Re^8: Debian Metadata Proposal -- draft rev.1.4

To: debian-doc@lists.debian.org
Subject: Re^8: Debian Metadata Proposal -- draft rev.1.4
From: Marco.Budde@hqsys.antar.com (Marco Budde)
Date: 10 Jul 98 15:25:00 +0100
Message-id: <[🔎] b8c_9807101845@antares.antar.com>
In-reply-to: [🔎] oa67h7mt90.fsf@burrito.fake

Am 09.07.98 schrieb apharris # burrito.onshore.com ...

Moin Adam!

APH> You must not understand my terminology.  The fact that you are
APH> constructing a database out of the metadata, in the current dhelp,
APH> means that you are "shadowing", or "keeping another copy" of the
APH> metadata itself.

I don#t see the problem. My databases include several additional  
informations.

APH>  This leads to bugs and problems.  It's a fact of
APH> software design.

Ok, that means that using for example a search program like glimpse or  
htdig is a bad idea, because these programs build their own databases,  
too, to speed up the searching.

Of course, every program can introduce new bugs and problems.

APH> My dream is to have a single fast-access method of accessing metadata
APH> that works for *all* display systems, but that might be a pipe dream.

I think it#s not possible. All programs have got other needs.

APH> > Nonsense, there#s no real bug in dhelp. Please tell me the number of
APH> > the bug report.
APH> Bug#21361.

Is this the symlink problem? This is not a problem caused by dhelp but by  
the httpd. You can#t access documents that are not in /usr/doc. The httpd  
shouldn#t follow symlinks.

Or is this your bug report? This is a bug and I#ll fix it.

APH>  If I did a security audit on dhelp, I'm sure I could find
APH> a number of overflow conditions and bugs in the system could be
APH> triggered by malicious dhelp files.

I don#t think so.

APH> Since dhelp_parse -r will readily
APH> gobble these, and ince root usually runs this, the current situation
APH> is a little troubling.

/usr/doc shouldn#t be writable by non root users! And a lot of programs  
have got such overflow problems (sendmail :) ).

APH> display system.  Again, it's worrying but I don't think we're going to
APH> solve it this time around, but you should recognize the flaws.

Again, I#m always open for suggestions how to improve dhelp.

cu, Marco

--
Uni: Budde@tu-harburg.de           Fido: 2:240/5202.15
Mailbox: mbudde@hqsys.antar.com    http://www.tu-harburg.de/~semb2204/


--  
To UNSUBSCRIBE, email to debian-doc-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Prev by Date: Re^6: Debian Metadata Proposal -- draft rev.1.4
Next by Date: Re^6: Debian Metadata Proposal -- draft rev.1.4
Previous by thread: Re: Webpages and CVS now fully operational
Next by thread: Re^8: Debian Metadata Proposal -- draft rev.1.4
Index(es):
- Date
- Thread