Development mailing list

Syndicate content
Archive of posts for haiku-development at FreeLists
Updated: 1 hour 12 min ago

[haiku-development] AW: Re: AW: Re: Security (Axel Dörfler)

1 hour 12 min ago
Augustin wrote: On Tue, Sep 2, 2014 at 4:37 AM, Axel Dörfler axeld@xxxxxxxxxxxxxxxx wrote: And since we're using (with the exception of ffmpeg) up to date open source libraries, I think there should not be much of a problem using Haiku on a network (compared to other systems). FFmpeg 0.10.14 is the latest in the 0.10 line and it's the one we're using. I'm not aware of any security holes in that version. The current version is 2.3.3; while we're using the latest version of the 0.10 line, and it still seems to be maintained, it's not really what I would call up ...
Categories: Development

[haiku-development] Re: AW: Re: Security (Augustin Cavalier)

1 hour 12 min ago
On Tue, Sep 2, 2014 at 4:37 AM, Axel Dörfler axeld@xxxxxxxxxxxxxxxx wrote: And since we're using (with the exception of ffmpeg) up to date open source libraries, I think there should not be much of a problem using Haiku on a network (compared to other systems). FFmpeg 0.10.14 is the latest in the 0.10 line and it's the one we're using. I'm not aware of any security holes in that version. ...
Categories: Development

[haiku-development] AW: Re: Security (Axel Dörfler)

1 hour 12 min ago
Sean wrote: Does haiku even offer any reasonably easy exploits ? it lacks many features AFAIK that would offer a path of explotation to begin with. I had a hardcore linux hacker in my house try to hack my haiku machine for giggles once. He didnt get anywhere with it. You won't get very far trying to hack Haiku in its default settings; there shouldn't even be any open ports. If SSH is turned on, it will be as hard to hack as any other system using a current OpenSSH package. The only real threat is via bugs in user applications like the WebPositive, ...
Categories: Development

[haiku-development] Re: Security (Ralf Schülke)

1 hour 12 min ago
I have never see a secure system, nothing is secure, so far, but i think, the point is: Haiku are a Desktop System, this means for Programms (App's), the focus is running apps fast and make good apps, with the BeAPI. The BeAPI are casses and methodes to do good stuff (ok he need more work here, to making stuff like Apple Metal, Sprite-Kit etc but Haiku (BeOS) System Design is ready , we have Server and Kits!) Haiku is not more or less secure as other os but haiku not os os for server, super-computer, embedded systems. ...
Categories: Development

[haiku-development] Re: libtool link_all_deplibs (Ingo Weinhold)

1 hour 12 min ago
On 01.09.2014 22:54, Jérôme Duval wrote: at the moment we configure libtool with link_all_deplibs = yes. This has the consequence that we link a program against each dependencies of a shared library: SDL_image for instance, and each of the libraries that depend on it, libjpeg, etc.. Haikuporter detects that and says we should declare the dependencies. This can in the long term be a difficult to maintain correct dependencies on applications using some interface libraries. ...
Categories: Development

[haiku-development] Re: Security (Ingo Weinhold)

1 hour 12 min ago
On 02.09.2014 00:49, Wayne Peter Corwin wrote: On Tuesday, September 02, 2014 at 12:40 AM, Axel Dörfler axeld@xxxxxxxxxxxxxxxx wrote Anyway, it's ridiculous to believe that Haiku is going to be secure anytime soon. But it's unfortunately also ridiculous to believe you are secure with any OS ATM. Multi-user doesn't really help you much with this at all either. ...
Categories: Development

[haiku-development] Re: Creating or porting an IDE [was Re: What's the status of Haiku?] (Augustin Cavalier)

1 hour 12 min ago
ATM it can compile and run Makefile-Engine based projects (including itself). And start them in Debugger. But I've only been working on this for a few weeks ;-) SDI should theoretically be possible, but not ATM as I'm in the process of reworking the tabs, I just did it today with Web+'s tab view but I'm going to wind up doing it again with a custom one soon... And the wx port does not exist (it never did really). ...
Categories: Development

[haiku-development] Re: Security (Ari Haviv)

1 hour 12 min ago
On Mon, Sep 1, 2014 at 10:57 PM, Sean smc.collins@xxxxxxxxxxx wrote: This eloquently answers my questions about the Haiku projects' stance and insights on security. It's non-existant. - wpc if I walk into your house, and physically take your PC, how secure is it then ? Becuase if you want to know the truth, most user info is gathered from stolen laptops. ...
Categories: Development

[haiku-development] Re: Security (Sean)

1 hour 12 min ago
This eloquently answers my questions about the Haiku projects' stance and insights on security. It's non-existant. - wpc if I walk into your house, and physically take your PC, how secure is it then ? ...
Categories: Development

[haiku-development] Re: Security (Ari Haviv)

1 hour 12 min ago
On Mon, Sep 1, 2014 at 5:15 AM, Wayne Peter Corwin wayne.peter.corwin@xxxxxxxxxxxxxxxx wrote: Hi all. I don't see much talk about Haiku and security. In this day and age, a single-user rooted OS with a homegrown network library sounds a bit scary. I'd like to ask if multiuser capabilities (with a non-root user as default) are being implemented and if security audits will be performed ...
Categories: Development

[haiku-development] Re: Security (Sean)

1 hour 12 min ago
If you feel exposed using Haiku, you're likely paranoid, but just don't use it then. If you find someone motivated enough to hack into your system for whatever reason, I'm pretty sure that Haiku will set a higher barrier than most systems, if only because you won't be able to buy a Hack Haiku set at your local dealer, but have to do all the work yourself. ...
Categories: Development

[haiku-development] Re: Creating or porting an IDE [was Re: What's the status of Haiku?] (Jessica Hamilton)

1 hour 12 min ago
On 2 September 2014 06:49, Ryan Leavengood leavengood@xxxxxxxxx wrote: On Mon, Sep 1, 2014 at 2:36 PM, Edward Robbins edd.robbins@xxxxxxxxxxxxxx wrote: Ok, this is just hypothetical, so: If everything is going to be in separate windows can they at least be dockable or with a parent window, or at least have this configurable? I definitely agree with you on that. Fortunately Haiku as a system has that covered pretty well with Stack and Tile: ...
Categories: Development

[haiku-development] Re: Security (Wayne Peter Corwin)

1 hour 12 min ago
On Tuesday, September 02, 2014 at 12:40 AM, Axel Dörfler axeld@xxxxxxxxxxxxxxxx wrote Anyway, it's ridiculous to believe that Haiku is going to be secure anytime soon. But it's unfortunately also ridiculous to believe you are secure with any OS ATM. Multi-user doesn't really help you much with this at all either. This eloquently answers my questions about the Haiku projects' stance and insights on security. ...
Categories: Development

[haiku-development] Re: Security (Axel Dörfler)

1 hour 12 min ago
Am 02/09/2014 00:28, schrieb Wayne Peter Corwin: On Tuesday, September 02, 2014 at 12:18 AM, Andrew Hudson dmarc-noreply@xxxxxxxxxxxxx I will wager that one can put Haiku on a networked PC outside the firewall for 24 hours today and it will not be hacked. $20 US. What say you, sir? ...
Categories: Development

[haiku-development] Re: Security (Wayne Peter Corwin)

1 hour 12 min ago
On Tuesday, September 02, 2014 at 12:18 AM, Andrew Hudson dmarc-noreply@xxxxxxxxxxxxx I will wager that one can put Haiku on a networked PC outside the firewall for 24 hours today and it will not be hacked. $20 US. What say you, sir? Gee, I don't know. Maybe one of these things: ...
Categories: Development

[haiku-development] Re: Security (Andrew Hudson)

1 hour 12 min ago
I will wager that one can put Haiku on a networked PC outside the firewall for 24 hours today and it will not be hacked. $20 US. What say you, sir? I am, however, hoping to put Haiku on a networked computer once it's released. ...
Categories: Development

[haiku-development] Re: Security (Wayne Peter Corwin)

1 hour 12 min ago
On Monday, September 01, 2014 at 11:08 PM, Edward Robbins edd.robbins@xxxxxxxxxxxxxx said: Axel's mail was informative about the state of security in haiku, and nowhere near naive unless you take that single comment out of context.  But. The thread context is R1 final (at least, I hope I made that clear). I don't worry about the alpha, nor the eventual beta. I am, however, hoping to put Haiku on a networked computer once it's released. ...
Categories: Development

[haiku-development] Re: AW: Re: Package Management (pete . goodeve)

1 hour 12 min ago
On Mon, Sep 01, 2014 at 09:59:25AM +0200, Axel Dörfler wrote: Fredrik wrote: 2014-08-31 22:31 skrev pete.goodeve@xxxxxxxxxxxx: And yes, the first thing I had to do to get some of the stuff I use transferred to PM was to set up my own /boot/common. If I recal correctly common was removed just before PM was introduced. It was discussed a lot but was not adding any vital function that can be in home or system. Now with PM this are less neede. The only mention of needing /boot/common was if a company would need to use it, they can now use PM instead and make there own repository :) ...
Categories: Development

[haiku-development] Re: Security (Edward Robbins)

1 hour 12 min ago
On Mon, Sep 1, 2014 at 9:33 PM, Wayne Peter Corwin wayne.peter.corwin@xxxxxxxxxxxxxxxx wrote: On Monday, September 01, 2014 at 10:14 PM, Axel Dörfler axeld@xxxxxxxxxxxxxxxx said: I think Haiku is not a worthwhile target either. Sorry, but the naive alarm went off. ...
Categories: Development

[haiku-development] libtool link_all_deplibs (Jérôme Duval)

1 hour 12 min ago
Hi, at the moment we configure libtool with link_all_deplibs = yes. This has the consequence that we link a program against each dependencies of a shared library: SDL_image for instance, and each of the libraries that depend on it, libjpeg, etc.. Haikuporter detects that and says we should declare the dependencies. This can in the long term be a difficult to maintain correct dependencies on applications using some interface libraries. ...
Categories: Development