Re: HFS/HFS+ are insecure

On Fri, Jul 21, 2023 at 09:49:48AM +, Bastien Roucariès wrote: > I vaguely remember that someone implement a fuse over uml (user space linux) A similar tool is libguestfs's guestmount tool:

Re: LTO and ABI compatibility

On Fri, Jul 22, 2022 at 03:30:16PM +0200, Hideki Yamane wrote: > Fedora, openSUSE, and Ubuntu did LTO by default, and I've not heard about > any wrong. Is the situation in Debian differ from theirs? Not everything works with LTO right away: debugging build problems or runtime problems takes

Re: DebConf22 registration and call for proposals are open!

On Fri, Mar 25, 2022 at 11:38:01PM +0800, YS wrote: > Sorry. How to unsubscribe this thread? Most mail lists insert headers that describe how to subscribe, unsubscribe, change settings, post, etc: List-URL: List-Post:

Re: Seeking consensus for some changes in adduser

On Thu, Mar 10, 2022 at 09:37:49PM +0100, Marc Haber wrote: > >- leading digits sometimes causes programs to parse a 'username' as an > > 'user id' instead; you can see some of this here: > > https://github.com/systemd/systemd/issues/6237 > > I know I've seen more instances of this over the

Re: Seeking consensus for some changes in adduser

On Tue, Mar 08, 2022 at 05:49:04PM +0100, Marc Haber wrote: > (2) > #774046 #520037 > Which special characters should we allow for account names? Please consider the leading character separately from the rest of the characters: - leading digits sometimes causes programs to parse a 'username' as

Re: Embedded buildpath via rpath using cmake

On Fri, Feb 04, 2022 at 10:49:43AM +, Simon McVittie wrote: > CMake removes the RUNPATH > just before installation, so it doesn't become a security problem, > but that's too late to stop it from affecting the build-ID - and the > *length* of the build directory can also affect the contents of

Re: Embedded buildpath via rpath using cmake

On Thu, Feb 03, 2022 at 04:41:21PM -0800, Vagrant Cascadian wrote: > Over the last several months, I and others have found quite a few > packages that embed build paths via rpath when building with cmake. I > found myself slowly edging into a mass bug filing, one bug report at a > time... Hello

Re: Next attempt to add Blends to Debian installer

On Mon, Jan 10, 2022 at 08:02:50PM +0100, Philip Hands wrote: > The only missing bit AFAIK is getting the step where tasksel gets > installed into the target system, and then run, to be able to grab the > version of tasksel to use from an alternative apt repository (which is > already being

Re: Shall we serve scripts as application or as text?

On Mon, Aug 30, 2021 at 10:58:45PM +0100, Roger Lynn wrote: > It is usually easy to save a text file from a web browser, while it is hard > (impossible?) to persuade it to display an unknown application/* type. Thus, > even if your latter example is more common, it may be preferable use text/.

Re: Bug#988406: notifying users on EOL of a debian release

On Fri, May 14, 2021 at 12:08:09AM +, Paul Wise wrote: > I seem to remember that Ubuntu might have a solution for this and I > found these resources: Another possibility would be to use Ubuntu's dynamic motd support. This may not be appropriate for Debian but could be used to share news like

Re: Tools to better colorize the command-line experience?

On Thu, Jan 07, 2021 at 11:02:24PM +0200, Otto Kekäläinen wrote: > Do you have any tips about generic command-line coloring programs? The bat package provides a batcat program that'll add colour to a lot of different file formats. There's some screenshots on the github page:

Re: Security. Allow to run only executables with certain hash

On Fri, Feb 28, 2020 at 08:22:58PM +0200, Dmytro Spivak wrote: > Please make a system app, that will prevent strange executables and > wrappers to be launched. Hopefully this is helpful to you: https://sourceforge.net/p/linux-ima/wiki/Home/ Thanks signature.asc Description: PGP signature

Re: IBM POWER9 SIMD support? (Was: SIMDebian: ...)

On Sun, Feb 17, 2019 at 05:04:54AM +, Mo Zhou wrote: > However Power machines are really too expensive so I don't expect a While "too expensive" is subjective, there are "cheaper" power9 systems available soon: https://secure.raptorcs.com/content/BK1B01/purchase.html starting at ~$1200 USD.

Re: Installer: 32 vs. 64 bit

On Fri, Nov 09, 2018 at 05:31:00AM +, Chris Knadle wrote: > A logical place to check or the lack of BIOS virtualization features and show > an > error message for this would be within the .postinst script for the virtualbox > package in Debian. This way when Virtualbox is installed the user

Re: Uncoordinated upload of the rustified librsvg

On Wed, Nov 07, 2018 at 11:07:09AM -0800, Josh Triplett wrote: > Rust is stable. Thank you for your contributions helping it work on more > architectures, but "does not have first-tier support for every > architecture ever" is not a component of "stabilize". Hello Josh, I can't speak for anyone

Re: Problem sending my key to keyring.debian.org

On Wed, Oct 03, 2018 at 09:38:43AM +0800, Paul Wise wrote: > On Wed, Oct 3, 2018 at 9:16 AM Alexandre Viau wrote: > > keyring.debian.org pulls updates from the keyserver network? > No, it does not. > > I wasn't sure, and I would always send to keyring.debian.org separately. > This is still

Re: Problem sending my key to keyring.debian.org

On Tue, Oct 02, 2018 at 05:39:34PM -0700, Joseph Herlant wrote: > I'm having issues sending my updated key to keyring.debian.org: > [...] > Do you have any idea what I could do wrong here? Two thoughts: first, give it another try. I was able to refresh my keyring using the debian keyserver a few

Re: [apparmor] Let's enable AppArmor by default (why not?)

On Mon, Mar 19, 2018 at 10:10:02AM -0400, Marvin Renich wrote: > Is there a way that an app (e.g. smbd) whose file access requirements > change dynamically through admin and user configuration can at least > inspect its own apparmor profile and give the user a clue that the admin > must update the

Re: Debian part of a version number when epoch is bumped

On Tue, Feb 06, 2018 at 10:19:25PM +, Colin Watson wrote: > > Do you happen to know what was the reason somebody way back in time > > decided to not consider the epoch in the filenames? > > My understanding is that it would have caused some kind of problems for > common operations at the time

Re: seccomp jailing for applications (was: recommends for apparmor in newest linux-image-4.13)

On Fri, Dec 01, 2017 at 01:29:44AM +, Colin Watson wrote: > but should be much easier to maintain, and would probably also make it > easier to switch to a syscall-set-confining library if such a thing > exists in the future. Would a version of OpenBSD's pledge() system call have looked