On Tue, 15 Dec 2009 10:39:33 +1300
Paul M l...@no-tek.com wrote:
On 15/12/2009, at 7:10 AM, Bob Beck wrote:
| People are at the core motivated by their own self-interest. Anyone
| who says they aren't is selling something.
Yes, they're selling hilarity. It's The Onion, after all.
Ted Unangst wrote:
On Sat, Dec 12, 2009 at 4:47 PM, Lars Nooden lars.cura...@gmail.com wrote:
So everything under X should be considered available to everything else
under X.
I presume new models for displays, or new ways to get some kind of privilege
separation for X, have been discussed to
On Fri, Dec 18, 2009 at 4:31 PM, Lars Nooden lars.cura...@gmail.com wrote:
Ted Unangst wrote:
I'm not sure what you're after, but two conceivable starting points
would be the man pages for xauth and XSelectInput.
Those help. I'm trying to get an idea, even an abstract one, of how
individual
On Sat, 12 Dec 2009 23:47:38 +0200 (EET)
Lars Nooden lars.cura...@gmail.com wrote:
On Sat, 12 Dec 2009, Duncan Patton a Campbell wrote:
On Wed, 18 Nov 2009 21:51:03 -0800
Ted Unangst ted.unan...@gmail.com wrote:
How many people are aware that any X program can listen to the
keystrokes of
On Sat, Dec 12, 2009 at 4:47 PM, Lars Nooden lars.cura...@gmail.com wrote:
So everything under X should be considered available to everything else
under X.
I presume new models for displays, or new ways to get some kind of
privilege
separation for X, have been discussed to death already. Is
On Mon, Dec 14, 2009 at 06:08:30AM -0700, Duncan Patton a Campbell wrote:
On Sat, 12 Dec 2009 23:47:38 +0200 (EET)
Lars Nooden lars.cura...@gmail.com wrote:
On Sat, 12 Dec 2009, Duncan Patton a Campbell wrote:
On Wed, 18 Nov 2009 21:51:03 -0800
Ted Unangst ted.unan...@gmail.com wrote:
From past experience, I would expect much waving of hands over a two
weeks periods, with lots of expert telling you It's a complicated problem,
running around in circle finding even MORE complicated problems to solve,
and then things going back to its general state of apathy with respect
to
On 12/14/09 11:43 AM, Bob Beck wrote:
From past experience, I would expect much waving of hands over a two
weeks periods, with lots of expert telling you It's a complicated problem,
running around in circle finding even MORE complicated problems to solve,
and then things going back to its
The Journal Of Child Psychology And Psychiatry has concluded that an
estimated 98 percent of children under the age of 10 are remorseless
sociopaths with little regard for anything other than their own egocentric
interests and pleasures.
+--
| On 2009-12-14 10:17:54, Bob Beck wrote:
|
| http://www.theonion.com/content/news/new_study_reveals_most_children
|
| The people who publish such research, and those that read it and find
| it novel have obviously
| People are at the core motivated by their own self-interest. Anyone
| who says they aren't is selling something.
Yes, they're selling hilarity. It's The Onion, after all.
Yes, but it's funny because it's true. Even OpenBSD developers are
motivated by self interest...Ever wonder why the
On Mon, Dec 14, 2009 at 05:03:40PM +0100, Marc Espie wrote:
Considering the design of X, I don't expect any valid security model to emerge
out of it.
The Competitors to X section of the X11 Wikipedia page has some
interesting comments about alternatives to X
On 15/12/2009, at 7:10 AM, Bob Beck wrote:
| People are at the core motivated by their own self-interest. Anyone
| who says they aren't is selling something.
Yes, they're selling hilarity. It's The Onion, after all.
Yes, but it's funny because it's true. Even OpenBSD developers are
On Wed, 18 Nov 2009 21:51:03 -0800
Ted Unangst ted.unan...@gmail.com wrote:
How many people are aware that any X program can listen to the
keystrokes of any other X program?
Any machine running or accessed by an X-machine is fundamentally insecure
to whatever level of perms the accessor
On Sat, 12 Dec 2009, Duncan Patton a Campbell wrote:
On Wed, 18 Nov 2009 21:51:03 -0800
Ted Unangst ted.unan...@gmail.com wrote:
How many people are aware that any X program can listen to the
keystrokes of any other X program?
Any machine running or accessed by an X-machine is fundamentally
On Fri, 20 Nov 2009 14:37:36 +1100
Aaron Mason wrote:
On Fri, Nov 20, 2009 at 2:06 PM, rhubbell rhubb...@ihubbell.com wrote:
On Fri, 20 Nov 2009 12:02:51 +1100
Definitely not missing the point. Maybe you missed mine. Not worrying
because you trust everything about OpenBSD and everyone
On Fri, 20 Nov 2009 15:31:47 +1100
Rod Whitworth wrote:
On Thu, 19 Nov 2009 19:06:53 -0800, rhubbell wrote:
8 snipped for brevity.
You miss the point - the reason we toot that particular horn is that
you don't have to worry about those sorts of things (well, apart from
Definitely not
On Fri, 20 Nov 2009 08:22:45 -0500
Brad Tilley wrote:
On Thu, Nov 19, 2009 at 10:06 PM, rhubbell rhubb...@ihubbell.com wrote:
It's naive to point elsewhere and say see, they're not secure.
Other similar systems are not as secure and that has been objectively
demonstrated. Here's one
On Fri, 20 Nov 2009 18:22:08 +0100
soko.tica wrote:
On 11/20/09, rhubbell rhubb...@ihubbell.com wrote:
Definitely not missing the point. Maybe you missed mine. Not worrying
because you trust everything about OpenBSD and everyone that's worked
on it and every package you've installed and
On Wed, 25 Nov 2009 00:00:08 +1100
SJP Lists wrote:
2009/11/20 rhubbell rhubb...@ihubbell.com:
Definitely not missing the point. Maybe you missed mine. Not worrying
because you trust everything about OpenBSD and everyone that's worked
on it and every package you've installed and every
On Thu, Nov 26, 2009 at 2:10 PM, rhubbell rhubb...@ihubbell.com wrote:
On Fri, 20 Nov 2009 08:22:45 -0500
Brad Tilley wrote:
On Thu, Nov 19, 2009 at 10:06 PM, rhubbell rhubb...@ihubbell.com wrote:
It's naive to point elsewhere and say see, they're not secure.
Other similar systems are not
2009/11/20 rhubbell rhubb...@ihubbell.com:
Definitely not missing the point. Maybe you missed mine. Not worrying
because you trust everything about OpenBSD and everyone that's worked on
it and every package you've installed and every piece of hardware you've
installed, etc., etc. It's naive
On Thu, Nov 19, 2009 at 10:06 PM, rhubbell rhubb...@ihubbell.com wrote:
It's naive to point elsewhere and say see, they're not secure.
Other similar systems are not as secure and that has been objectively
demonstrated. Here's one example. See the chart at the top of page
three:
On Wed, 18 Nov 2009 16:05:04 -0800
Bryan bra...@gmail.com wrote:
So glad we don't have these kinds of issues...
https://bugzilla.redhat.com/show_bug.cgi?id=534047
And finally...
https://www.redhat.com/archives/fedora-devel-list/2009-November/msg01445.html
Good fun though.
--
On 11/20/09, rhubbell rhubb...@ihubbell.com wrote:
Definitely not missing the point. Maybe you missed mine. Not worrying
because you trust everything about OpenBSD and everyone that's worked on
it and every package you've installed and every piece of hardware you've
installed, etc., etc. It's
On Fri, 20 Nov 2009 12:02:51 +1100
Aaron Mason wrote:
On Thu, Nov 19, 2009 at 5:40 PM, rhubbell rhubb...@ihubbell.com wrote:
On Wed, 18 Nov 2009 16:05:04 -0800
Bryan wrote:
So glad we don't have these kinds of issues...
New around here, but I'm noticing a lot of tooting of our own
On Fri, Nov 20, 2009 at 2:06 PM, rhubbell rhubb...@ihubbell.com wrote:
On Fri, 20 Nov 2009 12:02:51 +1100
Definitely not missing the point. Maybe you missed mine. Not worrying
because you trust everything about OpenBSD and everyone that's worked on
it and every package you've installed and
On Thu, 19 Nov 2009 19:06:53 -0800, rhubbell wrote:
8 snipped for brevity.
You miss the point - the reason we toot that particular horn is that
you don't have to worry about those sorts of things (well, apart from
Definitely not missing the point. Maybe you missed mine. Not worrying
because you
So glad we don't have these kinds of issues...
https://bugzilla.redhat.com/show_bug.cgi?id=534047
On Wed, Nov 18, 2009 at 04:05:04PM -0800, Bryan wrote:
So glad we don't have these kinds of issues...
https://bugzilla.redhat.com/show_bug.cgi?id=534047
no one offered a diff to implement that feature on OpenBSD yet ?
it can easily be done by writing a sudoKit policy :-)
Gilles
--
Gilles
On Wed, Nov 18, 2009 at 04:05:04PM -0800, Bryan wrote:
So glad we don't have these kinds of issues...
https://bugzilla.redhat.com/show_bug.cgi?id=534047
Wow that's tremendously funny.
--
DISCLAIMER: http://goldmark.org/jeff/stupid-disclaimers/
This message will self-destruct in 3
On Wed, Nov 18, 2009 at 16:55, Abel Abraham Camarillo Ojeda
acam...@the00z.org wrote:
On Wed, Nov 18, 2009 at 04:05:04PM -0800, Bryan wrote:
So glad we don't have these kinds of issues...
https://bugzilla.redhat.com/show_bug.cgi?id=534047
Wow that's tremendously funny.
--
DISCLAIMER:
Before everyone goes too bonkers, consider exactly how safe/dangerous
this behavior actually is on a single user machine. Food for thought.
Think to yourself: what *exactly* is the difference between the only
user account on your machine and root? How are you safe?
On Nov 18, 2009, at
Before everyone goes too bonkers, consider exactly how safe/dangerous
this behavior actually is on a single user machine. Food for thought.
Think to yourself: what *exactly* is the difference between the only
user account on your machine and root? How are you safe?
Not everyone runs
2009/11/19 Ted Unangst ted.unan...@gmail.com:
Think to yourself: what *exactly* is the difference between the only user
account on your machine and root? How are you safe?
And then you create a guest account on your netbook...
Read the comments. There are some interesting exploits for this...
On Wed, 18 Nov 2009 17:08 -0800, Bryan bra...@gmail.com wrote:
On Wed, Nov 18, 2009 at 16:55, Abel Abraham Camarillo Ojeda
acam...@the00z.org wrote:
On Wed, Nov 18, 2009 at 04:05:04PM -0800, Bryan wrote:
So glad we don't have these kinds of issues...
On Wed, Nov 18, 2009 at 05:38:38PM -0800, Ted Unangst wrote:
Before everyone goes too bonkers, consider exactly how safe/dangerous
this behavior actually is on a single user machine. Food for thought.
Think to yourself: what *exactly* is the difference between the only
user account on
--- On Wed, 11/18/09, Bryan bra...@gmail.com wrote:
From: Bryan bra...@gmail.com
Subject: OT: Have you hugged your local OpenBSD dev lately?
To: Misc OpenBSD misc@openbsd.org
Received: Wednesday, November 18, 2009, 7:05 PM
So glad we don't have these kinds of
issues...
https
On Nov 18, 2009, at 5:47 PM, Theo de Raadt dera...@cvs.openbsd.org
wrote:
Before everyone goes too bonkers, consider exactly how safe/dangerous
this behavior actually is on a single user machine. Food for
thought.
Think to yourself: what *exactly* is the difference between the only
user
If you give untrusted people unsupervised access to your laptop, I
hope you have a better lock than I do.
On Nov 18, 2009, at 5:45 PM, Martin SchrC6der mar...@oneiros.de wrote:
2009/11/19 Ted Unangst ted.unan...@gmail.com:
Think to yourself: what *exactly* is the difference between the
only
Not a change i would make, but for a desktop? Not a big deal.
On Nov 18, 2009, at 5:48 PM, Eric Furman misc@openbsd.org wrote:
but making it *default* behaviour??
On Wed, 18 Nov 2009 17:38 -0800, Ted Unangst ted.unan...@gmail.com
wrote:
Before everyone goes too bonkers, consider exactly how
On Wed, Nov 18, 2009 at 05:38:38PM -0800, Ted Unangst wrote:
Before everyone goes too bonkers, consider exactly how safe/dangerous
this behavior actually is on a single user machine.
but did they also by default restrict the system to 1 user?
it's not so much the idea that's laughable, but
To be sure, I don't think it's the best idea. But practically? For
actual users running fedora? I doubt the change makes much difference
for many of them.
The reason I even brought this up is not because I like the idea, but
because I think it is a good opportunity to reflect on what user
On Wed, 18 Nov 2009 16:05:04 -0800
Bryan wrote:
So glad we don't have these kinds of issues...
New around here, but I'm noticing a lot of tooting of our own horn...so to
speak. With all the possible vectors for compromising a system that are
available it just sounds naive to keep touting how
44 matches
Mail list logo