NYLXS - Free Software Events

Sun Nov 24 16:00:22 2024

EVENTS

FREE
SOFTWARE
INSTITUTE

POLITICS

JOBS

MEMBERS'
CORNER

MAILING
LIST

NYLXS Members have a lot to say and share but we don't keep many secrets. Join the Hangout Mailing List and say your peice.

DATE 2015-03-01

HANGOUT

2024-11-24 | 2024-10-24 | 2024-09-24 | 2024-08-24 | 2024-07-24 | 2024-06-24 | 2024-05-24 | 2024-04-24 | 2024-03-24 | 2024-02-24 | 2024-01-24 | 2023-12-24 | 2023-11-24 | 2023-10-24 | 2023-09-24 | 2023-08-24 | 2023-07-24 | 2023-06-24 | 2023-05-24 | 2023-04-24 | 2023-03-24 | 2023-02-24 | 2023-01-24 | 2022-12-24 | 2022-11-24 | 2022-10-24 | 2022-09-24 | 2022-08-24 | 2022-07-24 | 2022-06-24 | 2022-05-24 | 2022-04-24 | 2022-03-24 | 2022-02-24 | 2022-01-24 | 2021-12-24 | 2021-11-24 | 2021-10-24 | 2021-09-24 | 2021-08-24 | 2021-07-24 | 2021-06-24 | 2021-05-24 | 2021-04-24 | 2021-03-24 | 2021-02-24 | 2021-01-24 | 2020-12-24 | 2020-11-24 | 2020-10-24 | 2020-09-24 | 2020-08-24 | 2020-07-24 | 2020-06-24 | 2020-05-24 | 2020-04-24 | 2020-03-24 | 2020-02-24 | 2020-01-24 | 2019-12-24 | 2019-11-24 | 2019-10-24 | 2019-09-24 | 2019-08-24 | 2019-07-24 | 2019-06-24 | 2019-05-24 | 2019-04-24 | 2019-03-24 | 2019-02-24 | 2019-01-24 | 2018-12-24 | 2018-11-24 | 2018-10-24 | 2018-09-24 | 2018-08-24 | 2018-07-24 | 2018-06-24 | 2018-05-24 | 2018-04-24 | 2018-03-24 | 2018-02-24 | 2018-01-24 | 2017-12-24 | 2017-11-24 | 2017-10-24 | 2017-09-24 | 2017-08-24 | 2017-07-24 | 2017-06-24 | 2017-05-24 | 2017-04-24 | 2017-03-24 | 2017-02-24 | 2017-01-24 | 2016-12-24 | 2016-11-24 | 2016-10-24 | 2016-09-24 | 2016-08-24 | 2016-07-24 | 2016-06-24 | 2016-05-24 | 2016-04-24 | 2016-03-24 | 2016-02-24 | 2016-01-24 | 2015-12-24 | 2015-11-24 | 2015-10-24 | 2015-09-24 | 2015-08-24 | 2015-07-24 | 2015-06-24 | 2015-05-24 | 2015-04-24 | 2015-03-24 | 2015-02-24 | 2015-01-24 | 2014-12-24 | 2014-11-24 | 2014-10-24 | 2014-09-24 | 2014-08-24 | 2014-07-24 | 2014-06-24 | 2014-05-24 | 2014-04-24 | 2014-03-24 | 2014-02-24 | 2014-01-24 | 2013-12-24 | 2013-11-24 | 2013-10-24 | 2013-09-24 | 2013-08-24 | 2013-07-24 | 2013-06-24 | 2013-05-24 | 2013-04-24 | 2013-03-24 | 2013-02-24 | 2013-01-24 | 2012-12-24 | 2012-11-24 | 2012-10-24 | 2012-09-24 | 2012-08-24 | 2012-07-24 | 2012-06-24 | 2012-05-24 | 2012-04-24 | 2012-03-24 | 2012-02-24 | 2012-01-24 | 2011-12-24 | 2011-11-24 | 2011-10-24 | 2011-09-24 | 2011-08-24 | 2011-07-24 | 2011-06-24 | 2011-05-24 | 2011-04-24 | 2011-03-24 | 2011-02-24 | 2011-01-24 | 2010-12-24 | 2010-11-24 | 2010-10-24 | 2010-09-24 | 2010-08-24 | 2010-07-24 | 2010-06-24 | 2010-05-24 | 2010-04-24 | 2010-03-24 | 2010-02-24 | 2010-01-24 | 2009-12-24 | 2009-11-24 | 2009-10-24 | 2009-09-24 | 2009-08-24 | 2009-07-24 | 2009-06-24 | 2009-05-24 | 2009-04-24 | 2009-03-24 | 2009-02-24 | 2009-01-24 | 2008-12-24 | 2008-11-24 | 2008-10-24 | 2008-09-24 | 2008-08-24 | 2008-07-24 | 2008-06-24 | 2008-05-24 | 2008-04-24 | 2008-03-24 | 2008-02-24 | 2008-01-24 | 2007-12-24 | 2007-11-24 | 2007-10-24 | 2007-09-24 | 2007-08-24 | 2007-07-24 | 2007-06-24 | 2007-05-24 | 2007-04-24 | 2007-03-24 | 2007-02-24 | 2007-01-24 | 2006-12-24 | 2006-11-24 | 2006-10-24 | 2006-09-24 | 2006-08-24 | 2006-07-24 | 2006-06-24 | 2006-05-24 | 2006-04-24 | 2006-03-24 | 2006-02-24 | 2006-01-24 | 2005-12-24 | 2005-11-24 | 2005-10-24 | 2005-09-24 | 2005-08-24 | 2005-07-24 | 2005-06-24 | 2005-05-24 | 2005-04-24 | 2005-03-24 | 2005-02-24 | 2005-01-24 | 2004-12-24 | 2004-11-24 | 2004-10-24 | 2004-09-24 | 2004-08-24 | 2004-07-24 | 2004-06-24 | 2004-05-24 | 2004-04-24 | 2004-03-24 | 2004-02-24 | 2004-01-24 | 2003-12-24 | 2003-11-24 | 2003-10-24 | 2003-09-24 | 2003-08-24 | 2003-07-24 | 2003-06-24 | 2003-05-24 | 2003-04-24 | 2003-03-24 | 2003-02-24 | 2003-01-24 | 2002-12-24 | 2002-11-24 | 2002-10-24 | 2002-09-24 | 2002-08-24 | 2002-07-24 | 2002-06-24 | 2002-05-24 | 2002-04-24 | 2002-03-24 | 2002-02-24 | 2002-01-24 | 2001-12-24 | 2001-11-24 | 2001-10-24 | 2001-09-24 | 2001-08-24 | 2001-07-24 | 2001-06-24 | 2001-05-24 | 2001-04-24 | 2001-03-24 | 2001-02-24 | 2001-01-24 | 2000-12-24 | 2000-11-24 | 2000-10-24 | 2000-09-24 | 2000-08-24 | 2000-07-24 | 2000-06-24 | 2000-05-24 | 2000-04-24 | 2000-03-24 | 2000-02-24 | 2000-01-24 | 1999-12-24

Key: Value:

MESSAGE

DATE	2015-03-10
FROM	Ruben Safir
SUBJECT	Re: [NYLXS - HANGOUT] cable crimping
Fuck this, how about some editing? Can you edit? If this is so burning and import, by all means, write it up as an Article and we'll publish it in the Journal and have it reviewed. Your welcome to keep talking, but I have things I need to get done and one is crimping a cable and another is getting this Journal out... Ruben On Tue, Mar 10, 2015 at 12:36:04AM -0400, Chris Knadle wrote: > > On 03/09/2015 05:05 AM, Rick Moen wrote: > > > > Quoting Chris Knadle (Chris.Knadle-at-coredump.us): > > > >> > >> On 03/08/2015 01:45 PM, Rick Moen wrote: > >>> > >>> Quoting Ruben Safir (mrbrklyn-at-panix.com): > >>> > >>>> Robert, do you have the artcile for me, PLEASE > >>> > >>> I hope he does _not_ have the 'cheap $5 crimper' for you. Life is too > >>> short to spend it using crummy tools, like poorly made crimpers (and > >>> proprietary mailing list managers with designed-in security holes that > >>> have been unmaintained for a decade and a half). > >> > >> If you've managed to set up Mailman such that you're not passing it > >> the mail via a pipe in /etc/aliases, then from what I'm hearing > >> you're probably the only one that's gotten that to work. > > > > Here's the way to make the Exim4 MTA directly read GNU Mailman > > conffiles, rather than needing special entries with pipes in > > /etc/aliases: > > > > http://anonscm.debian.org/viewvc/pkg-mailman/trunk/debian/README.Exim4.Debian?view=markup > > If you look at the mailman_transport, that's a pipe transport. > In the mailman_router there's a lookup done on the local_part of the > email address for local_domains and passing the mail to Mailman via the > mailman_transport if there's a match. That's essentially duplicating > what /etc/aliases does, and still passes the mail via a pipe, but > running the command via MAILMAN_USER and MAILMAN_GROUP. > > [...] > > Here's what /usr/share/doc/exim4/README.Debian.html has to say about > > that, FWIW: > > > > > > 2.9. Using more complex deliveries from alias files > > > > Delivery to arbitrary files, directory or to pipes in the > > /etc/aliases file is disabled by default in the Debian Exim 4 > > packages. The delivery process including the program being piped to > > would run as the exim admin-user Debian-exim, which might > > open up security holes. > > This is the case by default, but not if you set the user and group in > the transport (such as they did in the Mailman example). Furthermore > if you look in section 29 concerning the pipe transport, there's an > allow_commands option to limit what commands a transport can call. > > > http://www.exim.org/exim-html-current/doc/html/spec_html/ch-the_pipe_transport.html > > > -------------------------------------------------------------------- > allow_commands Use: pipe Type: string list??? Default: unset > > The string is expanded, and is then interpreted as a colon-separated > list of permitted commands. If restrict_to_path is not set, the only > commands permitted are those in the allow_commands list. They need not > be absolute paths; the path option is still used for relative paths. If > restrict_to_path is set with allow_commands, the command must either be > in the allow_commands list, or a name without any slashes that is found > on the path. In other words, if neither allow_commands nor > restrict_to_path is set, there is no restriction on the command, but > otherwise only commands that are permitted by one or the other are allowed. > -------------------------------------------------------------------- > > > At least with Exim using a pipe via /etc/aliases doesn't /have/ to be > something terribly insecure. You do need to know what you're doing... > sure. > > It looks like in one case I'm not actually using the command listed > in /etc/aliases and instead re-specifying the command in the transport, > but other cases where I am I'm using allow_commands to limit what can > be run (and specifying the current directory, user, group, etc). > > But a piped command in /etc/aliases with no limiting on the command > or the user running it, etc -- yeah that I'd be concerned about. > > -- Chris > > -- > Chris Knadle > Chris.Knadle-at-coredump.us