Hi!
Bitkeeper distribution contains stuff from GNU diffutils (copyrighted
by FSF and GPL), yet bitkeeper docs does not mention its GPL-ed, and
does not contain pointer to the sources. [I pointed couple other
issues.]
Larry's attitude is "you should shut up and be glad you may use this
for free" and "sue me to get GPL issues fixed". Then, he tried to
punish me for pointing at those mistakes by withdrawing installer from
GPL.
Nice attitude, I'd suggest you to stay away from
bittrojan^Wbitkeeper. If you still think bitkeeper is good thing (tm),
look at http://atrey.karlin.mff.cuni.cz/~pavel/bitkeeper.txt. [Sorry
for slightly strange ordering of mails. You should be able to open it
in mutt to see threads correctly.]
Pavel
--
(about SSSCA) "I don't say this lightly. However, I really think that the U.S.
no longer is classifiable as a democracy, but rather as a plutocracy." --hpa
On Mon, Mar 18, 2002 at 10:26:18PM +0100, Pavel Machek wrote:
> Bitkeeper distribution contains stuff from GNU diffutils (copyrighted
> by FSF and GPL), yet bitkeeper docs does not mention its GPL-ed, and
> does not contain pointer to the sources. [I pointed couple other
> issues.]
You forgot to mention that the source in question is at
ftp://ftp.bitmover.com/gnu
You also forgot to mention that we have tried to contribute our changes
back only to have them dropped/ignored/whatever. We'd love the FSF to
pick them up, I can go dig out the old mail on this if you doubt me or
you can go talk to the maintainer. I think I was talking with one of
the Pauls, either Eggert or Vixie, I don't remember who maintains this
stuff anymore. Whoever it was said they had a different way to do the
same change.
> Larry's attitude is "you should shut up and be glad you may use this
> for free" and "sue me to get GPL issues fixed".
Larry's attitude is that he's overworked, stressed out, and sick to death
of people who want to argue with him about pointless stuff. The only
thing we did wrong was to forget the diff/patch man pages which include
the GPL in our binary distribution. We'll fix that. You are welcome
to make a big deal out of it but it's pretty clear that all it is a
political ax that you want to grind, since we give out the source to
those programs and always will.
Pavel, the problem here is your fundamental distrust. You started out
the conversation claiming that you thought our code should be GPLed
because our installer groups GPLed programs with non-GPLed programs.
My statements about lawsuits are based your claims to that effect.
Then you go on to complain that the installer doesn't let you see what it
does when you can tell it to just drop the tar.gz and the shell script
in /tmp so you can see what it does. That wasn't good enough for you,
you don't want the installer to be a binary, you mistrust us enough that
you think we're going to do some evil thing in the installer. It would
take you all of 30 seconds to put strace into a copy of the ftp chroot,
stick the installer binary in there, and strace the installer and *prove*
to yourself that it does nothing evil. But that's too much for you.
If you had started out the conversation "Hey, can I see your installer
source, I want to see how it works", you would have gotten a shar file 10
minutes later. But that's obviously not what you want, you are itching
to pick a fight. Great. Thanks for wasting more of my time.
I'd suggest you take Stallman's advice, if you don't trust BitKeeper
then don't use it. He asked you why you installed it if you knew
you didn't like the license and you never answered.
I'll say to you and the rest of the kernel list and anyone else who
is listening: don't waste my time with this crap. If you don't like
the BK license, then don't use it. Go read this, this is you Pavel,
and I'm sick of arguing with people like you.
http://www.linuxandmain.com/essay/sgordon.html
--
---
Larry McVoy lm at bitmover.com http://www.bitmover.com/lm
Hi!
> The only
> thing we did wrong was to forget the diff/patch man pages which include
> the GPL in our binary distribution. We'll fix that. You are
~~~~~~~~~~~~~~~
If you said that 2 mails ago (instead of telling me to go away), I
would not be wasting your time. [Oh and you should also put that ftp
pointer in the docs, so it is easy to find. GPL requires that...]
> Pavel, the problem here is your fundamental distrust.
By giving me binary-only installer you ask me to trust you. You ask me
to trust you without good reason [it only generates .tar.gz and
shellscript, why should it be binary? Was not shar designed to handle
that?], and that's pretty suspect.
Pavel
--
Casualities in World Trade Center: ~3k dead inside the building,
cryptography in U.S.A. and free speech in Czech Republic.
On Tue, Mar 19, 2002 at 12:14:28AM +0100, Pavel Machek wrote:
> > Pavel, the problem here is your fundamental distrust.
> By giving me binary-only installer you ask me to trust you. You ask me
> to trust you without good reason [it only generates .tar.gz and
> shellscript, why should it be binary? Was not shar designed to handle
> that?], and that's pretty suspect.
Bitmover doing anything remotely suspect in an executable installer
would be commercial suicide, do you distrust realplayer too?
did you distrust early netscape before they released source?
yada yada countless other programs..
If your distrust of commercial organisations providing binaries
is so great, you know where objdump, strace and friends are.
--
| Dave Jones. http://www.codemonkey.org.uk
| SuSE Labs
Hi!
> > > Pavel, the problem here is your fundamental distrust.
> > By giving me binary-only installer you ask me to trust you. You ask me
> > to trust you without good reason [it only generates .tar.gz and
> > shellscript, why should it be binary? Was not shar designed to handle
> > that?], and that's pretty suspect.
>
> Bitmover doing anything remotely suspect in an executable installer
> would be commercial suicide, do you distrust realplayer too?
I've seen windows installers doing *very* suspect stuff.
I distrust realplayer, too, but I think those people are bad enough
that there's no point complaining. I believed Larry could see that
binary installers are evil.
> did you distrust early netscape before they released source?
Yep.
> yada yada countless other programs..
Actually, I only ever did binary installation of realplayer, as far as
I can remember. And that was at time national television died, and I
wanted to know what's going on.
> If your distrust of commercial organisations providing binaries
> is so great, you know where objdump, strace and friends are.
strace does not solve the problem (it is trivial to detect you are
traced), and I do not think Larry should require me to objdump
installer.
[You see, binary-only installers are total nightmare from security
perspective. They are widespread on windoze, and it *is* problem
there. I do not want them on linux.]
Pavel
--
Casualities in World Trade Center: ~3k dead inside the building,
cryptography in U.S.A. and free speech in Czech Republic.
On Tue, Mar 19, 2002 at 12:14:28AM +0100, Pavel Machek wrote:
> By giving me binary-only installer you ask me to trust you. You ask me
Then don't use it.
--
---------------------------------------------------------
Victor Yodaiken
Finite State Machine Labs: The RTLinux Company.
http://www.fsmlabs.com http://www.rtlinux.com
Hi,
Larry McVoy wrote:
> Go read this, this is you Pavel,
> and I'm sick of arguing with people like you.
>
> http://www.linuxandmain.com/essay/sgordon.html
That's someone, who doesn't understand what free software is about and
desperately looking for someone to blame it on.
What are you trying to tell us?
bye, Roman
From: [email protected]
Date: Mon, 18 Mar 2002 17:00:31 -0700
On Tue, Mar 19, 2002 at 12:14:28AM +0100, Pavel Machek wrote:
> By giving me binary-only installer you ask me to trust you. You ask me
Then don't use it.
Seriously Pavel, Victor is right, simply don't use BitKeeper and GET
OVER IT already. Larry doesn't force you to use BitKeeper, so don't
use it if you disagree with it and simply cope with that.
From: Roman Zippel <[email protected]>
Date: Tue, 19 Mar 2002 02:18:00 +0100
That's someone, who doesn't understand what free software is about and
desperately looking for someone to blame it on.
What are you trying to tell us?
Roman, how do you pay for things like FOOD and a place to LIVE?
Who does what kind of work to provide the money you need for
the basic necessities in life?
Unfortunately, the real economics of the world right now does not make
it so that every programmer can work on %100 free software for a
living like I do.
That is a fact.
Given that, most programmers have to find another way to put food into
their stoamches and have a horizontal surface to sleep on at night.
The person who wrote the article in question may have a few
inaccuracies about how free software works, I'll give you that,
but that guy has a perfect understand about how REAL LIFE works.
That is where you need understand things better.
Hi,
At 01:18 19/03/02, Roman Zippel wrote:
>Larry McVoy wrote:
> > Go read this, this is you Pavel,
> > and I'm sick of arguing with people like you.
> >
> > http://www.linuxandmain.com/essay/sgordon.html
>
>That's someone, who doesn't understand what free software is about and
>desperately looking for someone to blame it on.
>What are you trying to tell us?
Did you actually read it? I did and I agree with him. Depending on your
market niche, being a commercial company releasing free software can be
complete business suicide, killing the single, most important revenue
stream for the company.
Linux is growing and as such is being more and more commercialised and with
this we will see more and more commercial, non-free, non-GPL software. I
don't see what the fuss is all about. I am into Linux because it is a good
OS and I would like to contribute to improving it and not just because it
is free software. Free software is only good in particular market niches or
when one does it as a hobby in unsuitable market niches. Everyone has to
eat and many people have a family to support. You can't do that unless you
earn money and far too few people manage to get paid for working on free
software exactly because it is not profitable (again depending on market
niche)...
Just my 2p.
Best regards,
Anton
ps. No I am not trying to start a flame war but I felt the post was too
harsch to be left without reply.
--
"I've not lost my mind. It's backed up on tape somewhere." - Unknown
--
Anton Altaparmakov <aia21 at cam.ac.uk> (replace at with @)
Linux NTFS Maintainer / WWW: http://linux-ntfs.sf.net/
ICQ: 8561279 / WWW: http://www-stu.christs.cam.ac.uk/~aia21/
On Tue, Mar 19, 2002 at 12:22:41AM +0100, Dave Jones wrote:
> On Tue, Mar 19, 2002 at 12:14:28AM +0100, Pavel Machek wrote:
>
> > > Pavel, the problem here is your fundamental distrust.
> > By giving me binary-only installer you ask me to trust you. You ask me
> > to trust you without good reason [it only generates .tar.gz and
> > shellscript, why should it be binary? Was not shar designed to handle
> > that?], and that's pretty suspect.
>
> Bitmover doing anything remotely suspect in an executable installer
> would be commercial suicide, do you distrust realplayer too?
And all our installer does, and I will give you the code if you want it,
I'd be happy to even have Pavel audit it, is make two arrays,
extern unsigned int installer_size;
extern unsigned char installer_data[];
extern unsigned int data_size;
extern unsigned char data_data[];
which we do some magic on to make sure they are preallocated (HPUX decided
that static global data should be allocated and bzeroed at runtime, so
we preinitialize them with garbage if I remember correctly).
Then the thing that makes the installer mmaps the object, looks for these
arrays (we stick some magic numbers in front of them), and files them in
with a .tar.gz and the real installer, which is a shell script.
The reason we didn't use shar, Pavel, is that we are shipping a binary.
If we used shar that would increase the size of the image that you download
and we wanted downloads to be fast. As it is, I think it's a couple of MB.
Anyway, then the actual binary which runs is generated from the following
program which is hardly worth all the fuss.
main()
{
char installer_name[200];
char data_name[200];
char cmd[2048];
int fd;
fprintf(stderr, "Please wait while we unpack the installer...");
sprintf(installer_name, "/tmp/installer%d", getpid());
fd = creat(installer_name, 0777);
if (fd == -1) {
perror(installer_name);
exit(1);
}
if (write(fd, installer_data, installer_size) != installer_size) {
perror("write on installer");
unlink(installer_name);
exit(1);
}
close(fd);
sprintf(data_name, "/tmp/data%d", getpid());
fd = creat(data_name, 0777);
if (fd == -1) {
perror(data_name);
exit(1);
}
sprintf(installer_name, "/tmp/installer%d", getpid());
if (write(fd, data_data, data_size) != data_size) {
perror("write on data");
unlink(data_name);
exit(1);
}
close(fd);
fprintf(stderr, "done.\n");
sprintf(cmd, "%s %s %s", installer_name, installer_name, data_name);
system(cmd);
exit(0);
}
--
---
Larry McVoy lm at bitmover.com http://www.bitmover.com/lm
On Tue, 19 Mar 2002, Pavel Machek wrote:
> strace does not solve the problem (it is trivial to detect you are
> traced), and I do not think Larry should require me to objdump
> installer.
Larry doesn't require you to _use_ his software, at all.
Now better check my email to see if I haven't hidden any
backdoors.
regards,
Rik
--
<insert bitkeeper endorsement here>
http://www.surriel.com/ http://distro.conectiva.com/
> The reason we didn't use shar, Pavel, is that we are shipping a binary.
> If we used shar that would increase the size of the image that you download
> and we wanted downloads to be fast. As it is, I think it's a couple of MB.
I don't like the binary installer that much too.
Why don't you ship a tarball with a install script within the tarball
(like vmware does for example)? That would make downloads even smaller
for people with bzip2 installed as you can easily provide both .tar.gz
and .tar.bz2 ...
Gerd
--
#include </dev/tty>
On Tue, Mar 19, 2002 at 08:21:00AM +0000, Gerd Knorr wrote:
> Why don't you ship a tarball with a install script within the tarball
> (like vmware does for example)? That would make downloads even smaller
> for people with bzip2 installed as you can easily provide both .tar.gz
> and .tar.bz2 ...
If we change our installation at all, it will be to offer RPMs, .deb, etc.
Other than that, this is how it is.
I'm not blowing you off, I'm raising your awareness that we are extremely
busy and that it is actually in your best interest to filter what you
ask for so you get the stuff that you really want.
--
---
Larry McVoy lm at bitmover.com http://www.bitmover.com/lm
Hi,
"David S. Miller" wrote:
> Unfortunately, the real economics of the world right now does not make
> it so that every programmer can work on %100 free software for a
> living like I do.
>
> That is a fact.
>
> Given that, most programmers have to find another way to put food into
> their stoamches and have a horizontal surface to sleep on at night.
>
> The person who wrote the article in question may have a few
> inaccuracies about how free software works, I'll give you that,
> but that guy has a perfect understand about how REAL LIFE works.
> That is where you need understand things better.
If he had a clue about how real economics works, he wouldn't complaining
like that and didn't had to learn it the hard way. Free software is
simply no business model. Of course we have to make our living somehow,
but everyone who is in it only for the money, should immediately stop
working on free software and send his resume to MS.
MS has a far better understanding of how "real economics" works than he
has and MS is very right to be very afraid of free software, so that
they even try to outlaw it. So far MS has actually played rather nice, I
would bet with you, that we have seen nothing from them yet.
I'm not saying that there is no money to make with free software, but a
better understanding of economics would help how to do this (to actually
put this into praxis is of course another story) and would prevent us
from such whining.
Some comparison are actually quite helpful to understand the current
economics. Look at the costs of development and the costs for
reproduction of goods. Now compare how different industries make their
profits here. Look also at how these costs develop over time. Try to
think this through consequently. If you do this you really get a better
understanding of _real_ life. I'm not claiming to be perfect in this,
but I know that that guy is an ignorant, who has to run against a wall
to notice that there is one and he is even proud of it.
Free software is just a forerunner of things to come. The same mechanism
are at work and visible in the entertainment industry. If you look
closer at other industries, you can find the same mechanisms only
prevented by massive protectionism. Try to imagine, what it means for an
economic, which is based on trade, if goods can be produced at almost no
cost. Current world trade has already in several areas not much to do
with "trade" anymore and I'm not very optimistic how this can get any
better with the current economic model.
The more one thinks about it, the more one also has to ask oneself, how
to get food into the stomachs tomorrow. I know that for most people it's
more important to make a living today (and many are busy enough with
this), but that shouldn't prevent us from thinking about the
consequences of our actions.
Above may sound harsh, but I'm just amazed about the shortsightedness of
some people and how they are trying to blame other people for their own
mistakes.
bye, Roman
PS: I know it's getting OT, but I think it's important enough that it
should be said and I'm feeling better now. :)
> like that and didn't had to learn it the hard way. Free software is
> simply no business model. Of course we have to make our living somehow,
Work for me. I've run a profitable small open source company, I've worked
for Red Hat.
> prevented by massive protectionism. Try to imagine, what it means for an
> economic, which is based on trade, if goods can be produced at almost no
> cost. Current world trade has already in several areas not much to do
> with "trade" anymore and I'm not very optimistic how this can get any
> better with the current economic model.
Think about it this way. There is no reason to suppose that the concept
of the Innovators Dilemma does not ultimately apply to nations. If you
accept that premise - and there is a lot of evidence for it, then the
western european nations get more and more specialist and "up market" and
eventually run out of anything to sell but lawyers. At which point we get
the great depression mark 2.
Hans Reiser's team of Russian wizards is simply a couple of years ahead of
everyone else moving all real software development to the czech republic
and india, the phone support to the philipines and the hardware to
taiwanese and chinese bulk build to order.
Alan
> Hans Reiser's team of Russian wizards is simply a couple of years
> ahead of everyone else moving all real software development to the
> czech republic and india, the phone support to the philipines and
> the hardware to taiwanese and chinese bulk build to order.
Normal software development in economic terms is normally treated as
a fixed cost to produce a "product". Fixed costs determine market
entry and exit points, not profitability. Phone support, bulk built
to order, and the way that most Taiwanese firms do hardware are
variable costs. Economically speaking it's an apples and oranges
comparison, and to say one follows from the other is not really
accurate.
Free software development on the other hand is a bit more tricky, and
I could see how exporting the work in certain scenarios would make a
lot of sense. However, to this point most of us working in the Free
Software industry are funded by companies working on "products".
(You're sounding like a lot of my friends in the SARHK when speaking
of China Alan 8).
Asside- Fixed costs also determine other things like the number of
competitors that can operate in a market for a particular good.
Pretty much all software is an Oligopoly whereas the other things you
mention are much closer to true competition. The reason Free
Software development is more tricky is that if Free Software were to
rule the world, then it would be individual consultants vying for the
same business of modifications to Free code bases. So, in the
alternate universe where all software is Free Software, Perfect
Competition would probably rein supreme and there would be 1000s of
consultants vying to make custom modifications for particular
companies. In that alternate universe, then programmers from western
countries would be probably be driving dump trucks by day, and
programming at night for fun. Luckily I learned how to varnish and
stain wood when I was a kid, so even if the alternate universe hits,
I'm ready.
Hi!
> > > > Pavel, the problem here is your fundamental distrust.
> > > By giving me binary-only installer you ask me to trust you. You ask me
> > > to trust you without good reason [it only generates .tar.gz and
> > > shellscript, why should it be binary? Was not shar designed to handle
> > > that?], and that's pretty suspect.
> >
> > Bitmover doing anything remotely suspect in an executable installer
> > would be commercial suicide, do you distrust realplayer too?
>
> And all our installer does, and I will give you the code if you want it,
> I'd be happy to even have Pavel audit it, is make two arrays,
Okay, you wanted audit ;-).
> main()
> {
> char installer_name[200];
> char data_name[200];
> char cmd[2048];
> int fd;
>
> fprintf(stderr, "Please wait while we unpack the installer...");
> sprintf(installer_name, "/tmp/installer%d", getpid());
> fd = creat(installer_name, 0777);
If nasty user on same system creates symlink (ln -s /etc/passwd
/tmp/installer123), he may overwrite any file on the system. You probably want
fd = open(installer_name, O_WRONLY | O_TRUNC | O_CREAT | O_EXCL, 0755);
Same goes for data.
Pavel
--
Casualities in World Trade Center: ~3k dead inside the building,
cryptography in U.S.A. and free speech in Czech Republic.
> fd = open(installer_name, O_WRONLY | O_TRUNC | O_CREAT | O_EXCL, 0755);
Good suggestion, patch is applied, and will be in the next release. I'll
mail you the whole installer gizmo in a shar file in a minute, you can
poke at it and see if there is anything else you don't like.
Thanks,
--
---
Larry McVoy lm at bitmover.com http://www.bitmover.com/lm
Hi!
> > > Pavel, the problem here is your fundamental distrust.
> > By giving me binary-only installer you ask me to trust you. You ask me
> > to trust you without good reason [it only generates .tar.gz and
> > shellscript, why should it be binary? Was not shar designed to handle
> > that?], and that's pretty suspect.
>
> Bitmover doing anything remotely suspect in an executable installer
> would be commercial suicide, do you distrust realplayer too?
Actually, the installer contains security hole allowing any user to
overwrite any file on system if you install it as root with simple
symlink. [Its easy to fix, and I hope they fix it in next version.]
Do you see why I hate binary installers, now?
Pavel
--
(about SSSCA) "I don't say this lightly. However, I really think that the U.S.
no longer is classifiable as a democracy, but rather as a plutocracy." --hpa
On Tue, 19 Mar 2002, Alan Cox wrote:
> Hans Reiser's team of Russian wizards is simply a couple of years ahead
> of everyone else moving all real software development to the czech
> republic and india,
Hey, don't forget about Brazil ;)
I know folks in Silicon Valley who pay more rent than what
I earn in a month ... and I'm earning enough money to have
a comfortable life here, at a fairly safe distance from the
DMCA and its friends ;)
<insert blatant plug here>
cheers,
Rik
--
Bravely reimplemented by the knights who say "NIH".
http://www.surriel.com/ http://distro.conectiva.com/
On Tue, 2002-03-19 at 18:08, Rik van Riel wrote:
> Hey, don't forget about Brazil ;)
>
> I know folks in Silicon Valley who pay more rent than what
> I earn in a month ... and I'm earning enough money to have
> a comfortable life here, at a fairly safe distance from the
> DMCA and its friends ;)
That's why you need to work for a Silicon Valley firm, get paid a
Silicon Valley paycheck, but work remotely from the country side. ;)
Robert Love
On Tue, Mar 19, 2002 at 11:06:32PM +0100, Pavel Machek wrote:
> > > > Pavel, the problem here is your fundamental distrust.
> > > By giving me binary-only installer you ask me to trust you. You ask me
> > > to trust you without good reason [it only generates .tar.gz and
> > > shellscript, why should it be binary? Was not shar designed to handle
> > > that?], and that's pretty suspect.
> >
> > Bitmover doing anything remotely suspect in an executable installer
> > would be commercial suicide, do you distrust realplayer too?
>
> Actually, the installer contains security hole allowing any user to
> overwrite any file on system if you install it as root with simple
> symlink.
Come on Pavel, in order to make this happen, you have to
a) run the installer as root
b) know the next pid which will be allocated
c) put the symlink in /tmp/installer$pid
and do all before that pid gets used. Have you actually be able to
do that? I'd like to see how you did so without knowing exactly when
root was going to install the package and without filling up /tmp with
64,000 symlinks.
I'll grant you this is something we can trivially make go away as an
issue, and we have, but it's mostly to make you go away as an issue,
not because we believe for one second this is a realistic problem.
--
---
Larry McVoy lm at bitmover.com http://www.bitmover.com/lm
On 19 Mar 2002, Robert Love wrote:
> On Tue, 2002-03-19 at 18:08, Rik van Riel wrote:
>
> > Hey, don't forget about Brazil ;)
> >
> > I know folks in Silicon Valley who pay more rent than what
> > I earn in a month ... and I'm earning enough money to have
> > a comfortable life here, at a fairly safe distance from the
> > DMCA and its friends ;)
>
> That's why you need to work for a Silicon Valley firm, get paid a
> Silicon Valley paycheck, but work remotely from the country side. ;)
That's a very nice short-term option, but I suspect that after
some years the people in Silicon Valley will get smarter than
that ;)
I agree with Alan, the future is moving computer programming
to places where programmers don't need to earn a small fortune,
places where programmers can be economic to the company working
"just" 40 hours a week instead of the 60 to 90 hours I've seen
some people in the US suffer ...
... maybe even places where the cost of living is low enough
that programmers can have time to think and have a life,
instead of being forced to work more than what's good for
them just because of the local price level.
regards,
Rik
--
Bravely reimplemented by the knights who say "NIH".
http://www.surriel.com/ http://distro.conectiva.com/
From: Larry McVoy <[email protected]>
Date: Tue, 19 Mar 2002 15:25:02 -0800
Come on Pavel, in order to make this happen, you have to
a) run the installer as root
b) know the next pid which will be allocated
c) put the symlink in /tmp/installer$pid
Exploit: Make all 65535 $pid simlinks
It's very exploitable actually, and is similar in vein to
all the ancient mktemp stuff.
On Tue, Mar 19, 2002 at 08:08:24PM -0300, Rik van Riel wrote:
> On Tue, 19 Mar 2002, Alan Cox wrote:
>
> > Hans Reiser's team of Russian wizards is simply a couple of years ahead
> > of everyone else moving all real software development to the czech
> > republic and india,
>
> Hey, don't forget about Brazil ;)
Or New Mexico. Third world software development wins again!
--
---------------------------------------------------------
Victor Yodaiken
Finite State Machine Labs: The RTLinux Company.
http://www.fsmlabs.com http://www.rtlinux.com
On Tue, Mar 19, 2002 at 03:25:02PM -0800, Larry McVoy wrote:
> On Tue, Mar 19, 2002 at 11:06:32PM +0100, Pavel Machek wrote:
> > > > > Pavel, the problem here is your fundamental distrust.
> > > > By giving me binary-only installer you ask me to trust you. You ask me
> > > > to trust you without good reason [it only generates .tar.gz and
> > > > shellscript, why should it be binary? Was not shar designed to handle
> > > > that?], and that's pretty suspect.
> > >
> > > Bitmover doing anything remotely suspect in an executable installer
> > > would be commercial suicide, do you distrust realplayer too?
> >
> > Actually, the installer contains security hole allowing any user to
> > overwrite any file on system if you install it as root with simple
> > symlink.
>
> Come on Pavel, in order to make this happen, you have to
>
> a) run the installer as root
> b) know the next pid which will be allocated
> c) put the symlink in /tmp/installer$pid
I hate to jump in here (really I do) but 'a' probably happens alot. All
of the recommended locations are system directories. As for 'b' and
'c', I think those are considered trivial things to do, since this would
be a relativly easy thing to expliot (search some of the security list
archives, this isn't quite as easy as the buffer overflow on x86
problem, but still trivial).
> I'll grant you this is something we can trivially make go away as an
> issue, and we have, but it's mostly to make you go away as an issue,
> not because we believe for one second this is a realistic problem.
But yes, this is a trivial problem which is now fixed. And in the grand
scheme of things, there'll be more important fixes in the next version
of BK than the possibility of overwriting files at installtime.
--
Tom Rini (TR1265)
http://gate.crashing.org/~trini/
On Tue, 19 Mar 2002, Rik van Riel wrote:
> I agree with Alan, the future is moving computer programming
> to places where programmers don't need to earn a small fortune,
> places where programmers can be economic to the company working
> "just" 40 hours a week instead of the 60 to 90 hours I've seen
> some people in the US suffer ...
>
> ... maybe even places where the cost of living is low enough
> that programmers can have time to think and have a life,
> instead of being forced to work more than what's good for
> them just because of the local price level.
... welcome in Oregon ...
- Davide
On Tue, Mar 19, 2002 at 03:27:59PM -0800, David S. Miller wrote:
> From: Larry McVoy <[email protected]>
> Date: Tue, 19 Mar 2002 15:25:02 -0800
>
> Come on Pavel, in order to make this happen, you have to
>
> a) run the installer as root
> b) know the next pid which will be allocated
> c) put the symlink in /tmp/installer$pid
>
> Exploit: Make all 65535 $pid simlinks
>
> It's very exploitable actually, and is similar in vein to
> all the ancient mktemp stuff.
Hey Dave, are you suggesting that no such exploits exist in Red Hat's
rpm system? In order for that to be true, rpm would have to be making
sure that each and every directory along any path that it writes is
not writable except by priviledged users. I just checked, it doesn't.
We can sit here all day and make a big deal out of this, I think it's a
waste of time. I'm not an advocate of insecure software and I'm happy
to close any holes that people think need closing, but you're just
wasting time. This isn't an issue. If you really, really cared, there
is nothing to prevent you from downloading the BK image, unpacking it on
a throwaway machine, back it back up again in a shar file or whatever,
and then installing it.
At some point, people get to take responsibility for their own choices.
--
---
Larry McVoy lm at bitmover.com http://www.bitmover.com/lm
On Tue, Mar 19, 2002 at 04:31:55PM -0700, [email protected] wrote:
> On Tue, Mar 19, 2002 at 08:08:24PM -0300, Rik van Riel wrote:
> > On Tue, 19 Mar 2002, Alan Cox wrote:
> >
> > > Hans Reiser's team of Russian wizards is simply a couple of years ahead
> > > of everyone else moving all real software development to the czech
> > > republic and india,
> >
> > Hey, don't forget about Brazil ;)
>
> Or New Mexico. Third world software development wins again!
I think that there is lots to be said about moving out of silicon valley,
I personally don't like it here that all much. On the other hand,
it is extremely cool that there is such a high concentration of smart
people within 30 minutes of my house. What I'd like to see is a migration
out of silly valley but to somewhere else. I.e., pockets of smart people
working together. Face time with smart people is fun, if you get a chance
to do it, you know what I mean.
--
---
Larry McVoy lm at bitmover.com http://www.bitmover.com/lm
From: Larry McVoy <[email protected]>
Date: Tue, 19 Mar 2002 15:44:36 -0800
Hey Dave, are you suggesting that no such exploits exist in Red Hat's
rpm system? In order for that to be true, rpm would have to be making
sure that each and every directory along any path that it writes is
not writable except by priviledged users. I just checked, it doesn't.
We should be using mktemp() to make temporary files, and if we don't
that is a bug and I'd ask you to please submit a bugzilla entry about
it if so because that would be a serious hole.
> I hate to jump in here (really I do) but 'a' probably happens alot. All
> of the recommended locations are system directories. As for 'b' and
> 'c', I think those are considered trivial things to do, since this would
> be a relativly easy thing to expliot (search some of the security list
> archives, this isn't quite as easy as the buffer overflow on x86
> problem, but still trivial).
'c' is a piece of cake. People wrote tools using directory notifiers that
do nothing but try and subvert every /tmp/ file as it appears. Neat and
novel [ab]use of it.
This is however a kernel list. Security notifications ought to go to the
vendor and if they dont respond after a while to bugtraq where it would
be on topic and score you leetness bonuses
Alan
On Tue, 19 Mar 2002, David S. Miller wrote:
> Hey Dave, are you suggesting that no such exploits exist in Red Hat's
> rpm system? In order for that to be true, rpm would have to be making
> sure that each and every directory along any path that it writes is
> not writable except by priviledged users. I just checked, it doesn't.
>
> We should be using mktemp() to make temporary files, and if we don't
> that is a bug and I'd ask you to please submit a bugzilla entry about
> it if so because that would be a serious hole.
I trust you mean mkstemp(3) here (or mktemp(1), but not
much of RPM is in shell).
Matthew.
On Tue, Mar 19, 2002 at 03:44:36PM -0800, Larry McVoy wrote:
> On Tue, Mar 19, 2002 at 03:27:59PM -0800, David S. Miller wrote:
> > From: Larry McVoy <[email protected]>
> > Date: Tue, 19 Mar 2002 15:25:02 -0800
> >
> > Come on Pavel, in order to make this happen, you have to
> >
> > a) run the installer as root
> > b) know the next pid which will be allocated
> > c) put the symlink in /tmp/installer$pid
> >
> > Exploit: Make all 65535 $pid simlinks
> >
> > It's very exploitable actually, and is similar in vein to
> > all the ancient mktemp stuff.
>
> Hey Dave, are you suggesting that no such exploits exist in Red Hat's
> rpm system? In order for that to be true, rpm would have to be making
> sure that each and every directory along any path that it writes is
> not writable except by priviledged users. I just checked, it doesn't.
That's because the admin would have had to change those perms on
purpose, which means they left themselves open to the attack.
Larry, check bugtraq archives. You'll see mounds of these types of
exploitable problems. All of them very serious.
> At some point, people get to take responsibility for their own choices.
Then just admit it was a bad thing and leave it be? :) Come on, it was a
mistake, and a very common one. Just don't make it out to be less than
what it is.
--
.----------=======-=-======-=========-----------=====------------=-=-----.
/ Ben Collins -- Debian GNU/Linux -- WatchGuard.com \
` [email protected] -- [email protected] '
`---=========------=======-------------=-=-----=-===-======-------=--=---'
Larry McVoy wrote:
> I think that there is lots to be said about moving out of silicon valley,
> I personally don't like it here that all much. On the other hand,
> it is extremely cool that there is such a high concentration of smart
> people within 30 minutes of my house. What I'd like to see is a migration
> out of silly valley but to somewhere else. I.e., pockets of smart people
> working together. Face time with smart people is fun, if you get a chance
> to do it, you know what I mean.
Which would negate the monetary resons for moving.
The cost of living in a given area is related to
what people can/will pay to live there.
Example. I live in a university town in rual Mississippi.
Without the university, the down would likely die.
An apartment here that rents for $600 a month would
only bing $200 - $300 in the small towns 30 miles
away. When I was looking to buy a house, 15 miles away,
the price's are half that here. Same for land to build
a house on.
If a lot of engineers and programmers, were to move
to a small town 30 miles away, the prices would quickly
rise to meet the new earnings levels. Soon it would be
the same as here. As more move in the place gets bigger,
prices go up, and soon you have another Silicon Valley.
So please, stay in the valley, I like my current standard
of living :)
-Thomas
> On Tue, Mar 19, 2002 at 08:08:24PM -0300, Rik van Riel wrote:
> > On Tue, 19 Mar 2002, Alan Cox wrote:
> >
> > > Hans Reiser's team of Russian wizards is simply a couple of years ahead
> > > of everyone else moving all real software development to the czech
> > > republic and india,
> >
> > Hey, don't forget about Brazil ;)
>
> Or New Mexico. Third world software development wins again!
New Mexico is in the US. Third World???
Hey,
On Tue, 19 Mar 2002, James Simmons wrote:
>
> > On Tue, Mar 19, 2002 at 08:08:24PM -0300, Rik van Riel wrote:
> > > On Tue, 19 Mar 2002, Alan Cox wrote:
> > >
> > > > Hans Reiser's team of Russian wizards is simply a couple of years ahead
> > > > of everyone else moving all real software development to the czech
> > > > republic and india,
> > >
> > > Hey, don't forget about Brazil ;)
> >
> > Or New Mexico. Third world software development wins again!
>
> New Mexico is in the US. Third World???
>
I see you have never lived in Socorro, NM ;)
Kurt
On Tue, Mar 19, 2002 at 03:47:27PM -0800, Larry McVoy wrote:
>
> I think that there is lots to be said about moving out of silicon valley,
> I personally don't like it here that all much. On the other hand,
> it is extremely cool that there is such a high concentration of smart
> people within 30 minutes of my house. What I'd like to see is a migration
> out of silly valley but to somewhere else. I.e., pockets of smart people
> working together. Face time with smart people is fun, if you get a chance
> to do it, you know what I mean.
There's a reason why I live in Boston. My house is 20 minutes from
downtown Boston, and 15 minutes from MIT/Harvard Sqare/Cambridge, and
three years ago, my 3 bedroom, 1.5 bedroom house with a large country
kitchen sitting on a sixth of an acre of land cost me $168,000 dollars
(I pay ~$700/month mortgage).
(I love to really piss off Silly Valley types by pointing this out. :-)
Best of all, I don't have to live out in the middle of nowhere (the
Boston Symphony, lots of amateur/semi-professional/professional
theater productions, etc.), and there are lots of smart people to
socialize with.
- Ted
Victor Yodaiken wrote:
> On Tue, Mar 19, 2002 at 08:08:24PM -0300, Rik van Riel wrote:
> > > On Tue, 19 Mar 2002, Alan Cox wrote:
> >
> > > Hans Reiser's team of Russian wizards is simply a couple of years ahead
> > > of everyone else moving all real software development to the czech
> > > republic and india,
> >
> > Hey, don't forget about Brazil ;)
>
> Or New Mexico. Third world software development wins again!
Hmm, at my former job (office in Santa Fe, NM) I found that everything
was considerably more expensive than here in Calgary, Canada. The worst
was high-speed internet - DSL from Qwest is absurdly expensive (i.e.
U$1000 setup + U$100 or more monthly) and takes a long time to get.
In Calgary there is both high speed cable and ADSL for C$40 a month,
has free setup, and one month free to start. The lousy Canadian dollar
is finally good for _something_.
Cheers, Andreas
--
Andreas Dilger \ "If a man ate a pound of pasta and a pound of antipasto,
\ would they cancel out, leaving him still hungry?"
http://www-mddsp.enel.ucalgary.ca/People/adilger/ -- Dogbert
Rik van Riel writes:
> On Tue, 19 Mar 2002, Alan Cox wrote:
>
> > Hans Reiser's team of Russian wizards is simply a couple of years ahead
> > of everyone else moving all real software development to the czech
> > republic and india,
>
> Hey, don't forget about Brazil ;)
>
> I know folks in Silicon Valley who pay more rent than what
> I earn in a month ... and I'm earning enough money to have
> a comfortable life here, at a fairly safe distance from the
> DMCA and its friends ;)
Don't count on it. You're too close, as determined by the Monroe
Doctrine, which basically says "they own your ass".
Regards,
Richard....
Permanent: [email protected]
Current: [email protected]
Theodore Tso wrote:
>
> (I love to really piss off Silly Valley types by pointing this out. :-)
I bet you did. :-)
> Best of all, I don't have to live out in the middle of nowhere (the
This is also true. It wasn't called wild west for no reason.
> Boston Symphony, lots of amateur/semi-professional/professional
> theater productions, etc.), and there are lots of smart people to
Isn't it sad - when i say theater people think about movie theater.
I have hard time explaining what the hell is the difference and why
it could be nice to have such things around...
<sigh>
Petko
In article <[email protected]>,
Kurt Ferreira <[email protected]> wrote:
> > New Mexico is in the US. Third World???
>
> I see you have never lived in Socorro, NM ;)
I have. Even got a degree from NM Tech. :)
On Tue, 19 Mar 2002, Larry McVoy wrote:
> Come on Pavel, in order to make this happen, you have to
>
> a) run the installer as root
> b) know the next pid which will be allocated
> c) put the symlink in /tmp/installer$pid
>
> and do all before that pid gets used. Have you actually be able to
> do that? I'd like to see how you did so without knowing exactly when
> root was going to install the package and without filling up /tmp with
> 64,000 symlinks.
Or just sit and do getdents() until installer* shows up and then create
data*...
Larry McVoy wrote:
> On Tue, Mar 19, 2002 at 03:27:59PM -0800, David S. Miller wrote:
>
>> From: Larry McVoy <[email protected]>
>> Date: Tue, 19 Mar 2002 15:25:02 -0800
>>
>> Come on Pavel, in order to make this happen, you have to
>>
>> a) run the installer as root
>> b) know the next pid which will be allocated
>> c) put the symlink in /tmp/installer$pid
>>
>>Exploit: Make all 65535 $pid simlinks
>>
>>It's very exploitable actually, and is similar in vein to
>>all the ancient mktemp stuff.
>
>
> Hey Dave, are you suggesting that no such exploits exist in Red Hat's
> rpm system? In order for that to be true, rpm would have to be making
> sure that each and every directory along any path that it writes is
> not writable except by priviledged users. I just checked, it doesn't.
>
> We can sit here all day and make a big deal out of this, I think it's a
> waste of time. I'm not an advocate of insecure software and I'm happy
> to close any holes that people think need closing, but you're just
> wasting time. This isn't an issue. If you really, really cared, there
> is nothing to prevent you from downloading the BK image, unpacking it on
> a throwaway machine, back it back up again in a shar file or whatever,
> and then installing it.
>
> At some point, people get to take responsibility for their own choices.
BTW> The proper way of using files in /tmp is not to make guessable
filenames in the cathegory /tmp/gangbang$pid!
<TECHING MODE>
Please explore the world of mkstemp() and friends on the manpages
and forget about create() or O_* for this purpose. OK?
As an added bonus you will not break export TMPDIR=~/mybed
and firends for the paranoid users.
</TECHING MODE>
This should be a reflex for someone with such a Sun heritage like you...
And finally - please don't mistake me - I don't think that this issue
is a big deal in this particular case...
> This should be a reflex for someone with such a Sun heritage like you...
You obviously never used SunOS4. Its a bit before security became relevant
to computing
Alan Cox wrote:
>>This should be a reflex for someone with such a Sun heritage like you...
>
>
> You obviously never used SunOS4. Its a bit before security became relevant
> to computing
Just to make sure that's wrong. I actually used it.
And yes admittedly they made a long haul since those days in terms
of security.
And for your record:
1. CP/M
2. SunOS4-5, Solwlaris 6, 8 (intel and sparc flavours where applicable)
3. FreeBSE 3.x 4.x... (nice with the exception of the default shell)
4. OSF/1, OSF/2 (they managed to make an Alpha appear slow)
5. AIX (forget the version but they are usually high)
6. IRIX (even unix can be instable...)
7. VMS on VAX (I hate FORTRAN I hate FORTRAN I hate FORTRAN)
8. ULTRIX (classical stuff not as bad as many people think...)
10. ... some wired kind of UNIX running on a NEC SX3R
11. similar shit on Cray III...
12. something called OS on a transputer system I already forgot about...
and so on and so on.
Just counting the stuff I actually wrote some code for...
and still remember
Martin Dalecki wrote:-
> 3. FreeBSE 3.x 4.x... (nice with the exception of the default shell)
We had enough of that in the UK recently.
Neil.
In article <[email protected]__.cuni.cz>,
Pavel Machek <[email protected]> writes:
> If nasty user on same system creates symlink (ln -s /etc/passwd
> /tmp/installer123), he may overwrite any file on the system. You probably want
>
> fd = open(installer_name, O_WRONLY | O_TRUNC | O_CREAT | O_EXCL, 0755);
>
> Same goes for data.
> Pavel
fd = open(installer_name, O_WRONLY | O_TRUNC | O_CREAT | O_EXCL, 0777);
the 0777 will still be modified by the umask. If people want e.g.
writability for group for some reason, let them.
Hi,
On Tue, 19 Mar 2002, Alan Cox wrote:
> Work for me. I've run a profitable small open source company, I've worked
> for Red Hat.
Wow, that kind of answer I had expected the least. :)
> Think about it this way. There is no reason to suppose that the concept
> of the Innovators Dilemma does not ultimately apply to nations.
Innovator's Dilemma is an interesting theory, but I think it simplifies
things too much. I haven't read the book, so I can only judge from
various reviews I've read. It seems to concentrate too much on the
actual trigger and neglects the necessary conditions. The major flow
here is, it assumes that all participants play nice and fair.
Take for example MS, they don't have to innovate that much by
themselves, they just buy it. The interesting point here is that their
biggest threat is now a technology which is not really disruptive, but
rather a technology they can't buy.
With nations it actually becomes worse, as soon as politics and economy
come together there is no fair play anymore. A developing nation may get
an advantage in a specific area, but the industry nations will do
everything do prevent that they will get too powerful. The developing
nations are mostly useful to exploit their resources be foreign
companies, which expect from their goverments to "protect" their
investments.
Don't make the mistake to just look at hitech industry, this is still a
growing market (only the gold rush is over). Other more traditional
markets are already divided and tightly protected.
> Hans Reiser's team of Russian wizards is simply a couple of years ahead of
> everyone else moving all real software development to the czech republic
> and india, the phone support to the philipines and the hardware to
> taiwanese and chinese bulk build to order.
I agree, although the "couple of years" are debatable in these fast
changing times. :)
Another thing to consider is that software development currently is
still somewhere in the middle ages. Everything is still copied by hand
and the Gutenberg press of software development hasn't been invented
yet (there are some interesting developments, but I don't think we're
there yet). Software development is still a very expensive process, good
software design requires developer, which must be very capable in
several areas and at the same time still has to do lots of boring
repeating work. Most development which is moved to india is also the type
of development which is most likely to be automated by better tools. So if
india just relies on this it will be hit very badly.
bye, Roman
On Tue, 19 Mar 2002, Larry McVoy wrote:
[snip]
> I think that there is lots to be said about moving out of silicon valley,
> I personally don't like it here that all much. On the other hand,
> it is extremely cool that there is such a high concentration of smart
> people within 30 minutes of my house. What I'd like to see is a migration
> out of silly valley but to somewhere else. I.e., pockets of smart people
> working together. Face time with smart people is fun, if you get a chance
> to do it, you know what I mean.
Indiana wants more high-tech business. Of course we can't compete with
California's weather....
--
Mark H. Wood, Lead System Programmer [email protected]
Today's forecast: low 30, high 30, snow flurries. Happy 1st of Spring!
> Indiana wants more high-tech business. Of course we can't compete
> with California's weather....
Some people can't deal with the earthquakes, brush fires, and
landslides for some reason. (Did I mention my house is sliding off a
cliff?) Weather and natural beauty however is my reason for being in
California..., to hell with face time with smart people. The only
reason I may wear a jacket is because my wife prefers the way it
appears, not because of the weather ;-). Sillicon Valley is too cold
for my tastes. Driving distance from small John Wayne airport in
Southern California with a nice ~ hour flight away from Sillicon
Valley is just right. Though the history in Europe/UK is very
interesting..., some day.
Todays forecast- 78, yesterdays forcast... 78, 3 months ago
forecast... 78, etc. . (Not exactly, but its in the ballpark)
> themselves, they just buy it. The interesting point here is that their
> biggest threat is now a technology which is not really disruptive, but
> rather a technology they can't buy.
Read the book - buying into the new technology as an old company can
actually have dire results when you buy in. It is studied.
> repeating work. Most development which is moved to india is also the type
> of development which is most likely to be automated by better tools. So if
> india just relies on this it will be hit very badly.
Read the book 8)
Hi,
Alan Cox wrote:
> > repeating work. Most development which is moved to india is also the type
> > of development which is most likely to be automated by better tools. So if
> > india just relies on this it will be hit very badly.
>
> Read the book 8)
Does it also contain the part, how it should apply to nations? I can see
how applies in situations, when there is a halfway working market, but
the relationship between nations is simply different.
bye, Roman
Hi,
>> c) put the symlink in /tmp/installer$pid
What then about $HOME/tmp? Might be a lot less available for crackers,
and if it doesn't exist, we create it (still as 0700).
Thunder
--
begin-base64 755 -
IyEgL3Vzci9iaW4vcGVybApteSAgICAgJHNheWluZyA9CSMgVGhlIHNjcmlw
dCBvbiB0aGUgbGVmdCBpcyB0aGUgcHJvb2YKIk5lbmEgaXN0IGVpbiIgLgkj
IHRoYXQgaXQgaXNuJ3QgYWxsIHRoZSB3YXkgaXQgc2VlbXMKIiB2ZXJhbHRl
dGVyICIgLgkjIHRvIGJlIChlc3BlY2lhbGx5IG5vdCB3aXRoIG1lKQoiTkRX
LVN0YXIuXG4iICA7CiRzYXlpbmcgPX4Kcy9ORFctU3Rhci9rYW5uXAogdW5z
IHJldHRlbi9nICA7CiRzYXlpbmcgICAgICAgPX4Kcy92ZXJhbHRldGVyL2Rp
XAplIExpZWJlL2c7CiRzYXlpbmcgPX5zL2Vpbi8KbnVyL2c7JHNheWluZyA9
fgpzL2lzdC9zYWd0LC9nICA7CiRzYXlpbmc9fnMvXG4vL2cKO3ByaW50Zigk
c2F5aW5nKQo7cHJpbnRmKCJcbiIpOwo=
====
Extract this and see what will happen if you execute my
signature. Just save it to file and do a
> uudecode $file | perl
Larry McVoy <[email protected]> writes:
>people within 30 minutes of my house. What I'd like to see is a migration
>out of silly valley but to somewhere else. I.e., pockets of smart people
>working together. Face time with smart people is fun, if you get a chance
Hm. Like, say Redmond, WA?
--
Dipl.-Inf. (Univ.) Henning P. Schmiedehausen -- Geschaeftsfuehrer
INTERMETA - Gesellschaft fuer Mehrwertdienste mbH [email protected]
Am Schwabachgrund 22 Fon.: 09131 / 50654-0 [email protected]
D-91054 Buckenhof Fax.: 09131 / 50654-20