That's pretty interesting.
Matthew Sullivan April 17, 2016 - 8:01am
As a follow up on this I've come across Fedora's University Involvement Initiative.
Viorel Tabara February 16, 2016 - 7:39pm
Ouch! Not even fixed yet? I've found this excerpt from OpenConnect main page relevant to all you've mentioned Jon, mainly the last point :
Development of OpenConnect was started after a trial of the Cisco client under Linux found it to have many deficiencies:
- Inability to use SSL certificates from a TPM or PKCS#11 smartcard, or even use a passphrase.
- Lack of support for Linux platforms other than i386.
- Lack of integration with NetworkManager on the Linux desktop.
- Lack of proper (RPM/DEB) packaging for Linux distributions.
- "Stealth" use of libraries with dlopen(), even using the development-only symlinks such as libz.so — making it hard to properly discover the dependencies which proper packaging would have expressed
- Tempfile races allowing unprivileged users to trick it into overwriting arbitrary files, as root.
- Unable to run as an unprivileged user, which would have reduced the severity of the above bug.
- Inability to audit the source code for further such "Security 101" bugs.
Viorel Tabara January 10, 2016 - 1:54pm
The Landing is a social site for Athabasca University staff, students and invited guests. It is a space where they can share, communicate and connect with anyone or everyone.
Unless you are logged in, you will only be able to see the fraction of posts on the site that have been made public. Right now you are not logged in.
If you have an Athabasca University login ID, use your standard username and password to access this site.
We welcome comments on public posts from members of the public. Please note, however, that all comments made on public posts must be moderated by their owners before they become visible on the site. The owner of the post (and no one else) has to do that.
If you want the full range of features and you have a login ID, log in using the links at the top of the page or at https://landing.athabascau.ca/login (logins are secure and encrypted)
Posts made here are the responsibility of their owners and may not reflect the views of Athabasca University.
We block sites that track your web browsing without your permission. If a link is greyed out, click once to enable sharing, once more to share.
The curious-me wanted to know what will happen to IPython. The project documentation hosted at ReadTheDocs links to The Big Split blog. I didn't get past the first line though because I was distracted by the historical perspective on IPython. And that's when I realized that it would be unfair not to mention Sage that isn't only just another tool. The Why is Sage free/open source question under Sage FAQ bridges the open source and scientific communities in a brilliant way and since Internet links aren't permanent it's worth recording the text here:
There you have it. Happy open sourcing!
Viorel Tabara June 2, 2016 - 12:16pm