[please CC me on replies]
Hi,
recently, the debian-devel-changes list is missing more .changes
messages than usual. I first suspected a local config change as the
culprit, but
http://lists.debian.org/debian-devel-changes/2002/debian-devel-changes-200201/maillist.html>
doesn't list what I missed
"Oliver Elphick" writes:
> The upstream developers are not friendly to non-portable features; I
> might be able to get it added under a config option.
Thought so. My selling point is that this feature is completely
optional: if it is compiled in, you're allowed to use a new authtype
"peer" (or s
"Oliver Elphick" writes:
> It is indeed the case that ident is needed to allow local access without
> a password. I understand that this presents a small security risk on the
> server.
I think README.Debian or somesuch should tell why ident is necessary,
and perhaps also how one can restrict id
intainer's key. The new
keyring just includes a new version of the kicked maintainer's key
with one additional revocation-signature. This new signature tells
that this key is no longer trusted. Example:
$ gpg --check-sigs testkey
pub 1024D/36FF3F58 1999-07-24 Robert Bihlmeyer (Testkey -
Anthony Towns writes:
> On Sun, Apr 02, 2000 at 07:44:56PM +0200, Robert Bihlmeyer wrote:
> > Note that *any* keys that your agent holds can be snarfed by the
> > admin(s) of any hosts where you ssh-in with agent forwarding enabled.
>
> As I understand it, you can't
First I'd like to know what "dialup" includes means for you.
Ian Jackson <[EMAIL PROTECTED]> writes:
> It does seem that some people do find it beneficial to send mail
> direct from their dialups (static or dynamic). I don't understand why
> they think this is a good idea,
There are apparently
Nicolás Lichtmaier <[EMAIL PROTECTED]> writes:
> All packages can run things as root. Even the most simple game.
Doing clandestine things in a install-script is harder than in a
binary.
--
Robbe
Julian Gilbey <[EMAIL PROTECTED]> writes:
> On my home machine, I have an identity in .ssh/identity.pub.
> I copied that into .ssh/authorized_keys on master (possibly using the
> LDAP system).
> I *also* copied it into .ssh/authorized_keys on my home machine.
>
> That extra copy on my home machin
Anthony Towns writes:
> There is an existing single-point vulnerability in *every*
> mirror. Compromise the mirror and you can compromise every single Debian
> user who upgrades from that mirror. You don't even have to try touching
> anything at *.debian.org.
Yes, and I'd very much see this vuln
Marcus Brinkmann <[EMAIL PROTECTED]> writes:
> Yes, but you have not "the right" (what loaded words!) to close the bug
> reports. Feel free to ignore them, but don't close them without a better
> reason.
If communication with the reporter is necessary to fix the bug, and
this communication is bro
Michael Meskes <[EMAIL PROTECTED]> writes:
> I usually run my shell with LC_ALL set to de_DE. Calling 'printf "%1.1f\n" 1'
> then gives me 1,0 which is the correct answer under the german locale.
>
> Now I unset LC_ALL to get the command to print 1.0 but wasn't able
> to.
printf is a bash builti
Hamish Moffatt <[EMAIL PROTECTED]> writes:
> On Thu, Mar 30, 2000 at 01:12:10PM +0200, Robert Bihlmeyer wrote:
> > Before all useful points are lost in the flamage, may I suggest that a
> > X-Filtered-By: DUL
> > or similar header be added to all list mail?
>
Craig Sanders <[EMAIL PROTECTED]> writes:
> most of the recent spam would have been blocked by using MAPS RSS
> (relays.mail-abuse.org), though...and not by MAPS DUL.
>
> IMO, we should use both. individually they are quite effective in
> blocking spam, but they are even better when used together
(I'm also a first-time aptitude user)
Branden Robinson <[EMAIL PROTECTED]> writes:
> (Remark: I think I would find the overloading of the '-' key confusing.
> Please consider using a different key for hold operations. 'h' seems
> intuitive but might be pressed by novices as an attempt to get hel
Anthony Towns writes:
> Well, it'd be nice to be able to do so, to verify that a mirror hasn't
> been compromised, but no, you're right.
Actually I don't care that much if the mirror is compromised, if it
affects only packages that I don't install. If it affects some of
those packages, I will no
Taupter <[EMAIL PROTECTED]> writes:
> 1. Does Debian install any stuff inside /usr/local ?
That would be a bug. You can make sure with "dpkg -S /usr/local" (or
"dlocate /usr/local" if you have the dlocate package)
> 2. Is secure to the system integrity to _wipe_ /usr/local (no
> daemons/services
Taupter <[EMAIL PROTECTED]> writes:
> I was poking update-alternatives, but didn't find a way to point my
> default window manager to /usr/local/bin/gnome-session.
FWIW, gnome-session is not a window manager. If you're sure you want
to do that, you could issue:
update-alternatives --install /usr
Anthony Towns writes:
> The only reason not to trust a key dinstall uses explicitly for signing
> Packages is if you believe dinstall is compromised. If you believe that,
> then you shouldn't be downloading .deb's *ever*, because you're immediately
> running *untrusted* scripts as root on your sy
Raphael Hertzog <[EMAIL PROTECTED]> writes:
> Yes I know, I should probably extract all the "identities" from a single
> PGP/GPG key and look for all those adresses in the Packages file. Or
> something like that.
Hmm, /usr/share/keyrings/debian-keyring.gpg lists 278 identities,
while the Maintain
Anthony Towns writes:
> On Sat, Mar 25, 2000 at 11:03:11PM +0100, Robert Bihlmeyer wrote:
> > Do you want to sign each package entry, or the whole file?
>
> The whole file --- verifying each entry would take at least three minutes
> on my hardware, and god knows how long on a
Chris Frey <[EMAIL PROTECTED]> writes:
> So my question is, what are your thoughts on adding a signature to the
> current Packages.gz file, or adding a similar *dsc file for it,
> which is then signed?
Do you want to sign each package entry, or the whole file? Whose
signature would be used?
> T
Peter Cordes <[EMAIL PROTECTED]> writes:
> In the case of terminal colours, I thought most people really did
> use black bg terminals, or at least dark something, like blue. Also,
> real VT100s and VT220s have black bg screens with amber text.
> There's a precedent for black bg terminals outside o
Robert Woodcock <[EMAIL PROTECTED]> writes:
> Without going in depth as to what traceroute and ping are (a fruitless flame
> war)
Facts can not build a flame war. Opinions (about "depth" or somesuch)
can.
> suffice it to say that I disagree with your "deeper" comment.
Ok.
> These 'boundaries'
Peter Cordes <[EMAIL PROTECTED]> writes:
> Unless the darkish colours get used as alternate background colours, they
> are wasted. There only are 16 colours, so deciding to never use 4
> ({dark ,}{blue,red}) of them seems like a bad idea. Brightening them up so
> they look good on a black backg
Jacob Kuntz <[EMAIL PROTECTED]> writes:
> > traceroute is "deeper" than ping.
>
> and that changes something? one cannot assume that because someone is not
> logged in as root, they are a casual user.
Why not? Non-casual users can start these programs from sbin
nonetheless (see FHS rationale for
Dylan Paul Thurston <[EMAIL PROTECTED]> writes:
> On Wed, Mar 22, 2000 at 11:52:37AM -0500, Jacob Kuntz wrote:
> > at the risk of reigniting a flame war, how is traceroute in a different
> > catagory that ping?
traceroute is "deeper" than ping. It exposes things that the casual
user neither sees
"Martin Bialasinski" <[EMAIL PROTECTED]> writes:
> So a note that GNOME packages are available from the regular Debian
> mirrors would be sufficient, no?
Perhaps linking to an up-to-date list, like
http://cgi.debian.org/cgi-bin/search_packages.pl?keywords=gnome&searchon=names&version=unstable&rel
27 matches
Mail list logo
