* Shawn shawnland...@gmail.com [2013-02-05 18:43]:
socket-activation in systemd _helps_ security in that you can give an
unprivlidged process a listening port under 1024. (using a privileged
configuration file)
Privileged vs. unprivileged port is not really a secuitry improvement.
Yours
On 06/02/2013 16:27, Martin Wuertele wrote:
* Shawn shawnland...@gmail.com [2013-02-05 18:43]:
socket-activation in systemd _helps_ security in that you can give an
unprivlidged process a listening port under 1024. (using a privileged
configuration file)
Privileged vs. unprivileged port
On Tue, 05 Feb 2013 23:44:30 +0100
Hilko Bengen ben...@debian.org wrote:
* Adam Borowski:
The worst case scenario IMHO is some people invest a lot of time to
make the Debianized-Go stuff quite divergent from upstream, people's
expectations of how things behave in Go-land are broken when
Chow Loong Jin hyper...@debian.org writes:
I think he's referring to allowing processes which require listening to
a port under 1024 to run without superuser privileges. I believe our
implementation on Debian (e.g. Apache) is to have the process start as
root, start listening, and then setuid
On Wed, Feb 06, 2013 at 09:23:02AM +, Neil Williams wrote:
Then don't package Go at all and leave it entirely outside the realm of dpkg
- no dependencies allowed in either direction, no files created outside
/usr/local for any reason, no contamination of the apt or dpkg cache data. If
what
Neil Williams codeh...@debian.org writes:
If Go wants to be packaged, it complies by the requirements of
packaging. If it wants to live the life of a hermit and disappear up
itself, that's fine but then it doesn't get the privilege of interacting
with the rest of Debian. It's just a user
* Neil Williams:
If what you want is complete separation, why is there even a long
running thread on integration?
Sorry if I failed to make myself clear:
I want excellent Debian packages of the compiler/runtime/tools *and*
libraries *and* still make it possible for our users to use upstream's
Hilko Bengen, 2013-02-06 14:46:11 +0100 :
[...]
I am pretty sure that if you asked about packaging software in the
Python, Perl, Ruby, Java, Lua communities, you would get recommendations
to not use Debian packages at all and get pointers to what the
respective community considers a solution
On Tue, Feb 05, 2013 at 04:36:44PM +0100, Joachim Breitner wrote:
At least to me my work on Haskell in Debian feels more than pretending,
and from personal experience with the creators of the language, I have
strong doubts that they are Idiots.
They are not, they are very smart, but they are
* Roland Mas:
Hilko Bengen, 2013-02-06 14:46:11 +0100 :
[...]
I am pretty sure that if you asked about packaging software in the
Python, Perl, Ruby, Java, Lua communities, you would get recommendations
to not use Debian packages at all and get pointers to what the
respective community
On 02/06/2013 05:03 PM, Chow Loong Jin wrote:
On 06/02/2013 16:27, Martin Wuertele wrote:
* Shawn shawnland...@gmail.com [2013-02-05 18:43]:
socket-activation in systemd _helps_ security in that you can give an
unprivlidged process a listening port under 1024. (using a privileged
On Thu, Feb 07, 2013 at 01:35:13AM +0800, Thomas Goirand wrote:
socket-activation in systemd _helps_ security in that you can give an
unprivlidged process a listening port under 1024. (using a privileged
configuration file)
Privileged vs. unprivileged port is not really a secuitry
On 6 Feb 2013, at 17:37, Andrey Rahmatullin w...@wrar.name wrote:
Do we finally have mechanisms to start processes without root but with
elevated capabilities?
We also need fallback for non Capability-capable supported kernels (wow that's
an awkward sentence)
--
To UNSUBSCRIBE, email to
On 07/02/2013 01:35, Thomas Goirand wrote:
Which would be the wrong way of doing things / wrong reason
for using root as running user, since you can set the
CAP_NET_BIND_SERVICE capability... (man capabilities ...)
Yeah, I figured as much, but isn't that a Linuxism?
--
Kind regards,
Loong
Quoting Jonathan Dowland (j...@debian.org):
On 6 Feb 2013, at 17:37, Andrey Rahmatullin w...@wrar.name wrote:
Do we finally have mechanisms to start processes without root but with
elevated capabilities?
We also need fallback for non Capability-capable supported kernels
(wow that's an
On Wed, Feb 06, 2013 at 12:30:28PM -0600, Serge Hallyn wrote:
Do we finally have mechanisms to start processes without root but with
elevated capabilities?
We also need fallback for non Capability-capable supported kernels
(wow that's an awkward sentence)
Not to mention non-xattr-backed
2013/2/6 Chow Loong Jin hyper...@debian.org:
On 07/02/2013 01:35, Thomas Goirand wrote:
Which would be the wrong way of doing things / wrong reason
for using root as running user, since you can set the
CAP_NET_BIND_SERVICE capability... (man capabilities ...)
Yeah, I figured as much, but
Package: wnpp
Severity: wishlist
Owner: Jérémy Bobbio lu...@debian.org
* Package name: pyptlib
Version : 0.1
Upstream Author : George Kadianakis desnac...@riseup.net
* URL : https://git.torproject.org/pluggable-transports/pyptlib.git
* License : BSD-3-clause
Package: wnpp
Severity: wishlist
Owner: Jérémy Bobbio lu...@debian.org
* Package name: pyobfsproxy
Version : 0.1
Upstream Author : George Kadianakis desnac...@riseup.net
* URL :
https://git.torproject.org/pluggable-transports/pyobfsproxy.git
* License :
Quoting Andrey Rahmatullin (w...@wrar.name):
On Wed, Feb 06, 2013 at 12:30:28PM -0600, Serge Hallyn wrote:
Do we finally have mechanisms to start processes without root but with
elevated capabilities?
We also need fallback for non Capability-capable supported kernels
(wow that's an
On Wed, Feb 06, 2013 at 03:20:09PM -0600, Serge Hallyn wrote:
Do we finally have mechanisms to start processes without root but with
elevated capabilities?
We also need fallback for non Capability-capable supported kernels
(wow that's an awkward sentence)
Not to mention
On Thu, 7 Feb 2013, Thomas Goirand z...@debian.org wrote:
I think he's referring to allowing processes which require listening to a
port under 1024 to run without superuser privileges. I believe our
implementation on Debian (e.g. Apache) is to have the process start as
root, start
On Feb 06, 2013, at 03:26 PM, Roland Mas wrote:
I can only speak about Python and Perl, but I don't remember *ever* having
been told to use their deployment system instead of the packaged versions of
the interpreter and modules. The closest I've seen is something like if
you're running CentOS or
Barry Warsaw ba...@python.org writes:
Where things get tricky is if you have multiple applications that need
different versions of its dependencies. Say Debian has python-foo 1.2
which application Bar needs, but application Baz needs python-foo 2.0.
Despite years of discussion, in Debian,
On Thu, Feb 7, 2013 at 8:19 AM, Barry Warsaw wrote:
Speaking with many hats on, I think Debian Python has done a very admirable
job of integrating the Python ecosystem with Debian.
One of the pain points for users (I've had folks ask me this
face-to-face) with that stuff was site-packages vs
Am 07.02.2013 01:54, schrieb Paul Wise:
On Thu, Feb 7, 2013 at 8:19 AM, Barry Warsaw wrote:
Speaking with many hats on, I think Debian Python has done a very admirable
job of integrating the Python ecosystem with Debian.
One of the pain points for users (I've had folks ask me this
Okay, fortunately, no bands are practicing tonight and no kids need homework
help, so let's see if I can answer some of these questions. :)
On Feb 07, 2013, at 08:54 AM, Paul Wise wrote:
On Thu, Feb 7, 2013 at 8:19 AM, Barry Warsaw wrote:
Speaking with many hats on, I think Debian Python has
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Tue, 05 Feb 2013 11:38:17 +0100
Source: soprano
Binary: soprano-daemon libsoprano4 libsoprano-dev libsoprano-doc libsoprano-dbg
Architecture: source amd64 all
Version: 2.7.6+dfsg.1-3
Distribution: unstable
Urgency: low
Maintainer:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Tue, 05 Feb 2013 22:17:17 +
Source: chocolate-doom
Binary: chocolate-doom
Architecture: source amd64
Version: 1.7.0-3
Distribution: unstable
Urgency: low
Maintainer: Debian Games Team pkg-games-de...@lists.alioth.debian.org
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Tue, 05 Feb 2013 22:36:53 +0100
Source: pptpd
Binary: pptpd bcrelay
Architecture: source amd64
Version: 1.3.4-6
Distribution: unstable
Urgency: low
Maintainer: Hilko Bengen ben...@debian.org
Changed-By: Christoph Biedl
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Wed, 06 Feb 2013 13:04:52 +0100
Source: xen
Binary: xen-docs-4.1 libxen-4.1 libxenstore3.0 libxen-dev xenstore-utils
libxen-ocaml libxen-ocaml-dev xen-utils-common xen-utils-4.1
xen-hypervisor-4.1-amd64 xen-system-amd64
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Wed, 06 Feb 2013 11:36:05 +
Source: pdf-presenter-console
Binary: pdf-presenter-console
Architecture: source amd64
Version: 3.1.1-2
Distribution: unstable
Urgency: low
Maintainer: Barak A. Pearlmutter b...@debian.org
Changed-By:
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Format: 1.8
Date: Wed, 06 Feb 2013 14:11:02 +0100
Source: gnutls26
Binary: libgnutls-dev libgnutls26 libgnutls26-dbg gnutls26-doc libgnutlsxx27
libgnutls-openssl27
Architecture: source all i386
Version: 2.12.23-1
Distribution: experimental
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Wed, 06 Feb 2013 14:09:36 +0100
Source: nsd3
Binary: nsd3 nsd
Architecture: source amd64 all
Version: 3.2.12-2
Distribution: unstable
Urgency: low
Maintainer: Ondřej Surý ond...@debian.org
Changed-By: Ondřej Surý ond...@debian.org
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Wed, 06 Feb 2013 09:38:05 -0500
Source: cecilia
Binary: cecilia
Architecture: source all
Version: 5.0.7+svn389-1
Distribution: unstable
Urgency: low
Maintainer: Debian Multimedia Maintainers
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Wed, 06 Feb 2013 09:46:53 -0500
Source: pynn
Binary: python-pynn
Architecture: source all
Version: 0.7.5-1
Distribution: experimental
Urgency: low
Maintainer: NeuroDebian Team t...@neuro.debian.net
Changed-By: Yaroslav Halchenko
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Wed, 06 Feb 2013 17:28:45 +0100
Source: haskell-exception-transformers
Binary: libghc-exception-transformers-dev libghc-exception-transformers-prof
libghc-exception-transformers-doc
Architecture: source all amd64
Version: 0.3.0.3-1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Thu, 24 Jan 2013 14:43:43 -0600
Source: netcf
Binary: netcf libnetcf-dev libnetcf1 libnetcf1-dbg
Architecture: source amd64
Version: 1:0.2.3-1
Distribution: experimental
Urgency: low
Maintainer: Serge Hallyn serge.hal...@ubuntu.com
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Wed, 30 Jan 2013 20:38:28 -0500
Source: jenkins-job-builder
Binary: jenkins-job-builder
Architecture: source all
Version: 0.4.0-1
Distribution: unstable
Urgency: low
Maintainer: Paul Belanger paul.belan...@polybeacon.com
Changed-By:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Wed, 06 Feb 2013 18:03:17 +0100
Source: expeyes
Binary: expeyes libej0 libej-dev expeyes-clib expeyes-firmware-dev
python-expeyes expeyes-doc-en expeyes-doc-fr expeyes-doc-common
Architecture: source all amd64
Version: 3.0.4-1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Wed, 06 Feb 2013 18:23:59 +0100
Source: haskell-dav
Binary: hdav libghc-dav-dev libghc-dav-prof libghc-dav-doc
Architecture: source all amd64
Version: 0.3-2
Distribution: experimental
Urgency: low
Maintainer: Debian Haskell Group
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 06 Feb 2013 17:54:29 +0100
Source: julia
Binary: julia julia-doc
Architecture: source amd64 all
Version: 0.0.0+20130206.git32ff5759-1
Distribution: unstable
Urgency: low
Maintainer: Debian Julia Team pkg-julia-de
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Thu, 07 Feb 2013 01:09:24 +0800
Source: onscripter
Binary: onscripter
Architecture: source i386
Version: 20130202-1
Distribution: unstable
Urgency: low
Maintainer: Ying-Chun Liu (PaulLiu) paul...@debian.org
Changed-By: Ying-Chun
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Wed, 06 Feb 2013 15:34:17 +0100
Source: chromium-browser
Binary: chromium-browser chromium-browser-dbg chromium-browser-l10n
chromium-browser-inspector chromium chromium-dbg chromium-l10n
chromium-inspector
Architecture: source all
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Thu, 07 Feb 2013 02:08:30 +0800
Source: tiled-qt
Binary: tiled
Architecture: source i386
Version: 0.9.0-1
Distribution: unstable
Urgency: low
Maintainer: Ying-Chun Liu (PaulLiu) paul...@debian.org
Changed-By: Ying-Chun Liu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Wed, 30 Jan 2013 00:41:56 -0500
Source: python-pyo
Binary: python-pyo
Architecture: source amd64
Version: 0.6.3+svn1068-1
Distribution: unstable
Urgency: low
Maintainer: Debian Multimedia Maintainers
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Wed, 06 Feb 2013 23:06:05 +0400
Source: tcllib
Binary: tcllib
Architecture: source all
Version: 1.15-dfsg-1
Distribution: experimental
Urgency: low
Maintainer: Tcl/Tk Debian Packagers pkg-tcltk-de...@lists.alioth.debian.org
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Wed, 06 Feb 2013 19:46:55 +0100
Source: imview
Binary: imview
Architecture: source i386
Version: 1.1.9c-10
Distribution: unstable
Urgency: low
Maintainer: Debian Science Maintainers
debian-science-maintain...@lists.alioth.debian.org
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Wed, 06 Feb 2013 21:13:35 +0100
Source: polarssl
Binary: libpolarssl-dev libpolarssl-runtime libpolarssl0
Architecture: source amd64
Version: 1.2.5-1
Distribution: experimental
Urgency: low
Maintainer: Roland Stigge sti...@antcom.de
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Wed, 06 Feb 2013 19:31:25 +0100
Source: openjdk-6
Binary: openjdk-6-jdk openjdk-6-jre-headless openjdk-6-jre openjdk-6-jre-lib
openjdk-6-demo openjdk-6-source openjdk-6-doc openjdk-6-dbg icedtea-6-jre-cacao
icedtea-6-jre-jamvm
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Mon, 04 Feb 2013 21:59:57 +
Source: freevo
Binary: freevo python-freevo freevo-data freevo-lirc freevo-doc
Architecture: source all
Version: 1.9.2b2-4.2
Distribution: unstable
Urgency: low
Maintainer: Freevo Debian Dream Team
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Tue, 05 Feb 2013 00:25:38 +0100
Source: pspp
Binary: pspp
Architecture: source amd64
Version: 0.7.9+git20120620-1.1
Distribution: unstable
Urgency: low
Maintainer: bojo42 boj...@gmail.com
Changed-By: Sebastian Ramacher
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Mon, 04 Feb 2013 22:11:12 +0100
Source: freecad
Binary: freecad freecad-dev freecad-doc
Architecture: source i386 all
Version: 0.13.1830-dfsg-1~exp1
Distribution: experimental
Urgency: low
Maintainer: Debian Science Maintainers
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Thu, 07 Feb 2013 00:29:01 +0100
Source: libffi
Binary: libffi-dev lib32ffi-dev lib64ffi-dev libn32ffi-dev libffi6 lib32ffi6
lib64ffi6 libn32ffi6 libffi6-dbg libffi6-udeb
Architecture: source amd64
Version: 3.0.12~rc1-1
Distribution:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Thu, 07 Feb 2013 01:00:41 +0100
Source: libdiscid
Binary: libdiscid0 libdiscid0-dev
Architecture: source amd64
Version: 0.3.0-1
Distribution: experimental
Urgency: low
Maintainer: Debian Multimedia Maintainers
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Wed, 06 Feb 2013 17:54:34 -0600
Source: r-cran-slam
Binary: r-cran-slam
Architecture: source i386
Version: 0.1-28-1
Distribution: unstable
Urgency: low
Maintainer: Dirk Eddelbuettel e...@debian.org
Changed-By: Dirk Eddelbuettel
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Thu, 07 Feb 2013 01:50:11 +0100
Source: pyatspi
Binary: python-pyatspi python-pyatspi2 python3-pyatspi python3-pyatspi2
Architecture: source all
Version: 2.7.2+dfsg-2
Distribution: experimental
Urgency: low
Maintainer: Debian
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sun, 03 Feb 2013 14:52:05 +
Source: sysvinit
Binary: sysvinit sysvinit-utils sysv-rc initscripts bootlogd
Architecture: source amd64 all
Version: 2.88dsf-40
Distribution: unstable
Urgency: low
Maintainer: Debian sysvinit
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Mon, 04 Feb 2013 21:07:00 +0100
Source: bochs
Binary: bochs bochs-doc bochsbios bochs-wx bochs-sdl bochs-term bochs-x
bochs-svga bximage sb16ctrl-bochs
Architecture: source all amd64
Version: 2.6-1
Distribution: experimental
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Thu, 07 Feb 2013 03:35:08 +0100
Source: inetutils
Binary: inetutils-ftp inetutils-ftpd inetutils-inetd inetutils-ping
inetutils-traceroute inetutils-syslogd inetutils-talk inetutils-talkd
inetutils-telnet inetutils-telnetd
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Wed, 06 Feb 2013 21:41:19 -0500
Source: opendkim
Binary: opendkim opendkim-tools libopendkim9 libopendkim-dev libvbr2 libvbr-dev
librbl1 librbl-dev
Architecture: source i386
Version: 2.8.0~beta2-1
Distribution: experimental
Urgency:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Wed, 06 Feb 2013 10:24:23 -0500
Source: opendmarc
Binary: opendmarc libopendmarc0 libopendmarc-dev rddmarc
Architecture: source i386 all
Version: 1.1.0~beta0-1
Distribution: experimental
Urgency: low
Maintainer: Scott Kitterman
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Thu, 07 Feb 2013 11:58:44 +0900
Source: slapos.core
Binary: slapos-client slapos-node-unofficial
Architecture: source all
Version: 0.34-1
Distribution: unstable
Urgency: low
Maintainer: Arnaud Fontaine ar...@debian.org
Changed-By:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Sat, 15 Dec 2012 14:13:19 +0100
Source: qlandkartegt
Binary: qlandkartegt
Architecture: source amd64
Version: 1.6.0~dfsg0-1
Distribution: experimental
Urgency: low
Maintainer: Jaromír Mikeš mira.mi...@seznam.cz
Changed-By: Jaromír
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Wed, 06 Feb 2013 23:22:39 -0500
Source: password-gorilla
Binary: password-gorilla
Architecture: source all
Version: 1.5.3.6.3-1
Distribution: unstable
Urgency: low
Maintainer: Alexandre Raymond alexandre.j.raym...@gmail.com
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Wed, 06 Feb 2013 23:06:53 +0100
Source: basex
Binary: basex
Architecture: source all
Version: 7.6-1
Distribution: unstable
Urgency: low
Maintainer: Alexander Holupirek a...@holupirek.de
Changed-By: Alexander Holupirek
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Sun, 27 Jan 2013 18:47:43 -0800
Source: natlog
Binary: natlog
Architecture: source amd64
Version: 0.91.3-1
Distribution: unstable
Urgency: low
Maintainer: Frank B. Brokken f.b.brok...@rug.nl
Changed-By: tony mancill
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Wed, 06 Feb 2013 22:54:32 +0100
Source: imview
Binary: imview
Architecture: source i386
Version: 1.1.9c-11~exp1
Distribution: experimental
Urgency: low
Maintainer: Debian Science Maintainers
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Wed, 06 Feb 2013 22:17:13 -0800
Source: natlog
Binary: natlog
Architecture: source amd64
Version: 0.91.3-2
Distribution: unstable
Urgency: low
Maintainer: Frank B. Brokken f.b.brok...@rug.nl
Changed-By: tony mancill
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Wed, 23 Jan 2013 14:47:54 +0700
Source: doodle
Binary: doodle doodle-dbg doodled libdoodle1 libdoodle-dev
Architecture: source amd64
Version: 0.7.0-6
Distribution: experimental
Urgency: low
Maintainer: Prach Pongpanich
70 matches
Mail list logo