Debians commandline package manager https://git.kalnischkies.de/apt/atom?h=2.1.11 2020-02-26T19:34:54Z 2020-02-26T19:34:54Z Julian Andres Klode julian.klode@canonical.com 2019-08-13T17:15:19Z urn:sha1:db678df196ccd8f9f6fb336706cf5701d1e53aa6 2019-06-12T13:02:55Z Julian Andres Klode julian.klode@canonical.com 2019-05-11T15:17:20Z urn:sha1:daa1352ed3d2bb4bc6aa0f0e7f22be3f0908942d 2018-01-03T18:42:45Z David Kalnischkies david@kalnischkies.de 2017-10-27T22:01:27Z urn:sha1:04ab37fecaf286f724bef2e0969d2b67ab5ac1b1 Allowing a method to request work from other methods is a powerful capability which could be misused or exploited, so to slightly limited the surface let method opt-in into this capability on startup. 2018-01-03T17:55:41Z David Kalnischkies david@kalnischkies.de 2017-08-09T21:26:19Z urn:sha1:02567e3084d2faec92e8bf248e89fda6452e634b The format isn't too hard to get right, but it gets funny with multiline fields (which we don't really have yet) and its just easier to deal with it once and for all which can be reused for more messages later. 2017-10-22T16:52:16Z Julian Andres Klode jak@debian.org 2017-10-21T13:44:43Z urn:sha1:1a76517470ebc2dd3f96e39ebe6f3706d6dd78da This avoids running the Proxy-Auto-Detect script inside the untrusted (well, less trusted for now) sandbox. This will allow us to restrict the http method from fork()ing or exec()ing via seccomp. 2015-08-10T15:25:25Z David Kalnischkies david@kalnischkies.de 2015-06-17T07:29:00Z urn:sha1:6c55f07a5fa3612a5d59c61a17da5fe640eadc8b Doing this disables the implicit copy assignment operator (among others) which would cause hovac if used on the classes as it would just copy the pointer, not the data the d-pointer points to. For most of the classes we don't need a copy assignment operator anyway and in many classes it was broken before as many contain a pointer of some sort. Only for our Cacheset Container interfaces we define an explicit copy assignment operator which could later be implemented to copy the data from one d-pointer to the other if we need it. Git-Dch: Ignore 2015-06-16T14:22:46Z David Kalnischkies david@kalnischkies.de 2015-06-16T14:22:46Z urn:sha1:c8a4ce6cbed57ae108dc955d4a850f9b129a0693 To have a chance to keep the ABI for a while we need all three to team up. One of them missing and we might loose, so ensuring that they are available is a very tedious but needed task once in a while. Git-Dch: Ignore 2015-06-09T10:57:36Z David Kalnischkies david@kalnischkies.de 2015-06-06T17:16:45Z urn:sha1:3679515479136179e0d95325a6559fcc6d0af7f8 rred is responsible for unpacking and reading the patch files in one go, but we currently only have hashes for the uncompressed patch files, so the handler read the entire patch file before dispatching it to the worker which would read it again – both with an implicit uncompress. Worse, while the workers operate in parallel the handler is the central orchestration unit, so having it busy with work means the workers do (potentially) nothing. This means rred is working with 'untrusted' data, which is bad. Yet, having the unpack in the handler meant that the untrusted uncompress was done as root which isn't better either. Now, we have it at least contained in a binary which we can harden a bit better. In the long run, we want hashes for the compressed patch files through to be safe. 2014-11-05T16:53:20Z Michael Vogt mvo@ubuntu.com 2014-11-05T16:53:20Z urn:sha1:da6f750f4586af16f2df3fb85cd6eb35a2a8227d 2014-10-13T09:29:39Z David Kalnischkies david@kalnischkies.de 2014-10-13T06:05:57Z urn:sha1:862bafea48af2ceaf96345db237b461307a021f6 Reimplementing an inline method is opening a can of worms we don't want to open if we ever want to us a d-pointer in those classes, so we do the only thing which can save us from hell: move the destructors into the cc sources and we are good. Technically not an ABI break as the methods inline or not do the same (nothing), so a program compiled against the old version still works with the new version (beside that this version is still in experimental, so nothing really has been build against this library anyway). Git-Dch: Ignore