   consolekit
   dhcdbd
   hal
   network-manager
   network-manager-applet
   policykit

Riku Voipio 
   libosso (U)
   osso-gwconnect (U)

Matthew Wilcox 
   kerneloops

Neil Williams 
   gpe-bluetooth



0. https://bugs.freedesktop.org/show_bug.cgi?id=18980

-- 
Matthew Johnson


signature.asc
Description: Digital signature

Re: Possible MBF due to DBus security issue

2009-01-03 Thread Julien BLACHE 
Matthew Johnson  wrote:

Hi,

> Julien BLACHE 
>pommed

Fixed upstream in (soon to be released) 1.25, will go in unstable and
I plan to get it into Lenny if the tightened DBus goes in Lenny too.

JB.

-- 
 Julien BLACHE - Debian & GNU/Linux Developer -  
 
 Public key available on  - KeyID: F5D6 5169 
 GPG Fingerprint : 935A 79F1 C8B3 3521 FD62 7CC7 CD61 4FD7 F5D6 5169 


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Recent and ongoing work on sbuild and wanna-build

2009-01-03 Thread Roger Leigh 
Hi folks, and Happy New Year!

This mail is just to keep you up-to-date with what has been going on
over the last three months in the world of sbuild and wanna-build,
and what will be happening in the near future and for Squeeze.

sbuild
--

Following the integration of the sbuild changes in use on the buildds,
sbuild is now fully usable with contemporary wanna-build and buildd
and has been tested on at least the i386 buildd to the best of my
knowledge

Work has been done to clean up the Sbuild::Chroot class hierarchy
and improve the consistency of the environment used to execute
commands both inside and outside the chroot.  In addition to the
existing schroot support, support for sudo has been reinstated,
for non-Linux architectures which don't yet have the schroot
build-deps available.  Both schroot and sudo may now be run "split",
whereby apt/dpkg are run on the host system, to avoid the need for
live networking inside the chroot environment.

Support has also been added for logging streams to allow for
concurrent builds and avoiding the need to redirect global streams.
This is to allow future buildd/sbuild to schedule multiple
concurrent builds.

wanna-build
---

Recent work has focussed on wanna-build.  It has been refactored to
use the same options parsing and configuration handling as sbuild
(in fact, they now share the same configuration file, though this
is likely to change shortly).  This is now present in the master
branch of sbuild.git.  Sbuild::ConfBase handles configuration for
both sbuild and wanna-build, including providing defaults,
validation and key-specific property handlers.   Sbuild::Conf and
WannaBuild provide program-specific options and configuration file
parsing.

The dump/restore code has also been fixed up to cope with the
presence of the _userinfo key used to contain user tracking data.

The changes made on the buildds have also been merged from [1], so
it now contains all of the functionality present on the live
wanna-build installation, albeit without specific configuration and
cron jobs.

Additionally, work has started to modularise wanna-build in order to
replace the MLDBM database backend with a more flexible PostgreSQL
backend[2].  Instead of using the tied-hash database directly, all
database activity now takes place through accessor functions to
read/write package and user records.  This will make it possible
to write an alternative backend to the MLDBM backend without
needing to touch the main wanna-build code.  However, much of the
code will be able to be simplified significantly once we switch
to PostgreSQL completely, since much of the complexity can be
handled directly in the database.

This simplified wanna-build will likely be a brand-new frontend
based on the same perl modules which wanna-build uses, which
will allow backward compatibility to be retained until the new
tool is fully tested and dependent programs are updated to use it.

Using PostgreSQL will make it much easier to get data in and out
of the database, as well as to give other tools access to the data,
since MLDBM is essentially a "proprietary binary blob" which is
both only readable by Perl and is architecture-dependent.

Future work
---

- Finalise PostgreSQL database schema [3]
- Write PostgreSQL backend
- Create new tool to replace wanna-build
- Ongoing merge of sbuild/wanna-build/buildd changes
- Correct deficiencies in sbuild's build-dep handling

The project's git repository for sbuild and wanna-build may be found
at [4].


Many thanks to Marc 'HE' Brockschmidt, Cyril Brulebois, Lucas
Nussbaum and all the other folks on #debian-buildd who have
been invaluable in making the rapid progress we have achieved
over the last month or so.

If you'd like to get involved, please get in touch on buildd-tools-devel!


Regards,
Roger

[1] http://git.debian.org/?p=mirror/wanna-build.git
[2] 
http://git.debian.org/?p=users/rleigh/sbuild.git;a=shortlog;h=refs/heads/wb-backend
[3] 
http://git.debian.org/?p=users/rleigh/sbuild.git;a=tree;f=db;h=a7ad5c6029b3ea7a895ed532cdf31039a8832d58;hb=e151e7bb96567817a580118c8c0d5b6cf1fa9b38
[4] git://git.debian.org/git/buildd-tools/sbuild.git


-- 
  .''`.  Roger Leigh
 : :' :  Debian GNU/Linux http://people.debian.org/~rleigh/
 `. `'   Printing on GNU/Linux?   http://gutenprint.sourceforge.net/
   `-GPG Public Key: 0x25BFB848   Please GPG sign your mail.


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: (UPDATED) mass bug filing for undefined sn?printf use

2009-01-03 Thread Kees Cook 
On Thu, Jan 01, 2009 at 10:50:49AM -0800, Kees Cook wrote:
> On Wed, Dec 31, 2008 at 07:01:44PM -0800, Nicholas Breen wrote:
> > While fixing one of the affected packages, I discovered that it was
> > using similarly problematic syntax to act as a strcat replacement of the
> > form 'sprintf(buf, "%s\n", buf)', which that regexp didn't catch.  I
> > can't imagine that's a common mistake, but it's easy enough to match on
> > as well:
> > 
> >   pcregrep -M 'sprintf\s*\(\s*([^,]*)\s*,\s*"%s[^"]*"\s*,\s*\1\s*[,)]'
> 
> Oh!  Good catch, thank you.  I've started a re-run with the regex changed.
> So far, it's already caught new stuff.  I'll post updated details once it
> has finished.

Attached is the updated list, which includes 57 new hits, and adds
additional lines of affected code to gabedit, blender, desmume, and
gpe-conf.  I have a dump of the diff between the logs here[1].  The old
logs have been moved to the "2008-12" subdirectory[2].

The "handled" list is here[3] and should reflect all the replies to
this thread so far (if I missed something, please let me know and I'll
get it fixed).  The current list of affected Debian packages is here[4],
attached, and also with the dd-list output.

At what point should I convert this list into an actual mass-bug-filing?

Thanks!

-Kees

[1] http://people.ubuntu.com/~kees/sprintf-glibc/changed.diff
[2] http://people.ubuntu.com/~kees/sprintf-glibc/2008-12/
[3] http://people.ubuntu.com/~kees/sprintf-glibc/data/handled.pkgs
[4] http://people.ubuntu.com/~kees/sprintf-glibc/debian

-- 
Kees Cook@debian.org
abiword
apache2
apr-util
binutils
cricket
curl
db4.2
espeak
evolution-data-server
gdb
ggz-client-libs
gcc-4.1
gcc-4.2
gcc-4.3
isdnutils
kdeedu
kino
lftp
libopenobex
nagios-plugins
mysql-dfsg-5.0
nas
python-numpy
sane-backends
scrollkeeper
shadow
unixodbc
wacom-tools
xscreensaver
4g8
adplug
afnix
afterstep
amideco
aqualung
arrayprobe
audacious-plugins
avr-evtd
barnowl
barrage
billard-gl
binutils-h8300-hms
binutils-m68hc1x
binutils-avr
black-box
blender
blobwars
blobandconquer
bochs
bomberclone
ace
bumprace
cal
canna
cbflib
cdw
cfs
chinput
cpad-kernel
criticalmass
crossfire
cpqarrayd
ctn
dact
dc-qt
desmume
dwww
dx
ebview
echoping
eggdrop
emil
epiphany
ettercap
freedink
fvwm
gabedit
gaby
gamix
gatos
gcc-3.3
gcl
gcc-m68hc1x
gcolor2
gcom
gclcvs
gdal
gdb-avr
gdb-m68hc1x
gcc-3.4
gcc-snapshot
gdis
genesis
glide
gmult
gmt
gnat-gps
gnuchess
gnuplot
gpe-conf
gplcver
gpstrans
grace
grass
gridengine
grmonitor
gtk+extra2
gtk-imonc
htdig
hypermail
ifmail
insight
ircd-hybrid
ircii
ircd-ratbox
kasablanca
kover
l2tpns
lcd4linux
lesstif2
libcdk5
libgsl-ruby
liblunar
libpar-packer-perl
libsmi
libstatgrab
logtool
lopster
ltp
luola
mafft
man2html
mapserver
med-fichier
micro-evtd
mindi-busybox
mod-bt
mondo
mozart
mp3rename
mp3splt
mrpt
multi-aterm
mysql-gui-tools
nap
ncmpc
ncbi-tools6
netatalk
nws
oftc-hybrid
ogdi-dfsg
openmx
osdsh
osiris
owl
packit
paraview
pari
pcsx
pcsx-df
pennmush
penguin-command
player
plib
pload
plotmtv
pocketpc-gas
pocketpc-binutils
prismstumbler
psemu-video-x11
psqlodbc
qpopper
restartd
rockdodger
root-system
rudiments
screader
scummvm
sextractor
sidplay
sidplay-libs
sip-tester
slony1
smsclient
sqlrelay
starfighter
swish-e
symmetrica
tack
tcpick
tcptrack
tetrinetx
tgif
tightvnc
timidity
tn5250
trueprint
uclmmbase
ude
uim
unicon
uucpsend
varkon
vbpp
user-mode-linux
vdr-plugin-weather
vdr-plugin-xineliboutput
viruskiller
vrflash
vtk
vzquota
w-bassman
wayv
welcome2l
wmfrog
xabacus
xball
xawtv
xbill
xcircuit
xfce4-mpc-plugin
xenomai
xgalaga
xmcd
xpilot-ng
xxgdb
yap
yasm
z88dk
mplayer
vlc
xtrkcad
apache2
apr
ekiga
esound
fetchmail
ggz-server
krb5
lirc
opal
quagga
vim
wacom-tools
webkit
aqualung
arrayprobe
boinc
calcurse
centerim
cfs
cpqarrayd
eggdrop
ffmpeg2theora
fluxconf
geany
glide
gpsd
gtklp
jpilot
libtrace3
mlt
naim
pavuk
procinfo
pure-ftpd
rudiments
saods9
stopmotion
unworkable
user-mode-linux
wireshark
wmnet
xlockmore
xosview
Daniel Leidert (dale) 
   gabedit (U)

Laszlo Boszormenyi (GCS) 
   cdw
   sidplay
   sidplay-libs

Adam Cécile (Le_Vert) 
   aqualung
   audacious-plugins (U)

Masayuki Hatta (mhatta) 
   abiword
   ebview
   insight

Dario Minnucci (midget) 
   echoping

Nicolas FRANCOIS (Nekral) 
   shadow (U)

Stefan Hornburg (Racke) 
   pure-ftpd

J.H.M. Dassen (Ray) 
   scrollkeeper (U)

Marco Presi (Zufus) 
   python-numpy (U)

Jari Aalto 
   wmfrog

Tim Abbott 
   symmetrica

Moray Allan 
   gpe-conf (U)

Russ Allbery 
   krb5 (U)

Bill Allombert 
   pari

Per Andersson 
   micro-evtd

Domenico Andreoli 
   curl

Kumar Appaiah 
   python-numpy (U)

Hakan Ardo 
   binutils-avr
   gdb-avr

Ben Armstrong 
   xpilot-ng

Anibal Avelar 
   centerim

Michael Banck 
   gridengine (U)

Karl Bartel 
   black-box
   penguin-command

Andreas Barth 
   db4.2 (U)

Daniel Baumann 
   tack

Christian Bayle 
   gatos

Bradley Bell 
   gtk+extra2

Christoph Berg 
   oftc-hybrid

Sylvain Beucler 
   freedink (U)

Stephen Birch

Re: Possible MBF due to DBus security issue

2009-01-03 Thread Simon McVittie 
After removing Uploaders and cross-referencing against fd.o #18980 (up to and
including Comment #12, https://bugs.freedesktop.org/show_bug.cgi?id=18980#c12):

> Michael Biebl 
>knetworkmanager

https://bugzilla.redhat.com/show_bug.cgi?id=475468

>powersave

???

> Julien BLACHE 
>pommed

Maintainer responding

> Debian Bluetooth Maintainers 
> 
>bluez-utils

http://git.kernel.org/?p=bluetooth/bluez.git;a=blob_plain;f=src/bluetooth.conf;hb=06637b08f721e1565fa05b818adfb8a0acec804e

> Debian CUPS Maintainers 
>cups

mjj29 is investigating and thinks it's OK

> Debian Maemo Maintainers 
>libosso

???

>osso-gwconnect

???

> Debian OLPC 
>sugar

Unlikely to be on the system bus, I'll verify

> Debian VoIP Team 
>mumble

???

> Debian/Ubuntu wpasupplicant Maintainers 
> 
>wpasupplicant

???

> Soren Hansen 
>network-manager-openvpn

???

>network-manager-vpnc

???

> Matthew Johnson 
>bluemon

Maintainer responding

> Simon Kelley 
>dnsmasq

???

> Anand Kumria 
>yum

???

> Jonny Lamb 
>odccm

???

> Patrick Patterson 
>pathfinder

???

> Otavio Salvador 
>system-config-printer

???

> Riccardo Setti 
>galago-daemon

Unlikely to be on the system bus, I'll verify

> Jose Carlos Garcia Sogo 
>system-tools-backends

Might be "GNOME System monitor" http://bugzilla.gnome.org/show_bug.cgi?id=563857

> Brian Sutherland 
>smart-notifier

???

> Enrico Tassi 
>network-manager-pptp

???

> Utopia Maintenance Team 
>avahi

???

>consolekit

http://bugs.freedesktop.org/show_bug.cgi?id=19020

>dhcdbd

???

>hal

https://bugs.freedesktop.org/show_bug.cgi?id=18985

>network-manager

???

>network-manager-applet

???

>policykit

https://bugs.freedesktop.org/show_bug.cgi?id=18948

> Matthew Wilcox 
>kerneloops

???

> Neil Williams 
>gpe-bluetooth

Maintainer will investigate

Other patches from the tracking bug
===

Someone else's bug
--

gnome-lirc-properties: looks like hal's fault

Not in Debian?
--

fprintd in Fedora (not in Debian? I think Matthew's grep would have caught it)

system-config-services: https://bugzilla.redhat.com/show_bug.cgi?id=475203
http://cvs.fedoraproject.org/viewvc/rpms/system-config-services/F-10/system-config-services-0.99.28-dbus.patch
(not in Debian?)

system-config-samba: https://bugzilla.redhat.com/show_bug.cgi?id=475524

eggcups: https://bugs.edge.launchpad.net/ubuntu/+source/eggcups/+bug/306716

screen-resolution-extra: 
https://bugs.edge.launchpad.net/ubuntu/+source/screen-resolution-extra/+bug/306705


signature.asc
Description: Digital signature

Bug#510624: ITP: pigz -- Parallel Implementation of GZip

2009-01-03 Thread Eduard Bloch 
Package: wnpp
Severity: wishlist
Owner: Eduard Bloch 


* Package name: pigz
  Version : 2.1.4
  Upstream Author : Mark Adler 
* URL : http://www.example.org/
* License : ZLib license
  Programming Lang: C
  Description : Parallel Implementation of GZip

pigz, which stands for Parallel Implementation of GZip, is a fully functional
replacement for gzip that exploits multiple processors and multiple cores to
the hilt when compressing data.

PS: I plan to hack it a little bit and use syssconf function on Debian
systems to determine the real number of CPU cores (#x) since pigz's
default value is 8 which is much more than home systems have nowadays,
and the performance isn't getting (much) better with a constant number
of idle threads, they just consume more memory.

Regards,
Eduard.

-- System Information:
Debian Release: 5.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

-- 
Naja, Garbage Collector eben. Holt den Müll sogar vom Himmel.
   (Heise Trollforum über Java in der Flugzeugsteuerung)



-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: Possible MBF due to DBus security issue

2009-01-03 Thread Matthew Johnson 
On Sat Jan 03 17:58, Matthew Johnson wrote:
> All that needs to be done to fix this is to edit the config file which
> is dropped in /etc/dbus-1/system.d/ to allow all of the incoming method
> calls and outgoing signals. Method replies/errors and introspection
> already have exceptions. 

OK clarification from dbus upstream. Replies, errors and signals are all
allowed by default. Introspection is not. It is recommended that every
service has a send_destination rule to allow things to send to the
well-known names which that process owns rather than just send_interface
so that it applies to introspection as well as other method calls.

Matt


signature.asc
Description: Digital signature

Re: Possible MBF due to DBus security issue

2009-01-03 Thread Simon McVittie 
On Sat, 03 Jan 2009 at 20:57:00 +, Simon McVittie wrote:
> After removing Uploaders and cross-referencing against fd.o #18980 (up to and
> including Comment #12, 
> https://bugs.freedesktop.org/show_bug.cgi?id=18980#c12):
> 
> > Michael Biebl 
> >knetworkmanager
> 
> https://bugzilla.redhat.com/show_bug.cgi?id=475468

Upstream unhappy with the patch, further changes may be needed.

> > Debian OLPC 
> >sugar
> 
> Unlikely to be on the system bus, I'll verify

WEP key prompting implements org.freedesktop.NetworkManagerInfo which is
on the system bus. The config file looks OK at first glance, although we
should verify this.

> > Riccardo Setti 
> >galago-daemon
> 
> Unlikely to be on the system bus, I'll verify

Looks like a false positive - it installs a config file but actually
lives on the session bus.

Simon


signature.asc
Description: Digital signature

Re: Possible MBF due to DBus security issue

2009-01-03 Thread Kel Modderman 
On Sunday 04 January 2009 06:57:00 Simon McVittie wrote:
> > Debian/Ubuntu wpasupplicant Maintainers 
> > 
> >wpasupplicant
> 
> ???

As far as I can tell, wpasupplicant installs an unaffected D-Bus configuration.
Patch welcome if wrong :)

Thanks, Kel.


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Re: Possible MBF due to DBus security issue

2009-01-03 Thread Matthew Johnson 
On Sat Jan 03 20:57, Simon McVittie wrote:
> 
> > Michael Biebl 
> >powersave

Definitely needs at least introspection allowing, bug filed

> > Debian CUPS Maintainers 
> >cups
> 
> mjj29 is investigating and thinks it's OK

Doesn't allow introspection, but only sends signals so it's not
critical. Filed a bug at normal

> 
> > Debian Maemo Maintainers 
> >libosso
> 

Ships a config file which disables all the security checks on the whole
system bus[0]. Filed RC bug

> > Matthew Johnson 
> >bluemon
> 
> Maintainer responding

Bug filed, fix uploaded with urgency: high and unblock requested.

Matt
-- 
Matthew Johnson


signature.asc
Description: Digital signature

Re: Possible MBF due to DBus security issue

2009-01-03 Thread Matthew Johnson 
On Sat Jan 03 20:57, Simon McVittie wrote:
> > Simon Kelley 
> >dnsmasq
> 
> ???
> 
> > Anand Kumria 
> >yum
> 
> ???
> 
> > Patrick Patterson 
> >pathfinder
> 
> ???
> 
> > Matthew Wilcox 
> >kerneloops

All of these have the send_destination policy so look like they should
be fine.

Matt

-- 
Matthew Johnson


signature.asc
Description: Digital signature

Re: "Semantic" shell? (for lack of better name)

2009-01-03 Thread Erich Schubert 
Hello Bryan,
I've thought about similar efforts, much were centered about having a
generic "command line syntax definition language".
Not every application can be squeezed into the input, output scheme. The
situation with multiple inputs, single output is common.
Neither can every application convert every input to every output,
sometimes just particular combinations might be possible (in particular,
input format might have to be the same as the output format).
Then there are "meta formats", especially compression.
For example gzip will convert any file type to the same file type but
gzip-compressed (or the other way round using gunzip).
So a tool trying to "magically" build chains would need to understand
that while gzip can process the "*/*" mime type, it won't convert the
file type, whereas 'convert' can convert next to any image file type to
next to any other image file type.
But for example to convert text/plain to image/gif with convert, you
should also specify a font...

The debtags efforts do a very minimal approach here: they use 'looser'
file types than MIME and they do not differentiate between input, output
or whatever-put. There are some benefits from that, including
- less information needs to be collected and updated
- the information is more likely to be accurate
obviously at the cost of the information being less useful. At some
point you need to make a cut.

At some point I was considering to actually use RDF-like triplets such
as "app1 reads image/gif" "app1 writes image/jpeg" etc. but we ended up
to going a tuplet-only approach for complexity reasons.

Of course things have made progress since. For example, the .desktop
files usually include useful information about which MIME types an
application supports (unfortunately, many non-GUI-application still do
not ship with .desktop files), but the information there also has some
kind of "vagueness".

So it might well be time to do the next step and collect such meta
information on a "reads" "writes" "displays" "prints" and whatever
basis. However collecting all this data sounds like a huge task to me.

I mentioned before that I was also thinking about a "command line syntax
definition language". The reason is that command line programs vary a
lot in how parameters are passed. There are certain common standards
such as GNU getopt command line syntax (i.e. single letter options with
a single dash, long options with a double dash, single letter options
can be joined ...), but there are also tons of exceptions
(e.g. "java -version" is different from "java -v -e -r -s -i -o -n" and
would have been "java --version" in getopt style).
A specification of the available options in some meta format ideally
would also give an indication of valid file types for file name
parameters. But also note about mutually exclusive options. And it is
obvious that not all command line can be described this way completely
(e.g. to fully validate "perl -e 'perl expression'" you'd need to be
able to validate perl syntax ... and "only perl can parse perl". So
you'll never know what MIME types that statement accepts ...)
A solution covering 90% might still be very nice to have.
I believe that a "semantic shell" might need to be based around the
command line interface of the applications.

best regards,
Erich Schubert
-- 
   erich@(vitavonni.de|debian.org)--GPG Key ID: 4B3A135C(o_
Reality continues to ruin my life --- Calvin//\
Der Anfang aller Erkenntnis ist das Staunen. --- AristotelesV_/_


-- 
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org