!ZRgXNaHrdpGqwUnGnj:nixos.org

NixOS Security Triage

666 Members
Coordination and triage of security issues in nixpkgs212 Servers

Load older messages


SenderMessageTime
23 Jun 2021
@hexa:lossy.networkhexa rough. can we move it to #networking:nixos.org still? 14:24:00
@hexa:lossy.networkhexa * rough. can we move it to #networking:nixos.org still? if both of you have issues like this it should probably be investigated further. 14:24:21
@hexa:lossy.networkhexa pennae: on the topic of privsep, dhcpcd should get a privsep user when we can ensure it is used through the module, which in turn ensures the user exists 14:26:14
@hexa:lossy.networkhexaat one point there as a dhcpcd user allocated, see e9cd877921cc4164aa0ba57ae1fd7526ec6440c314:28:37
@hexa:lossy.networkhexa * at one point there even was a dhcpcd user allocated, see e9cd877921cc4164aa0ba57ae1fd7526ec6440c314:28:40
@pennae:matrix.eno.spacepennaethat's been a while14:29:06
@hexa:lossy.networkhexawould you want to look into that further?14:29:12
@pennae:matrix.eno.spacepennaenot sure we're qualified14:29:49
@hexa:lossy.networkhexacan only encourage you to try 😀14:34:18
@pennae:matrix.eno.spacepennaemight try at some point. the last module we tried to modify kind of fizzled in review 😶14:35:38
@hexa:lossy.networkhexathere are even nixos tests that you can use to verify you didn't break anything :)14:35:42
@pennae:matrix.eno.spacepennae grubbing around in system daemons is a bit scary tbh
at least mosquitto isn't that important (and also had tests (that were half broken))
14:39:27
@hexa:lossy.networkhexamosquitto was also haphazardly bumped a major version number just before the release14:51:25
@hexa:lossy.networkhexaignoring the resulitng breakage, not nice.14:51:43
@pennae:matrix.eno.spacepennaeand our PR to fix the module being extremely limited has seen basically no review since ... when was it, beginning of may?14:53:53
@pennae:matrix.eno.spacepennae at leas the bump didn't break anything here :/ 14:54:31
@pennae:matrix.eno.spacepennae oh hey, you're on that one as a reviewer hexa 😛 15:26:13
@hexa:lossy.networkhexauh, yeah. I know 😓15:26:51
@hexa:lossy.networkhexaI did the systemd hardening on that module and something else15:27:14
@pennae:matrix.eno.spacepennaeah well.15:30:18
@linus.heckemann:matrix.mayflower.deLinux Hackerman hexa: no plans currently, he said he might remove his maintainership (I'm guessing across the board) 15:34:35
@hexa:lossy.networkhexayeah, I didn't expect him to suddenly turn up again 15:35:08
@r_i_s:matrix.orgris_think i'm there with 2/3 of the dovecot backports, but think I'm going to skip CVE-2020-28200 as it's "only" an excessive resource consumption bug and common opinion is that it's too significant to backport, looking at it i'm inclined to agree18:06:29
@hexa:lossy.networkhexasgtm18:14:35
@_xmpp_julm=40sourcephile.fr:matrix.orgjulm joined the room.21:18:13
@_xmpp_julm=40sourcephile.fr:matrix.orgjulm left the room.23:52:28
24 Jun 2021
@_xmpp_julm=40sourcephile.fr:matrix.orgjulm joined the room.00:12:04
@_xmpp_julm=40sourcephile.fr:matrix.orgjulm left the room.03:41:34
@_xmpp_julm=40sourcephile.fr:matrix.orgjulm joined the room.03:41:36
@_xmpp_julm=40sourcephile.fr:matrix.orgjulm left the room.10:36:46

There are no newer messages yet.


Back to Room ListRoom Version: 6