Re: end of security support for wheezy LTS

On 02/13/2018 06:47 PM, Gene Heskett wrote: I agree Deloptes, debian's newer releases are generally better, if the ever increasing paranoia can be worked around. The major problems are with the difficulties in building and installing, a newer, realtime kernel for machine control usage, when the

Re: end of security support for wheezy LTS

a/slash/home/rock64/v4.14.15-rt13$ ls arch COPYING defconfig firmware initKconfig MAINTAINERS modules.builtin net scripts tools block CREDITS Documentation fsipc kernel Makefile modules.orderREADME security usr certs crypto driversincl

Re: end of security support for wheezy LTS

Gene Heskett wrote: > That, and fighting with my printer because theres no pdf of this doco, > > Hi, agreed that staged boot on non i386 machines is really fun. At least with raspberri and the Geode thing I used PXE boot to test the kernel

Re: end of security support for wheezy LTS

On Tuesday 13 February 2018 18:06:31 Dan Ritter wrote: > On Tue, Feb 13, 2018 at 02:28:51PM -0500, Gene Heskett wrote: > > Those prices would appear to be aimed at a corporate setting, as > > opposed to something that a retiree on SS might be able to afford, > > nor is the plea taken as being

Re: end of security support for wheezy LTS

On Tuesday 13 February 2018 17:02:10 deloptes wrote: > Gene Heskett wrote: > > I wouldn't but they are running stretch just fine once I'd killed > > light-locker. > > I upgraded last year my 10y old Geode with 256MB RAM from wheezy to > jessie to stretch. As this Geode machine is 586 with a

Re: end of security support for wheezy LTS

On Tue, Feb 13, 2018 at 02:28:51PM -0500, Gene Heskett wrote: > > Those prices would appear to be aimed at a corporate setting, as opposed > to something that a retiree on SS might be able to afford, nor is the > plea taken as being aimed at me. IMO this is a mistake. I am well aware No,

Re: end of security support for wheezy LTS

Gene Heskett wrote: > I wouldn't but they are running stretch just fine once I'd killed > light-locker. I upgraded last year my 10y old Geode with 256MB RAM from wheezy to jessie to stretch. As this Geode machine is 586 with a strange hd controller, I had to compiled and build the kernel package

Re: end of security support for wheezy LTS

ed a longer timescale to migrate their > systems. We hear about banks still running programs from the 1960s. > > > I am well aware > > of the TANSTAAFL principle, and if the paperwork didn't drown them, > > would be able to make an annual donation of perhaps $100 toward th

Re: end of security support for wheezy LTS

ested heavily in the OS and need a longer timescale to migrate their systems. We hear about banks still running programs from the 1960s. > I am well aware > of the TANSTAAFL principle, and if the paperwork didn't drown them, > would be able to make an annual donation of perhaps $100 to

Re: end of security support for wheezy LTS

Gene Heskett wrote: > I am well aware > of the TANSTAAFL principle, and if the paperwork didn't drown them, > would be able to make an annual donation of perhaps $100 toward the > expenses of the LTS. Tain't much, but how many other old farts like me > would be willing to do likewise? So you can

Re: end of security support for wheezy LTS

On Tuesday 13 February 2018 09:28:06 David Wright wrote: > On Tue 13 Feb 2018 at 11:03:29 (+), Adam Weremczuk wrote: > > Hi all, > > Hello again, > > > Our PCI compliance scanner (probably falsely) claims it's > > 2018-05-01. > > > > The Wikipedia page: > >

Re: end of security support for wheezy LTS

On Tue, Feb 13, 2018 at 11:03:29AM +, Adam Weremczuk wrote: > Hi all, > > Our PCI compliance scanner (probably falsely) claims it's 2018-05-01. > > The Wikipedia page: https://en.wikipedia.org/wiki/Debian_version_history > just says "May 2018". > > Debian website: > >

Re: end of security support for wheezy LTS

On Tue, Feb 13, 2018 at 09:50:20AM -0500, rhkra...@gmail.com wrote: > On Tuesday, February 13, 2018 09:28:06 AM David Wright wrote: > > On Tue 13 Feb 2018 at 11:03:29 (+), Adam Weremczuk wrote: > > ... > > > > Our PCI compliance scanner (probably falsely) claims it's 2018-05-01. > > ... >

Re: end of security support for wheezy LTS

On Tuesday, February 13, 2018 09:28:06 AM David Wright wrote: > On Tue 13 Feb 2018 at 11:03:29 (+), Adam Weremczuk wrote: ... > > Our PCI compliance scanner (probably falsely) claims it's 2018-05-01. ... > No idea, but the people here may by closer to the action: >

Re: end of security support for wheezy LTS

On Tue 13 Feb 2018 at 11:03:29 (+), Adam Weremczuk wrote: > Hi all, Hello again, > Our PCI compliance scanner (probably falsely) claims it's 2018-05-01. > > The Wikipedia page: > https://en.wikipedia.org/wiki/Debian_version_history just says "May > 2018". > > Debian website: > >

end of security support for wheezy LTS

Hi all, Our PCI compliance scanner (probably falsely) claims it's 2018-05-01. The Wikipedia page: https://en.wikipedia.org/wiki/Debian_version_history just says "May 2018". Debian website: https://www.debian.org/releases/wheezy/ https://wiki.debian.org/LTS clearly states "end of May 2018".

Issue in IPSEC Security association

Hi All, I am very new to Linux and open source forums, I hope my question is appropriate to this forum, if not please forgive my ignorance and if possible point me in the right direction. Once again, I have just started to explore and please do forgive my ignorance. Earlier today,on my

Re: UID 1000 on Raspberry Pi (Was: Re: Embarrassing security bug in systemd)

On 09.01.18 15:04, Christian Groessler wrote: > I just edited the password file directly, "vipw" and "vipw -s", and renamed > the pi user. When doing that, there is merit in running pwck before any powerdown/reboot, as any illegality in a line stopped processing of all following when I last

Re: UID 1000 on Raspberry Pi (Was: Re: Embarrassing security bug in systemd)

On 01/09/18 16:01, Roberto C. Sánchez wrote: Don't forget about occurrences of 'pi' in the group files (use 'vigr' and 'vigr -s' to catch those). Yep. Forgot to mention that. regards, chris

Re: UID 1000 on Raspberry Pi (Was: Re: Embarrassing security bug in systemd)

On Tue, Jan 09, 2018 at 03:04:03PM +0100, Christian Groessler wrote: > On 01/09/18 04:49, Jason wrote: > > > This I'd guess is important, if you have several users. I don't, except > > > for amanda and nut, and thats only on this machine. All the rest have > > > one user, me, known under various

Re: UID 1000 on Raspberry Pi (Was: Re: Embarrassing security bug in systemd)

On 01/09/18 04:49, Jason wrote: This I'd guess is important, if you have several users. I don't, except for amanda and nut, and thats only on this machine. All the rest have one user, me, known under various aliases because the idiot installer is now set to give the first user the machines name

UID 1000 on Raspberry Pi (Was: Re: Embarrassing security bug in systemd)

On Sun, Dec 10, 2017 at 10:17:12PM -0500, Gene Heskett wrote: > On Sunday 10 December 2017 19:02:49 David Wright wrote: > > > On Sun 10 Dec 2017 at 16:43:02 (-0500), Gene Heskett wrote: [...] > > > This I'd guess is important, if you have several users. I don't, except > for amanda and nut,

Re: [OFFTOPIC] Re: "Meltdown" and "Spectre": Every modern processor has unfixable security flaws

On Sun, Jan 07, 2018 at 08:32:17PM -0500, SDA wrote: > Show who you're quoting with an attribution line, please! With proper attribution, we might know who you are addressing with this statement... Cheers, Tom -- What's the matter with the world? Why, there ain't but one thing wrong with

Re: [OFFTOPIC] Re: "Meltdown" and "Spectre": Every modern processor has unfixable security flaws

On 2018-01-08, SDA wrote: > Show who you're quoting with an attribution line, please! > Tit for tat, unintended irony, blatant hypocrisy, or something else (I'm leaning toward the foremost, but you never know)? Apropos, as revealed in another thread, I'm dying to

Re: [OFFTOPIC] Re: "Meltdown" and "Spectre": Every modern processor has unfixable security flaws

Show who you're quoting with an attribution line, please!

Re: “Meltdown” and “Spectre”: Every modern processor has unfixable security flaws

On Fri, Jan 5, 2018 at 12:42 PM, Marc Auslander wrote: > Nicholas Geovanis writes: > >>On Fri, Jan 5, 2018 at 6:55 AM, wrote: >>> (mainframes of that time had at least VM, possibly >>> speculative prefetch). >> >>Is it correct to

Re: “Meltdown” and “Spectre”: Every modern processor has unfixable security flaws

Nicholas Geovanis writes: >On Fri, Jan 5, 2018 at 6:55 AM, wrote: >> (mainframes of that time had at least VM, possibly >> speculative prefetch). > >Is it correct to call branch prediction the same as speculative execution? >If so, then "yes" they had

[OFFTOPIC] Re: “Meltdown” and “Spectre”: Every modern processor has unfixable security flaws

> Is it correct to call branch prediction the same as speculative execution? Not really: they're closely related yet different. Stefan

[OFFTOPIC] Re: "Meltdown" and "Spectre": Every modern processor has unfixable security flaws

>> With TLB cache and all that? Pretty impressive :) > I am not sure about the 68010 and its separate MMU. But beginning with 68020 > there surely was memory space separation per process and cache memory in the > CPU. The 68020 didn't have an MMU on chip (it required a separate chip (MC68851) if

Re: “Meltdown” and “Spectre”: Every modern processor has unfixable security flaws

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, Jan 05, 2018 at 10:33:45AM -0600, Nicholas Geovanis wrote: > On Fri, Jan 5, 2018 at 6:55 AM, wrote: > > (mainframes of that time had at least VM, possibly > > speculative prefetch). > > Is it correct to call branch

Re: “Meltdown” and “Spectre”: Every modern processor has unfixable security flaws

On Fri, Jan 5, 2018 at 6:55 AM, wrote: > (mainframes of that time had at least VM, possibly > speculative prefetch). Is it correct to call branch prediction the same as speculative execution? If so, then "yes" they had it, but I don't honestly know if that's correct. Pipeline

Re: "Meltdown" and "Spectre": Every modern processor has unfixable security flaws

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, Jan 05, 2018 at 04:39:41PM +0100, Thomas Schmitt wrote: > Hi, > > to...@tuxteam.de wrote: (thanks for this walk down the memory (pun? me?) lane. [...] > > > Man against hardware. Who will finally win ? > > > Hardware. > > The more we

Re: "Meltdown" and "Spectre": Every modern processor has unfixable security flaws

Hi, to...@tuxteam.de wrote: > > > Does any of the processors in the M68K family support VM? I wrote: > > http://gunkies.org/wiki/MC68010 > With TLB cache and all that? Pretty impressive :) I am not sure about the 68010 and its separate MMU. But beginning with 68020 there surely was memory

Re: processor_unfixable security flaws

On Fri, Jan 05, 2018 at 09:11:53AM -0600, John Hasler wrote: > sejobud33 writes: > > are "melton" & "spectre" related at the ime hidden features > > No. The management engine is certainly a dangerous feature but this is > orthogonal to it. It is ni

Re: processor_unfixable security flaws

sejobud33 writes: > are "melton" & "spectre" related at the ime hidden features No. The management engine is certainly a dangerous feature but this is orthogonal to it. -- John Hasler jhas...@newsguy.com Elmwood, WI USA

processor_unfixable security flaws

processor_unfixable security flaws I cannot answer these questions myself: - are "melton" & "spectre" related at the ime hidden features (linustorwald said it is not a bug but a function not yet discovered/exploited | 40 flaws) ? * Replacing the cpu should solve thes

Re: "Meltdown" and "Spectre": Every modern processor has unfixable security flaws

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, Jan 05, 2018 at 02:41:57PM +0100, Thomas Schmitt wrote: > Hi, > > to...@tuxteam.de wrote: > > Does any of the processors in the M68K family support VM? > > They did since the early 1980s when i wondered what the advantage of an > 68010 would

Re: "Meltdown" and "Spectre": Every modern processor has unfixable security flaws

Hi, to...@tuxteam.de wrote: > Does any of the processors in the M68K family support VM? They did since the early 1980s when i wondered what the advantage of an 68010 would be over an 68000 (with HP BASIC: none). http://gunkies.org/wiki/MC68010 After all, early Sun, HP and Apollo Unix

Re: “Meltdown” and “Spectre”: Every modern processor has unfixable security flaws

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, Jan 05, 2018 at 07:39:23AM -0500, Jack Dangler wrote: [...] > Did this also affect Motorola chipsets? I know they haven't been > popular in a while, but I believe they are still in use (i.e. 68000) You can answer this question yourself: -

Re: “Meltdown” and “Spectre”: Every modern processor has unfixable security flaws

On 01/04/2018 12:55 PM, The Wanderer wrote: On 2018-01-04 at 12:30, Michael Fothergill wrote: On 4 January 2018 at 17:22, Curt <cu...@free.fr> wrote: https://arstechnica.com/gadgets/2018/01/meltdown-and-spectre-every-modern- processor-has-unfixable-security-fladdws/U TL;DR W

Re: “Meltdown” and “Spectre”: Every modern processor has unfixable security flaws

uary 2018 at 17:55, The Wanderer <wande...@fastmail.fm> wrote: >> >> On 2018-01-04 at 12:30, Michael Fothergill wrote: >> >> > On 4 January 2018 at 17:22, Curt <cu...@free.fr> wrote: >> > >> >> >> >> https://arstechnica.com/ga

Re: “Meltdown” and “Spectre”: Every modern processor has unfixable security flaws

; spectre-every-modern- > >> processor-has-unfixable-security-fladdws/U > >> > >> > >> TL;DR > >> > >> Windows, Linux, and macOS have all received security patches that > >> significantly alter how the operating systems handle virtual m

Re: “Meltdown” and “Spectre”: Every modern processor has unfixable security flaws

On 2018-01-04 at 13:17, Tixy wrote: > On Thu, 2018-01-04 at 12:55 -0500, The Wanderer wrote: > >> Meltdown so far is not known to affect anything other than Intel. > > And ARM's Cortex-A75 [1] which according to The Register [2] > "Qualcomm's upcoming Snapdragon 845 is an example part that uses

Re: “Meltdown” and “Spectre”: Every modern processor has unfixable security flaws

m.com/support/security-update [2] https://www.theregister.co.uk/2018/01/04/intel_amd_arm_cpu_vulnerability/ -- Tixy

Re: “Meltdown” and “Spectre”: Every modern processor has unfixable security flaws

On 2018-01-04 at 13:06, francis picabia wrote: > On Thu, Jan 4, 2018 at 1:22 PM, Curt <cu...@free.fr> wrote: > >> https://arstechnica.com/gadgets/2018/01/meltdown-and-spectre-every-modern- >> processor-has-unfixable-security-fladdws/U >> >> >> TL;DR

Re: “Meltdown” and “Spectre”: Every modern processor has unfixable security flaws

On Thu, Jan 4, 2018 at 1:22 PM, Curt <cu...@free.fr> wrote: > https://arstechnica.com/gadgets/2018/01/meltdown-and-spectre-every-modern- > processor-has-unfixable-security-fladdws/U > > > TL;DR > > Windows, Linux, and macOS have all received security patches that

Re: “Meltdown” and “Spectre”: Every modern processor has unfixable security flaws

On 2018-01-04 at 12:30, Michael Fothergill wrote: > On 4 January 2018 at 17:22, Curt <cu...@free.fr> wrote: > >> https://arstechnica.com/gadgets/2018/01/meltdown-and-spectre-every-modern- >> processor-has-unfixable-security-fladdws/U >> >> >> TL;DR

Re: “Meltdown” and “Spectre”: Every modern processor has unfixable security flaws

On 4 January 2018 at 17:22, Curt <cu...@free.fr> wrote: > https://arstechnica.com/gadgets/2018/01/meltdown-and-spectre-every-modern- > processor-has-unfixable-security-fladdws/U > > > TL;DR > > Windows, Linux, and macOS have all received security patches that

Re: “Meltdown” and “Spectre”: Every modern processor has unfixable security flaws

On 2018-01-04 at 12:22, Curt wrote: > https://arstechnica.com/gadgets/2018/01/meltdown-and-spectre-every-modern-processor-has-unfixable-security-fladdws/U > > > TL;DR > > Windows, Linux, and macOS have all received security patches that > significantly alter how the ope

“Meltdown” and “Spectre”: Every modern processor has unfixable security flaws

https://arstechnica.com/gadgets/2018/01/meltdown-and-spectre-every-modern-processor-has-unfixable-security-fladdws/U TL;DR Windows, Linux, and macOS have all received security patches that significantly alter how the operating systems handle virtual memory in order to protect against

Re: Embarrassing security bug in systemd

Gene writes: > That is probably enough if the user is smart enough to know how to > check, but if I pull a new iso of the install image today, will it be > there for reading before I click install when booted to that live iso > with no network access? If your new ISO is the latest point release

Re: Embarrassing security bug in systemd

On Friday 15 December 2017 07:11:04 Christian Seiler wrote: > Am 2017-12-08 21:31, schrieb Gene Heskett: > > On Friday 08 December 2017 14:26:41 Jonathan Dowland wrote: > >> No objection there, and I agree that the release notes should > >> probably have covered the policy changes. That ship has

Re: Embarrassing security bug in systemd

Am 2017-12-08 21:31, schrieb Gene Heskett: On Friday 08 December 2017 14:26:41 Jonathan Dowland wrote: No objection there, and I agree that the release notes should probably have covered the policy changes. That ship has now sailed unfortunately. So now, no effort will ever be made to fix the

Re: Rust? (and a wordsmithing question) (was: Re: Embarrassing security bug in systemd)

On Mon 11 Dec 2017 at 09:16:35 (-0500), rhkra...@gmail.com wrote: > From the Wikipedia article on "Magnetic storage": > > https://en.wikipedia.org/wiki/Magnetic_storage#Design > > "For reliable storage of data, the recording material needs to resist self- > demagnetisation, which occurs when

Re: Rust? (and a wordsmithing question) (was: Re: Embarrassing security bug in systemd)

Thanks! On Monday, December 11, 2017 10:04:09 AM Joe wrote: > On Mon, 11 Dec 2017 09:16:35 -0500 > > rhkra...@gmail.com wrote: > > (Did hard disks ever use iron oxide?) > > The rigid platters of IBM cartridges and packs (the things you see in > computer rooms in films) did have brown oxide

Re: Rust? (and a wordsmithing question) (was: Re: Embarrassing security bug in systemd)

On Monday, December 11, 2017 09:41:45 AM Darac Marjal wrote: > On Mon, Dec 11, 2017 at 09:16:35AM -0500, rhkra...@gmail.com wrote: > > From the Wikipedia article on "Magnetic storage": > > https://en.wikipedia.org/wiki/Magnetic_storage#Design > > "For reliable storage of data, the

Re: Embarrassing security bug in systemd

On Mon 11 Dec 2017 at 11:32:54 (+), Eduardo M KALINOWSKI wrote: > On dom, 10 dez 2017, tomas wrote: > >To put it differently, Debian tends to package docs separately, because > >you might want to set up a storage-constrained system where you don't > >want that extra stuff. To me, that makes

Re: Rust? (and a wordsmithing question) (was: Re: Embarrassing security bug in systemd)

On Mon, 11 Dec 2017 09:16:35 -0500 rhkra...@gmail.com wrote: > > (Did hard disks ever use iron oxide?) > The rigid platters of IBM cartridges and packs (the things you see in computer rooms in films) did have brown oxide coatings. The surface of each 12 inch platter side stored a magnificent

Re: Rust? (and a wordsmithing question) (was: Re: Embarrassing security bug in systemd)

On Mon, Dec 11, 2017 at 09:16:35AM -0500, rhkra...@gmail.com wrote: On Monday, December 11, 2017 01:12:41 AM Gene Heskett wrote: > There are instructions for making the pi's boot from rust, but its a one > way as its said to be an otp rom in charge of that, however when I try > to set

Rust? (and a wordsmithing question) (was: Re: Embarrassing security bug in systemd)

On Monday, December 11, 2017 01:12:41 AM Gene Heskett wrote: > There are instructions for making the pi's boot from rust, but its a one > way as its said to be an otp rom in charge of that, however when I try > to set that bit, its write protected even for root. In all 3 of the pi's > I bought.

Re: Embarrassing security bug in systemd

On Sun 10 Dec 2017 at 15:52:30 +0100, Dejan Jocic wrote: > On 10-12-17, Joe wrote: > > > > I thought you might find more examples helpful. The man page says that > > policies come from /etc/polkit-1 and /var/lib/polkit-1, but on my > > system the /var/lib location is almost empty, and there's a

Re: Embarrassing security bug in systemd

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, Dec 11, 2017 at 07:19:20AM -0500, Gene Heskett wrote: > On Monday 11 December 2017 06:02:46 Brian wrote: > > > On Sun 10 Dec 2017 at 18:25:26 -0500, Gene Heskett wrote: > > > apt can't do a show --uninstalled on the stretch machine, and the >

Re: Embarrassing security bug in systemd

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, Dec 11, 2017 at 11:32:54AM +, Eduardo M KALINOWSKI wrote: [...] > It also helps the archives, since there can be one > architecture-independent .deb with the docs, and then smaller > architecture-dependent .deb's with the binaries for

Re: Embarrassing security bug in systemd

On Monday 11 December 2017 06:02:46 Brian wrote: > On Sun 10 Dec 2017 at 18:25:26 -0500, Gene Heskett wrote: > > apt can't do a show --uninstalled on the stretch machine, and the > > man page isn't offering much either, so to see whats available, I > > have to go to its own keyboard and run

Re: Embarrassing security bug in systemd

On dom, 10 dez 2017, tomas wrote: To put it differently, Debian tends to package docs separately, because you might want to set up a storage-constrained system where you don't want that extra stuff. To me, that makes sense. It also helps the archives, since there can be one

Re: Embarrassing security bug in systemd

On Sun 10 Dec 2017 at 18:25:26 -0500, Gene Heskett wrote: > apt can't do a show --uninstalled on the stretch machine, and the man > page isn't offering much either, so to see whats available, I have to go > to its own keyboard and run synaptic-pkexec. The apt man page isn't unhelpful. For

Re: Embarrassing security bug in systemd

On Sunday 10 December 2017 23:50:13 David Wright wrote: > On Sun 10 Dec 2017 at 22:17:12 (-0500), Gene Heskett wrote: > > On Sunday 10 December 2017 19:02:49 David Wright wrote: > > > On Sun 10 Dec 2017 at 16:43:02 (-0500), Gene Heskett wrote: > > > > On Sunday 10 December 2017 14:12:09 David

Re: Embarrassing security bug in systemd

On Sun 10 Dec 2017 at 22:17:12 (-0500), Gene Heskett wrote: > On Sunday 10 December 2017 19:02:49 David Wright wrote: > > > On Sun 10 Dec 2017 at 16:43:02 (-0500), Gene Heskett wrote: > > > On Sunday 10 December 2017 14:12:09 David Wright wrote: > > > > On Sun 10 Dec 2017 at 10:42:53 (-0500),

Re: Embarrassing security bug in systemd

On Sunday 10 December 2017 19:02:49 David Wright wrote: > On Sun 10 Dec 2017 at 16:43:02 (-0500), Gene Heskett wrote: > > On Sunday 10 December 2017 14:12:09 David Wright wrote: > > > On Sun 10 Dec 2017 at 10:42:53 (-0500), Gene Heskett wrote: > > > > For something that can be such a pita, not

Re: Embarrassing security bug in systemd

On Sun 10 Dec 2017 at 16:43:02 (-0500), Gene Heskett wrote: > On Sunday 10 December 2017 14:12:09 David Wright wrote: > > > On Sun 10 Dec 2017 at 10:42:53 (-0500), Gene Heskett wrote: > > > For something that can be such a pita, not installing the docs > > > doesn't seem like my error, they

Re: Embarrassing security bug in systemd

On Sunday 10 December 2017 17:45:36 Brian wrote: > On Sun 10 Dec 2017 at 16:47:05 -0500, Gene Heskett wrote: > > On Sunday 10 December 2017 15:05:04 Brian wrote: > > > On Sun 10 Dec 2017 at 13:12:09 -0600, David Wright wrote: > > > > On Sun 10 Dec 2017 at 10:42:53 (-0500), Gene Heskett wrote: > >

Re: Embarrassing security bug in systemd

On Sun 10 Dec 2017 at 16:47:05 -0500, Gene Heskett wrote: > On Sunday 10 December 2017 15:05:04 Brian wrote: > > > On Sun 10 Dec 2017 at 13:12:09 -0600, David Wright wrote: > > > On Sun 10 Dec 2017 at 10:42:53 (-0500), Gene Heskett wrote: > > > > For something that can be such a pita, not

Re: Embarrassing security bug in systemd

On Sunday 10 December 2017 15:05:04 Brian wrote: > On Sun 10 Dec 2017 at 13:12:09 -0600, David Wright wrote: > > On Sun 10 Dec 2017 at 10:42:53 (-0500), Gene Heskett wrote: > > > For something that can be such a pita, not installing the docs > > > doesn't seem like my error, they should have been

Re: Embarrassing security bug in systemd

On Sunday 10 December 2017 14:12:09 David Wright wrote: > On Sun 10 Dec 2017 at 10:42:53 (-0500), Gene Heskett wrote: > > For something that can be such a pita, not installing the docs > > doesn't seem like my error, they should have been part of the > > install. IMO. > > That's ridiculous. I

Re: Embarrassing security bug in systemd

On Sat 09 Dec 2017 at 18:36:46 -0500, The Wanderer wrote: > On 2017-12-09 at 09:10, Brian wrote: > > > The Terms and Conditions of installing a Debian package include (as > > I'm sure you are aware) accepting the Depends: and Recomends: lines. > > What is in these lines can be accepted or

Re: Embarrassing security bug in systemd

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sun, Dec 10, 2017 at 01:12:09PM -0600, David Wright wrote: > On Sun 10 Dec 2017 at 10:42:53 (-0500), Gene Heskett wrote: > > > For something that can be such a pita, not installing the docs doesn't > > seem like my error, they should have been

Re: Embarrassing security bug in systemd

On Sun 10 Dec 2017 at 13:12:09 -0600, David Wright wrote: > On Sun 10 Dec 2017 at 10:42:53 (-0500), Gene Heskett wrote: > > > For something that can be such a pita, not installing the docs doesn't > > seem like my error, they should have been part of the install. IMO. > > That's ridiculous. I

Re: Embarrassing security bug in systemd

On Sun 10 Dec 2017 at 00:38:12 (-0800), Jimmy Johnson wrote: > On 12/09/2017 08:23 AM, David Wright wrote: > >On Fri 08 Dec 2017 at 18:30:08 (-0800), Jimmy Johnson wrote: > >>On 12/07/2017 02:31 AM, Jonathan Dowland wrote: > >>>On Thu, Dec 07, 2017 at 10:02:56AM +, Tixy wrote: > I'm

Re: Embarrassing security bug in systemd

On Sun 10 Dec 2017 at 10:42:53 (-0500), Gene Heskett wrote: > For something that can be such a pita, not installing the docs doesn't > seem like my error, they should have been part of the install. IMO. That's ridiculous. I don't want all the docs on all the installations. I only install docs

Re: Embarrassing security bug in systemd

On Sunday 10 December 2017 05:33:17 to...@tuxteam.de wrote: > On Sat, Dec 09, 2017 at 11:29:58AM -0500, Gene Heskett wrote: > > Thats another very sore point. Where are the man pages? Its > > installed on 6, maybe 7 machines here, with zero docs. > > Not a user of policykit here -- I don't like

Re: Embarrassing security bug in systemd

On 10-12-17, Joe wrote: > On Sun, 10 Dec 2017 11:02:45 +0100 > Dejan Jocic wrote: > > > On 10-12-17, Joe wrote: > > > On Sun, 10 Dec 2017 00:13:59 +0100 > > > Dejan Jocic wrote: > > > > > > > > > > > > > > Man page for pklocalauthority is bit more

Re: Embarrassing security bug in systemd

On Sun, 10 Dec 2017 11:02:45 +0100 Dejan Jocic wrote: > On 10-12-17, Joe wrote: > > On Sun, 10 Dec 2017 00:13:59 +0100 > > Dejan Jocic wrote: > > > > > > > > > > Man page for pklocalauthority is bit more helpful, but far from > > > self explanatory.

Re: Embarrassing security bug in systemd

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sat, Dec 09, 2017 at 11:29:58AM -0500, Gene Heskett wrote: > Thats another very sore point. Where are the man pages? Its installed on > 6, maybe 7 machines here, with zero docs. Not a user of policykit here -- I don't like it (as may be deduced

Re: Embarrassing security bug in systemd

On 10-12-17, Joe wrote: > On Sun, 10 Dec 2017 00:13:59 +0100 > Dejan Jocic wrote: > > > > > > Man page for pklocalauthority is bit more helpful, but far from self > > explanatory. > > And not updated for Debian. > > > In its examples section, it provides some insight

Re: Embarrassing security bug in systemd

On Sun, 10 Dec 2017 00:13:59 +0100 Dejan Jocic wrote: > > Man page for pklocalauthority is bit more helpful, but far from self > explanatory. And not updated for Debian. > In its examples section, it provides some insight about > writing .pkla files, but it does not show

Re: Embarrassing security bug in systemd

On 12/09/2017 08:23 AM, David Wright wrote: On Fri 08 Dec 2017 at 18:30:08 (-0800), Jimmy Johnson wrote: On 12/07/2017 02:31 AM, Jonathan Dowland wrote: On Thu, Dec 07, 2017 at 10:02:56AM +, Tixy wrote: I'm running Jessie (with systemd running but booting with sysvinit) and trying to

Re: Embarrassing security bug in systemd

On 2017-12-09 at 09:10, Brian wrote: > The Terms and Conditions of installing a Debian package include (as > I'm sure you are aware) accepting the Depends: and Recomends: lines. > What is in these lines can be accepted or rejected and, in the case > of Recommends:, adjusted to suit your needs.

Re: Embarrassing security bug in systemd

On 09-12-17, Brian wrote: > On Sat 09 Dec 2017 at 20:07:17 +0100, Dejan Jocic wrote: > > > On 09-12-17, Jonathan Dowland wrote: > > > On Sat, 2017-12-09 at 10:00 +, Brian wrote: > > > > Consistencey can be achieved by not installing policykit. The OP > > > > appears to have chosen the wrong

Re: Embarrassing security bug in systemd

On 10/12/17 04:45, Tom Furie wrote: On Sat, Dec 09, 2017 at 10:17:45AM -0500, Ric Moore wrote: On 12/08/2017 05:12 PM, Cindy-Sue Causey wrote: Something I did *not* understand when I saw it in operation was why a password was needed at the terminal but not from within the GUI's "Applications >

Re: Embarrassing security bug in systemd

On Sat 09 Dec 2017 at 20:07:17 +0100, Dejan Jocic wrote: > On 09-12-17, Jonathan Dowland wrote: > > On Sat, 2017-12-09 at 10:00 +, Brian wrote: > > > Consistencey can be achieved by not installing policykit. The OP > > > appears to have chosen the wrong target.Consistencey can be achieved >

Re: Embarrassing security bug in systemd

On Saturday 09 December 2017 12:01:59 David Wright wrote: > On Sat 09 Dec 2017 at 11:29:58 (-0500), Gene Heskett wrote: > > On Saturday 09 December 2017 05:12:16 Joe wrote: > > > On Fri, 8 Dec 2017 23:56:44 + > > > > > > Brian wrote: > > > > On Fri 08 Dec 2017 at

Re: Embarrassing security bug in systemd

On Sat, Dec 09, 2017 at 06:20:01PM +, Jonathan Dowland wrote: > On Sat, 2017-12-09 at 10:00 +, Brian wrote: > > Consistencey can be achieved by not installing policykit. The OP > > appears to have chosen the wrong target.Consistencey can be achieved > by > > not installing policykit. > >

Re: Embarrassing security bug in systemd

On Sat 09 Dec 2017 at 18:20:01 +, Jonathan Dowland wrote: > On Sat, 2017-12-09 at 10:00 +, Brian wrote: > > Consistencey can be achieved by not installing policykit. The OP > > appears to have chosen the wrong target.Consistencey can be achieved > by > > not installing policykit. > > As

Re: Embarrassing security bug in systemd

On 09-12-17, Jonathan Dowland wrote: > On Sat, 2017-12-09 at 10:00 +, Brian wrote: > > Consistencey can be achieved by not installing policykit. The OP > > appears to have chosen the wrong target.Consistencey can be achieved > by > > not installing policykit. > > As Michael pointed out in

Re: Embarrassing security bug in systemd

On Sat, 2017-12-09 at 10:00 +, Brian wrote: > Consistencey can be achieved by not installing policykit. The OP > appears to have chosen the wrong target.Consistencey can be achieved > by not > installing policykit. As Michael pointed out in [1], that's not the case; prior to polkit, there

Re: Embarrassing security bug in systemd

On Sat 09 Dec 2017 at 11:29:58 (-0500), Gene Heskett wrote: > On Saturday 09 December 2017 05:12:16 Joe wrote: > > > On Fri, 8 Dec 2017 23:56:44 + > > > > Brian wrote: > > > On Fri 08 Dec 2017 at 23:06:00 +, Joe wrote: > > > > On Fri, 8 Dec 2017 17:12:18 -0500 > > >

Re: Embarrassing security bug in systemd

On Sat 09 Dec 2017 at 10:17:45 (-0500), Ric Moore wrote: > On 12/08/2017 05:12 PM, Cindy-Sue Causey wrote: > Something I did *not* understand when I saw it in > >operation was why a password was needed at the terminal but not from > >within the GUI's "Applications > Log Out" menu path. > > Thank

Re: Embarrassing security bug in systemd

On Saturday 09 December 2017 05:12:16 Joe wrote: > On Fri, 8 Dec 2017 23:56:44 + > > Brian wrote: > > On Fri 08 Dec 2017 at 23:06:00 +, Joe wrote: > > > On Fri, 8 Dec 2017 17:12:18 -0500 > > > > > > Cindy-Sue Causey wrote: > > > > I do

Re: Embarrassing security bug in systemd

On Fri 08 Dec 2017 at 18:30:08 (-0800), Jimmy Johnson wrote: > On 12/07/2017 02:31 AM, Jonathan Dowland wrote: > >On Thu, Dec 07, 2017 at 10:02:56AM +, Tixy wrote: > >>I'm running Jessie (with systemd running but booting with sysvinit) and > >>trying to execute halt/poweroff/reboot/shutdown

Re: Embarrassing security bug in systemd

On Sat, Dec 09, 2017 at 10:17:45AM -0500, Ric Moore wrote: > On 12/08/2017 05:12 PM, Cindy-Sue Causey wrote: > > Something I did *not* understand when I saw it in operation was why > > a password was needed at the terminal but not from within the GUI's > > "Applications > Log Out" menu path. > >

<    3   4   5   6   7   8   9   10   11   12   >