Fernando J. Pereda

Spanish translations for per-category metadata.xml files are almost finished. araujo is doing: dev-* media-* app-* and x11-*. And I just commited the rest: games-* gnome-* gnustep-* kde-* net-* mail-* rox-* sci-* sys-* www-* xfce-* and sec-policy.

It's been boring... but anyway, we did it hehe

It took me like 1 hour to update, check, translate, check and commit around 70 files... but feels like a wasted hour :( At least I hope it will get integrated in packages.g.o

PD: Hey ! bugs.g.o is now ssl enabled, now I can access bugzilla in networks I don't trust (i.e university, work, ... all of them but mines i think :P). So infra++

Cheers,
Ferdy

The last few days we've been having a bit of discussion in #-netmail about uw apps. They display a *really* bogus message if the mail spool directory (/var/spool/mail) is not protected with 1777 (*sigh*):

Mailbox vulnerable - directory /var/spool/mail must have 1777 protection

Of course mailbase creates /var/spool/mail and sets 0775 on it. Thats a real protection since it prevents someone from doing:

for i in /var/spool/mail/* ; do touch ${i}.lock; done

and mess the mail system.

Quoting from the UW IMAP FAQ:

Directory protection 1777 is secure enough on most well-managed systems. If you can't trust your users with a 1777 mail spool (petty harassment is about the limit of the abuse exposure), then you have much worse problems then that.

It sounds ridiculous to me. I think we will finally adopt the workaround in https://bugzilla.redhat.com/beta/show_bug.cgi?id=103479#c8 or probably patch the sources to remove that annoying message.

I wonder how 1777 on the mail spool directory should be used for security reasons (*sigh*) Maybe someone will explain it to me...

Any ideas on how to solve this ?

Cheers,
Ferdy

Hi !

I've been using part of the ciaranm's bashrc (most of the Gentoo-related functions) and though it's great I thought that something was missing. I needed something to extrackt the depend atoms on a package. I played a bit with sed and finally wrote something useful:

edeps() { 
    local FILES e
    
    if [ ! -z "${1}" ] ; then
        FILES=$(equery which ${1})
    else
        FILES=$(ls *.ebuild)
    fi  
    
    for e in ${FILES};
    do
        echo -ne "\033[01;32m * \033[00m"
        echo -n "Depend atoms on: "
        echo -e "\033[01;38m${e##*/}\033[00m"
        echo
        sed -ne '/^[RP]\?DEPEND=\"[^\"]*$/,/^.*\" *$/p' \
            -e '/^[RP]\?DEPEND=\"[^\"]*\"$/p' ${e}
        echo
    done
}

PD: BTW this is my very first post on the Gentoo Planet. I hope you'll forgive my language mistakes since english is not my mother tongue. (I'm spanish).