If target is compromised, a malicious user can run arbitrary commands through rsync.
I agree this is an issue, the best solution I have found is Push Mirroring with this the command that can be run is put in the ssh public key and then the compromised client can only run this specific command.
Re:One reason why I'm still using Window Maker....
on
Xfce 4.2.0 Released
·
· Score: 2, Informative
Yeah... I'm also still using WindowMaker, and it's great, the only thing that I don't like is the lack of UTF-8 support...
A few sites I have worked on that are run by MKDoc are listed in their top 500, since MKDoc generates a RDF metadata file for every HTML document, but the biggest and most interesting are missing, I expect that there are perhaps several hundred times more RDF documents out there than they have found...
I agree with all the comments about Plone being great,
if Plone existed before we started developing MKDoc then
we probably wouldn't have bothered... If you like Plone but want a CMS written
in Perl then check out MKDoc.
MKDoc doesn't yet have such a big community around it yet but it's
only just been GPL'ed...
The PHP CMS's are great if you don't have root, if you do then the Zope,
Perl and Java ones are worth checking out.
Another one that hasn't been mentioned here is Java Mir the Indymedia CMS.
Well, When I installed my Gentoo-box, there were nForce-drivers (forcedeth) right in the Kernel (2.6.3-mm1), so I'm not sure what more do you people want?
He was talking about "NVIDIA card". Since when do you call Motherboard "a card"? He was obviously talking about his vid-card
Well actually he was talking about both -- the references about not being able to do net installs with Nvidia motherboards is because the module for running the ethernet card has to be downloaded from Nvidia's web site and complied for the kernel you are using before you can connect to the net via ethernet -- a situation that is really lame and sucky...
People should not accept this or we'll get into another situation like you have with NVidia. Get a brand new box and you can't even do a net install on your Nforce chipset box because you need the nvnet driver which is a proprietary binary-only module
I totally agree.
I built a shuttle box for my little sister a while ago not realising that the Nvidia motherboard's built in ethernet card will only run with a module from Nvidia, it took a while to work this out after installing Linux on it the first time...
Then 6 months later I have a chance to upgrade Red Hat 9 to Fedora on the box and after the upgrade I discover that the network doesn't work... and at this point I remember what I had to do 6 months before... Aarh!
So I have to go through the whole process again, find another computer that is connected to the net, download the Nvidia drivers, burn a CD... I thought I'd try the SRPM to make upgrades easier, well these don't build as a normal user so I gave up on them, so I then need to download the tgz version, burn another CD....
This results in a situation where the kernel can't be upgraded without manually rebuilding the Nvidia modules and this isn't something that I would want to suggest to my sister (she never uses a CLI)... So the local root exploits that all but the latest Fedora kernal have don't get patched... (not a big issue since it's behind a NATed connection and there are only a couple of user accounts, but still it's not ideal...)
The result of this is that I'll never recommend that anyone gets a Nvidia motherboard and I'll never buy one, it's far too much hassle.
Sadly I'm stuck with Nvidia video cards in order to play games such as Quake 3 in linux... I wish this wasn't the case...
What would be ideal would be if the manufactures either release enough info so that GPL drivers can be produced or if they release GPL drivers themselves so they can be included in the kernel.
Last year I wanted a IDE RAID card and after much googling I discovered that the 3ware ones have drivers in the kernel and no others do, so I brought one even though it cost me more money it has saved me loads of time because I haven't had to mess with installing modules from a hardware company every time I upgrade the kernel... I have no regrets about this bit of hardware... unlike the Nvidia motherboard...
There was some counter-summit stuff done in Geneva last December at the same time as the WSIS conference, the two sites that were used were the Hub Project open publishing site and the Geneva03.net wiki.
The level of police repression was fairly unbelievable -- the planned polymedia lab (like a hack meet thing) was shut down by riot police... Following this it got another venue and worked out OK in the end. I helped a few people get their laptops booting into Linux:-)
There were some cool things done like projecting some stuff onto the WIPO HQ, but I don't thinkt hat the counter events had much impact on the main thing -- it is bug buisness that is running it...
...is how to get rid of those pseudo-pages in Google. The ones with names like "thing_that_youre_searching_for.html", and all they are is either a page of dead links to crap on ebay, or a "Hey, we do great searches for your stuff".
+1
There are things that you just can't use Google for any more becaues these googlespam sites score so well... it's like being back in the days before google...
I think that the manner in which free software is produced does represent a new mode of production, one that has the potential to become the dominent mode of production.
One of the best things I have read about this idea is this interview:
The spread of the free software mode of production
on
The Opening of Biotech
·
· Score: 1
Good stuff, the more areas of human activity that the free software way of producing things spreads to the better, another science thing is featured on the front page of Creative Commons at the moment, PLoS:
Science and education seem to be areas where this is taking off at the moment, the design of things seems to be happening at a lot slower rate. Perhaps the lack of free CAD software to compete with AutoCAD is one of the main things holding this back?
I'm looking forward to the day when I can buy a washing machine and vacuum cleaner that are build from designs under GPL style licences...
The participants of the 1ST INTERNATIONAL FREE SOFTWARE CONFERENCE - CONISLI,
meeting in the city of Sao Paulo, Brazil rom the 8th-9th November,
declare:
That the iniciatives of the Brazilian Federal Government, co-ordinated by
the 'Technical Committee for Free Software Implementation' for the e-government
have our full support.
These initiatives, endorsed by the decree of President Lula of the 29th October
2003, consolidate the e-government policy launched by the Minister for Home
Affairs ['Casa Civil'], Jose Dirceu, and constitute a milestone in the
development of a new, inclusive information society based on free knowledge.
That we give broad support to the initiative of the Brazilian National Congress
led by the President of the National Congress, Senator Jose Sarney, and
by the President of the House of Deputies, Joao Paulo Cunha, who organized the
'Week of Free Software in the Legislature'. We also support the creation of
the 'Joint Parliamentary Front for Free Software' (FRENSOFT), which includes,
to date, 135 deputies and 26 senators. The width and scale of FRENSOFT,
headed by Senator Serys Slhessarenko, is shown by the fact that it is the
only parliamentary front which has as honorary president the President of
the National Congress. This also reflects the feeling of national unity
in support of a new model which fights the digital divide and allows the
development of a national industry, free from the restrictive barriers imposed
by obscure proprietary licenses.
That we support the initiative creating the 'Free Software Brazil Project'
and the projects at state level as necessary intermediaries between the
diverse actors in the Brazilian free software community: governments,
universities, private initiatives, user groups, and free software developers.
That free software is an integral part of the creation of a free, just,
ethical, and inclusive society, in which people have the possibility of
mutually helping one another in solidarity.
That free software respects the need to preserve multilingualism and cultural
and sexual identities in cyberspace.
That the freedoms granted to the users of free software allow the possibility
of them escaping from the simple role of consumers of technology to become
active participants in a knowledge society.
That the license policy of proprietary software is unsustainable for the
economies of developing countries.
That the model of free licenses represents an opportunity to reach an equality
of rights in the technological field, shrinking the digital divide, and
favouring users with fewer economic resources.
That the development achieved by free software and the potential that it
represents are a clear proof of its strategic function on the way to a
knowledge and information society.
That the training of people with free, just, ethical, and inclusive thought
is fundamental for society, and free software is a great catalyst for such
values.
THEREFORE, we propose to the Brazilian Government, to civil society, to
the organizations of the third sector, and in particular, to our delegation
which will represent Brazil at the World Summit on the Information Society,
to take place in Geneva from 10-12 December, the following:
1. The composition of the delegation, as well as the position they take, must
necessarily reflect the undertakings which the Federal Ececutive Power,
National Congress, and Brazilian free software community have defended
publicly, in favour of freedom of knowledge and of free software;
2. That the Ministry of Foregin Affairs and the organizations of the Third
Sector seek to articulate and form
RedHat didn't sell us out. The Fedora Project is The Right Thing.
Glad to see that there is at least one other person here who understands what the Fedora Project is and what it represents -- the start of a process of handing over of development to the community:-)
It will be a cold day in hell before I ever use Red Hat again, for enterprise or anything else. They have betrayed their base and mendaciously and cynically undermined Linux to justify this shame faced betrayal.
I have a different perspective, I think the opening up of the development of the Red Hat disto via the Fedora Project is a good thing.
The exchange value of a Fedora CD set (or any other Linux distro) is basically the cost of producing and shipping them, there is some money to be made there but not much.
I think this is why Red Hat are concentrating on selling services to businesses.
Fedora is called Fedora in part because of the merger with the Fedora Linux Project, a group who were producing 3rd party RPMs for machines running Red Hat and also to enable the free as in free beer distribution to be reproduced en mass by anyone without having the hassle of removing the Red Hat logo before burning the ISOs.
I have been lurking and sometimes reading mail on the new Fedora lists and lots of cool stuff has been happening, PPC ports, offers to help on internationalisation, the inclusion of more packages, support for other updaters like apt and yum and even a legacy project to support old Red Hat versions is being started.
What is essentially happening here is that the free software mode of production is asserting its nature and getting more into the driving seat -- free software works best when it is developed in an open and free manner.
I'm beginning to think RedHat would have gotten much less negative reactions if they'd called it "RedHat Fedora" or something, instead of just "Fedora".
IANAL, however I think they have done this to enable anyone to copy and sell Fedora CDs:-)
Hmm, well I think it is more like what AOL did when they pulled the plug and set up the Mozilla Foundation or perhaps what Sun did with OpenOffice, but neither of these are exactly the same...
This could definately be a step back for linux on the desktop, which had finally become a pleasantly useable thing.
No, I think it will be good for the desktop, things like WindowMaker will get back in, and the added involement of more developers will make stuff happen quicker -- Fedora 1 will be even more bleeding edge than Redhat was.
For things like i18n it will be fantastic -- RedHat could never afford to employ developers for every language, and now anyone can help with i18n for Fedora:-)
I would bet that Novell/Suse arent going to piss off all the developers like Red Hat has done.
Have you read any of the Fedora Email Lists? -- RedHat are not pissing-off developers, they are opening up the development process to developers and this is resulting is loads of cool stuff happening.
I'm somewhat shocked by the amount of FUD on/. about RedHat at the moment...
The Fedora 1 CDs will be out in a few days, it'll probably be the biggest bittorrent download ever and perhaps people will start to realise that what RedHat is doing is a good thing -- they are embracing and working with the community more than ever:-)
The are opening up development to the community, this is leading to lots of excitings happening, as I said yesterday.
What RedHat are doing means that anyone can duplicate and sell Fedora CDs and stuff like that, Fedora is becoming more like debian in terms of community involvement -- and this is great!
I dunno much about SuSE, but I do know that the nature of the mode of production of free software is such that it is best done in an open way -- doing it in a closed way is too expensive.
Personally I'd rather be working for RedHat than SuSE right now...
I've just read the posts at +3 and it seems like everyone thinks this is a negative, bad thing -- it's not at all:-)
RedHat have found that a free software project cannot be developed in a close way -- it is too expensive amoung other things. So they have opened up development to the community.
If you just follow some of the mail on the fedora lists you will find that the opening up of the project has led to loads of cool stuff starting to happen, the fedora legacy project to support old versions, people offering to do i18n stuff, people working on a PPC version, support for apt and yum -- none of this would have happened without out the dev being opened up.
Also why is it called Fedora? -- well one reason is so that anyone can duplicate CDs and sell it! Before people doing cheap CDs had to remove the Redhat trademark stuff, now you don't need to:-)
This is great, for a while I have been using cpan2flute which comes in an RPM from freshrpms to build my own RPMs from CPAN for my RedHat boxen, and this will save me from doing that:-)
Will there be an apt repository? I hope so:-)
Also will it be able to cope with ImageMagik -- probably the hardest Perl module to get working in my experience...
Slashdot Mirror
I agree this is an issue, the best solution I have found is Push Mirroring with this the command that can be run is put in the ssh public key and then the compromised client can only run this specific command.
Yeah... I'm also still using WindowMaker, and it's great, the only thing that I don't like is the lack of UTF-8 support...
A few sites I have worked on that are run by MKDoc are listed in their top 500, since MKDoc generates a RDF metadata file for every HTML document, but the biggest and most interesting are missing, I expect that there are perhaps several hundred times more RDF documents out there than they have found...
I agree with all the comments about Plone being great, if Plone existed before we started developing MKDoc then we probably wouldn't have bothered... If you like Plone but want a CMS written in Perl then check out MKDoc.
MKDoc doesn't yet have such a big community around it yet but it's only just been GPL'ed...
The PHP CMS's are great if you don't have root, if you do then the Zope, Perl and Java ones are worth checking out.
Another one that hasn't been mentioned here is Java Mir the Indymedia CMS.
Unless you run your own mail server and use TLS...
There are some notes on setting this up on Fedora with Postfix on my local LUGs wiki.
Of course the SMTP server at the other and needs to support TLS also...
Nothing :-)
I didn't realise that there was a cleanroom reimplementation based on reverse engineered documentation -- I guess when I go to upgrade my sisters machine to Fedora 2 in April this will be included and everything will just work, cool :-)
Well actually he was talking about both -- the references about not being able to do net installs with Nvidia motherboards is because the module for running the ethernet card has to be downloaded from Nvidia's web site and complied for the kernel you are using before you can connect to the net via ethernet -- a situation that is really lame and sucky...
I totally agree.
I built a shuttle box for my little sister a while ago not realising that the Nvidia motherboard's built in ethernet card will only run with a module from Nvidia, it took a while to work this out after installing Linux on it the first time...
Then 6 months later I have a chance to upgrade Red Hat 9 to Fedora on the box and after the upgrade I discover that the network doesn't work... and at this point I remember what I had to do 6 months before... Aarh!
So I have to go through the whole process again, find another computer that is connected to the net, download the Nvidia drivers, burn a CD... I thought I'd try the SRPM to make upgrades easier, well these don't build as a normal user so I gave up on them, so I then need to download the tgz version, burn another CD....
This results in a situation where the kernel can't be upgraded without manually rebuilding the Nvidia modules and this isn't something that I would want to suggest to my sister (she never uses a CLI)... So the local root exploits that all but the latest Fedora kernal have don't get patched... (not a big issue since it's behind a NATed connection and there are only a couple of user accounts, but still it's not ideal...)
The result of this is that I'll never recommend that anyone gets a Nvidia motherboard and I'll never buy one, it's far too much hassle.
Sadly I'm stuck with Nvidia video cards in order to play games such as Quake 3 in linux... I wish this wasn't the case...
What would be ideal would be if the manufactures either release enough info so that GPL drivers can be produced or if they release GPL drivers themselves so they can be included in the kernel.
Last year I wanted a IDE RAID card and after much googling I discovered that the 3ware ones have drivers in the kernel and no others do, so I brought one even though it cost me more money it has saved me loads of time because I haven't had to mess with installing modules from a hardware company every time I upgrade the kernel... I have no regrets about this bit of hardware... unlike the Nvidia motherboard...
There was some counter-summit stuff done in Geneva last December at the same time as the WSIS conference, the two sites that were used were the Hub Project open publishing site and the Geneva03.net wiki.
The level of police repression was fairly unbelievable -- the planned polymedia lab (like a hack meet thing) was shut down by riot police... Following this it got another venue and worked out OK in the end. I helped a few people get their laptops booting into Linux :-)
There were some cool things done like projecting some stuff onto the WIPO HQ, but I don't thinkt hat the counter events had much impact on the main thing -- it is bug buisness that is running it...
+1
There are things that you just can't use Google for any more becaues these googlespam sites score so well... it's like being back in the days before google...
Yup.
I think that the manner in which free software is produced does represent a new mode of production, one that has the potential to become the dominent mode of production.
One of the best things I have read about this idea is this interview:
FREE SOFTWARE & GPL SOCIETY.
Good stuff, the more areas of human activity that the free software way of producing things spreads to the better, another science thing is featured on the front page of Creative Commons at the moment, PLoS:
Science and education seem to be areas where this is taking off at the moment, the design of things seems to be happening at a lot slower rate. Perhaps the lack of free CAD software to compete with AutoCAD is one of the main things holding this back?
I'm looking forward to the day when I can buy a washing machine and vacuum cleaner that are build from designs under GPL style licences...
The World Summit on the Information Society (WSIS), which is one of these global UN conferences, is taking place in Geneva in December.
A translation of the Brasilian position has been psoted to the Oekonux List:
Glad to see that there is at least one other person here who understands what the Fedora Project is and what it represents -- the start of a process of handing over of development to the community :-)
I have a different perspective, I think the opening up of the development of the Red Hat disto via the Fedora Project is a good thing.
The exchange value of a Fedora CD set (or any other Linux distro) is basically the cost of producing and shipping them, there is some money to be made there but not much.
I think this is why Red Hat are concentrating on selling services to businesses.
Fedora is called Fedora in part because of the merger with the Fedora Linux Project, a group who were producing 3rd party RPMs for machines running Red Hat and also to enable the free as in free beer distribution to be reproduced en mass by anyone without having the hassle of removing the Red Hat logo before burning the ISOs.
However Red Hat could do what Mozilla does, sell cheap Mozilla CDs or what OpenOffice.org does, link to people selling OpenOffice.org CDs. After all Red Hat still sells hats, stickers, t-shirts and posters!
I have been lurking and sometimes reading mail on the new Fedora lists and lots of cool stuff has been happening, PPC ports, offers to help on internationalisation, the inclusion of more packages, support for other updaters like apt and yum and even a legacy project to support old Red Hat versions is being started.
What is essentially happening here is that the free software mode of production is asserting its nature and getting more into the driving seat -- free software works best when it is developed in an open and free manner.
IANAL, however I think they have done this to enable anyone to copy and sell Fedora CDs :-)
See here for more info: Fedora Trademark Guidelines.
Hmm, well I think it is more like what AOL did when they pulled the plug and set up the Mozilla Foundation or perhaps what Sun did with OpenOffice, but neither of these are exactly the same...
No, I think it will be good for the desktop, things like WindowMaker will get back in, and the added involement of more developers will make stuff happen quicker -- Fedora 1 will be even more bleeding edge than Redhat was.
For things like i18n it will be fantastic -- RedHat could never afford to employ developers for every language, and now anyone can help with i18n for Fedora :-)
They are not killing off their major project line, they are making it more free and thus ensuring it's long term sustaniability :-)
OK so you can't buy a Fedora 1 CD from RedHat, but now anyone can start a buisness selling Fedora CDs!
Spend some time looking at the Fedora web site...
Have you read any of the Fedora Email Lists? -- RedHat are not pissing-off developers, they are opening up the development process to developers and this is resulting is loads of cool stuff happening.
I'm somewhat shocked by the amount of FUD on /. about RedHat at the moment...
The Fedora 1 CDs will be out in a few days, it'll probably be the biggest bittorrent download ever and perhaps people will start to realise that what RedHat is doing is a good thing -- they are embracing and working with the community more than ever :-)
RedHat are not abandoning their base!
The are opening up development to the community, this is leading to lots of excitings happening, as I said yesterday.
What RedHat are doing means that anyone can duplicate and sell Fedora CDs and stuff like that, Fedora is becoming more like debian in terms of community involvement -- and this is great!
I dunno much about SuSE, but I do know that the nature of the mode of production of free software is such that it is best done in an open way -- doing it in a closed way is too expensive.
Personally I'd rather be working for RedHat than SuSE right now...
This post from Alan Cox, (which has not been modded up, and should be...) explains about the trademark stuff some more.
I've just read the posts at +3 and it seems like everyone thinks this is a negative, bad thing -- it's not at all :-)
RedHat have found that a free software project cannot be developed in a close way -- it is too expensive amoung other things. So they have opened up development to the community.
If you just follow some of the mail on the fedora lists you will find that the opening up of the project has led to loads of cool stuff starting to happen, the fedora legacy project to support old versions, people offering to do i18n stuff, people working on a PPC version, support for apt and yum -- none of this would have happened without out the dev being opened up.
Also why is it called Fedora? -- well one reason is so that anyone can duplicate CDs and sell it! Before people doing cheap CDs had to remove the Redhat trademark stuff, now you don't need to :-)
Not just using POST for changing state server side and GET for other stuff is a mistake that is often made...
The REST stuff is good on this...
Also the W3C document on URIs, Addressability, and the use of HTTP GET and POST, a document being debated on the W3C Technical Architecture Group (TAG) list is debating at the moment [ thread 1 | thread 2 ] also well worth reading...
I wonder if REST is covered in this book?
This is great, for a while I have been using cpan2flute which comes in an RPM from freshrpms to build my own RPMs from CPAN for my RedHat boxen, and this will save me from doing that :-)
Will there be an apt repository? I hope so :-)
Also will it be able to cope with ImageMagik -- probably the hardest Perl module to get working in my experience...
Would a medium / long term soultion of ip6 and TCP/IP all wireless stuff make sense?