On Mon, Jan 15, 2001 at 10:42:34AM +, Steve Mynott wrote:
> "David H. Adler" <[EMAIL PROTECTED]> writes:
> >
> > Oh, you're much too kind. My redhat box is disintigrating before my
> > very eyes. root partition filled up for no reason and, thus I looked
> > at the partition table:
> >
> >
On Mon, Jan 15, 2001 at 09:26:40AM -0500, Mark Rogaski wrote:
> An entity claiming to be David Cantrell ([EMAIL PROTECTED]) wrote:
>
> : And as a matter of fact, I *did* check the script by hand before piping it
> : in to a shell.
Mainly out of interest to see how it did it rather than because I
An entity claiming to be David Cantrell ([EMAIL PROTECTED]) wrote:
:
: And as a matter of fact, I *did* check the script by hand before piping it
: in to a shell. Of course, that still doesn't help when it comes to
: verifying all the binaries involved. Perhaps you're saying we should
: never i
> programs together, but I increasingly see it as a rather hackish peculiarity
> of unix as opposed to a design strength. And it seems more hackish with each
> passing year. This kind of stuff is groovy for sysadmin and local automation
> but I don't like it in widely distributed stuff. As languag
Greg McCarroll wrote:
> * Philip Newton ([EMAIL PROTECTED]) wrote:
> > David Cantrell wrote:
> > > And even CPAN counts as untrusted and unverified - how am I
> > > to tell that $random_mirror has not been compromised?
> >
> > Heck, how can you tell that the super module someone told
> > you ab
* Philip Newton ([EMAIL PROTECTED]) wrote:
> David Cantrell wrote:
> > And even CPAN counts as untrusted and unverified - how am I
> > to tell that $random_mirror has not been compromised?
>
> Heck, how can you tell that the super module someone told you about or you
> found through search.cpan.
David Cantrell wrote:
> And even CPAN counts as untrusted and unverified - how am I
> to tell that $random_mirror has not been compromised?
Heck, how can you tell that the super module someone told you about or you
found through search.cpan.org doesn't contain a trojan in its Makefile.PL?
Cheer
* Michael Stevens ([EMAIL PROTECTED]) wrote:
> On Sun, Jan 14, 2001 at 11:26:28PM -0500, Mark Rogaski wrote:
> > It's also sheer idiocy to pipe arbitrary code from an untrusted, unverified
> > source directly to the shell.
>
> How is it less secure than downloading a tar file and typing ./configu
> How is it less secure than downloading a tar file and typing
> ./configure?
It's not, I suppose, but it's annoying in a unixy kind of way. I used to
think it was really cool the way you could chain lots of little unixy
programs together, but I increasingly see it as a rather hackish peculiarity
On Sun, Jan 14, 2001 at 11:26:28PM -0500, Mark Rogaski wrote:
> It's also sheer idiocy to pipe arbitrary code from an untrusted, unverified
> source directly to the shell.
How is it less secure than downloading a tar file and typing ./configure?
Admittedly you *could* check several meg of source
"David H. Adler" <[EMAIL PROTECTED]> writes:
> On Sat, Jan 13, 2001 at 05:19:18PM -0600, Paul Makepeace wrote:
> > It continues to amaze me that people still use Red Hat. It's
> > just a pile of marketing driven crap.
>
> Oh, you're much too kind. My redhat box is disintigrating before my
> ver
On Mon, Jan 15, 2001 at 10:20:02AM +, David Cantrell wrote:
> On Sun, Jan 14, 2001 at 11:26:28PM -0500, Mark Rogaski wrote:
>
> > It's also sheer idiocy to pipe arbitrary code from an untrusted, unverified
> > source directly to the shell.
>
> Of course, it's equally stupid to install softwar
On Sun, Jan 14, 2001 at 11:26:28PM -0500, Mark Rogaski wrote:
> An entity claiming to be David Cantrell ([EMAIL PROTECTED]) wrote:
>
> : It's more than cute. It's *BRILLIANT*. The user doesn't even have to
> : know what computer they have. Whilst they only support a couple of
> : combinations
* Mark Rogaski ([EMAIL PROTECTED]) wrote:
> An entity claiming to be David Cantrell ([EMAIL PROTECTED]) wrote:
> :
> : It's more than cute. It's *BRILLIANT*. The user doesn't even have to
> : know what computer they have. Whilst they only support a couple of
> : combinations of architecture an
On Sun, Jan 14, 2001 at 11:26:28PM -0500, Mark Rogaski wrote:
> An entity claiming to be David Cantrell ([EMAIL PROTECTED]) wrote:
> :
> : It's more than cute. It's *BRILLIANT*. The user doesn't even have to
> : know what computer they have. Whilst they only support a couple of
> : combination
An entity claiming to be David Cantrell ([EMAIL PROTECTED]) wrote:
:
: It's more than cute. It's *BRILLIANT*. The user doesn't even have to
: know what computer they have. Whilst they only support a couple of
: combinations of architecture and OS in that script, it would be pretty
: damned tri
On Sat, Jan 13, 2001 at 05:19:18PM -0600, Paul Makepeace wrote:
> On Sat, Jan 13, 2001 at 03:05:48PM +, Michael Stevens wrote:
> >
> > Or, more sensibly, debian.
> >
> > apt-get install foo
>
> It continues to amaze me that people still use Red Hat. It's
> just a pile of marketing driven cr
On Sun, Jan 14, 2001 at 05:01:55AM +, Shevek wrote:
> I had always committed to the nature of Unix being that one does end up
> with a pile of stuff on disk which one doesn't use.
for i in etc usr; do
find /$i -mount -type f -atime +60 | perl -lne unlink;
done
:-)
> The point is tha
On Sun, Jan 14, 2001 at 05:01:55AM +, Shevek wrote:
> On Sun, 14 Jan 2001, David Cantrell wrote:
>
> > rely on RPMs. The real reason I haven't switched is because it's really
> > *nasty* trying to switch from one distro to another without a) losing
> > valuable config data and b) ending up w
David Cantrell <[EMAIL PROTECTED]> writes:
> Yeah, I know, but then I compile plenty of stuff from scratch rather than
> rely on RPMs. The real reason I haven't switched is because it's really
The drawback with 'make install' from source is that it doesn't write a
database of files owned by tha
* Shevek ([EMAIL PROTECTED]) wrote:
> On Sun, 14 Jan 2001, David Cantrell wrote:
>
> > rely on RPMs. The real reason I haven't switched is because it's really
> > *nasty* trying to switch from one distro to another without a) losing
> > valuable config data and b) ending up with a ton of unused
On Sun, 14 Jan 2001, David Cantrell wrote:
> rely on RPMs. The real reason I haven't switched is because it's really
> *nasty* trying to switch from one distro to another without a) losing
> valuable config data and b) ending up with a ton of unused junk on the disk
> which is nigh-on impossible
On Sat, Jan 13, 2001 at 05:19:18PM -0600, Paul Makepeace wrote:
> It continues to amaze me that people still use Red Hat. It's
> just a pile of marketing driven crap. Debian is so far superior
> it hurts watching people struggle with RPMs.
Yeah, I know, but then I compile plenty of stuff from sc
On Sat, Jan 13, 2001 at 03:05:48PM +, Michael Stevens wrote:
>
> Or, more sensibly, debian.
>
> apt-get install foo
It continues to amaze me that people still use Red Hat. It's
just a pile of marketing driven crap. Debian is so far superior
it hurts watching people struggle with RPMs.
And
On Sat, Jan 13, 2001 at 02:53:57PM +, David Cantrell wrote:
> > Surely, then, rpm should have the ability to install and fetch
> > dependencies from the network automagically?
> Yes it should. It doesn't. Which is why Helix's installer is so much
> easier to use.
Or, more sensibly, debian
On Sat, Jan 13, 2001 at 02:59:26PM +, Rob Partington wrote:
> David Cantrell <[EMAIL PROTECTED]> writes:
>
> > Cos the 'special' install is a damned sight less hassle for most users than
> > downloading 50 RPMs?
>
> Surely, then, rpm should have the ability to install and fetch
> dependencie
In message <[EMAIL PROTECTED]>,
David Cantrell <[EMAIL PROTECTED]> writes:
> Cos the 'special' install is a damned sight less hassle for most users than
> downloading 50 RPMs? If you want to download individual packages you can.
Surely, then, rpm should have the ability to install and fetch
depe
On Sat, Jan 13, 2001 at 02:04:15PM +, Steve Mynott wrote:
> I would have prefered a short list of RPMs and FTP. Why should it
> have a "special" install and why can't it install like everything else?
Cos the 'special' install is a damned sight less hassle for most users than
downloading 50
David Cantrell <[EMAIL PROTECTED]> writes:
> On Fri, Jan 12, 2001 at 02:46:34PM -0600, Paul Makepeace wrote:
> > On Fri, Jan 12, 2001 at 08:28:25PM +, David Cantrell wrote:
> > > lynx -source http://go-gnome.com/ | sh
> >
> > That's cute!
>
> It's more than cute. It's *BRILLIANT*. The use
On Fri, 12 Jan 2001, Aaron Trevena wrote:
> On Fri, 12 Jan 2001, Paul Makepeace wrote:
>
> > On Fri, Jan 12, 2001 at 08:28:25PM +, David Cantrell wrote:
> > > lynx -source http://go-gnome.com/ | sh
>
> that would rock.
>
> also what would be very valuable would be the ability to install fr
On Fri, 12 Jan 2001, Paul Makepeace wrote:
> On Fri, Jan 12, 2001 at 08:28:25PM +, David Cantrell wrote:
> > lynx -source http://go-gnome.com/ | sh
that would rock.
also what would be very valuable would be the ability to install from one
config for a cluster or synchronise config changes (
On Fri, Jan 12, 2001 at 02:46:34PM -0600, Paul Makepeace wrote:
> On Fri, Jan 12, 2001 at 08:28:25PM +, David Cantrell wrote:
> > lynx -source http://go-gnome.com/ | sh
>
> That's cute!
It's more than cute. It's *BRILLIANT*. The user doesn't even have to
know what computer they have. Whil
On Fri, Jan 12, 2001 at 08:28:25PM +, David Cantrell wrote:
> lynx -source http://go-gnome.com/ | sh
That's cute!
If you wanted to use Perl;
# `GET http://go-gnome.com`
: )
Paul
On Fri, Jan 12, 2001 at 07:06:00PM +, Steve Mynott wrote:
> No you would want to build packages (.deb, .rpm and BSD and Solaris
> packages) of rope for a "binary" type install as well as supplying a
> "source" tar which works with make, make install.
The installation method used by Helix is
Greg McCarroll <[EMAIL PROTECTED]> writes:
> finally is it enough to simply tar.gz /usr/local/Rope and tag it
> with the architecture details
No you would want to build packages (.deb, .rpm and BSD and Solaris
packages) of rope for a "binary" type install as well as supplying a
"source" tar whic
On Fri, 12 Jan 2001, Greg McCarroll wrote:
> what about the actual mechanics of putting rope together? i'm assuming
> we'd create a /usr/local/Rope, build the latest stable perl in there,
> then configure apache for mod_perl etc and install it under there as
> well, the the other modules.
A dire
On Fri, Jan 12, 2001 at 02:16:15PM +, Andy Wardley wrote:
> Said I:
> > In all fairness, I have to say that mailman is an *excellent* mailing
> > list manager.
>
> Said David H. Adler:
> > So why haven't you reimplemented it in perl? :)
>
> Are you sitting comfortably? :-)
>
> Becaus
* Aaron Trevena ([EMAIL PROTECTED]) wrote:
>
> Following the interest in rope/pope, etc perhaps it would be an idea for
> some of the more perl / oss oriented companies in london (or wherever) to
> agree to take part in the project on a semi official basis - much of what
> the work that the lond
Following the interest in rope/pope, etc perhaps it would be an idea for
some of the more perl / oss oriented companies in london (or wherever) to
agree to take part in the project on a semi official basis - much of what
the work that the london and UK companies do is replicated because of lack
> Said Andy Originally:
>
> > In all fairness, I have to say that mailman is an *excellent* mailing
> > list manager.
>
> Said David H. Adler:
>
> > So why haven't you reimplemented it in perl? :)
>
I would like to kill this thread (and suggest using mailman rather than
anything else) as
*
40 matches
Mail list logo
