Re: [BLUG] California approves OS textbooks

On Fri, Aug 21, 2009 at 10:09 AM, Beartooth<beartooth@beartooth.info> wrote:
>> Right now, as I understand the number of trees on the planet is still
>> dropping regularly, I find it really hard to think of that as a really great
>> idea to be pursuing just yet.
>
>        Why should the grand total be the criterion? Mowing popples for
> particle board (or paper) has to be a net subtraction, whatever the grand
> total is doing.

The bad idea, as I see it, is precisely that: a business plan that
involves a net subtraction from the amount of trees (not so much in
units, but in photosynthetic capacity) on the planet during a time
when they're already dropping at unacceptable rates.

If you're going out and cutting more trees than you're growing, or
getting rid of the few truly old trees we have left, I can't really
see that as a Good Thing. Even if you justify it as carbon
sequestration; it's the *growing* that's sequestering, and not the
chopping, if I understand things correctly.

If you start planting trees now with an eye towards a sustainable
cutting plan when they're at the appropriate size, I could maybe see
that; though that sounds too far from immediate gratification to be a
popular plan.

The operation you described sounds basically net zero, if they mow
only what they plant.

I just, you know, wanna keep being able to breathe long enough to
solve the carbon issue, ;-), so any plan right now involving less
trees sounds counter-productive.

>> Then the argument that "without copyright, and people being granted
>> practically unlimited and indefinite monopolies on certain work,
>> nobody would produce those works" would be demonstrably false.
>
>        Straw man. Question is how the poets & playwrights would eat, while
> still working full time on their writings.

There are many questions, f'rinstance:

How many poets & playwrights *are* eating, while still working full
time on their writings, right now?

How would copyright law reform affect that?

> --
> Beartooth the Stubborn, Sclerotic Squirreler
> Death is not evil. Suffering is evil.

Simón

_______________________________________________
BLUG mailing list
BLUG@linuxfan.com
http://mailman.cs.indiana.edu/mailman/listinfo/blug

[BLUG] major exploit in 2.4 and 2.6 linux kernel

There was a flaw discovered in the kernel that's been there since 2001
that can be used for privilege escalation. If you have support for one
of several less-common network protocols, a malicious user with local
access can become root very easily.

It has to do with how the kernel allocates network sockets and sets up
protocol listeners on those sockets. There are some functions that are
implemented for some protocols but not others, and when the function is
not implemented, it's supposed to raise a "Not Implemented" exception.
Instead, it references a null pointer. Vulnerable kernels have support
for Appletalk, IPX, bluetooth, pppoe, irda, isdn, and a few others.

>From Linus's commit:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e694958388c50148389b0e9b9e9e8945cf0f1b98

kernel_sendpage() does the proper default case handling for when the
socket doesn't have a native sendpage implementation.

Now, arguably this might be something that we could instead solve by
just specifying that all protocols should do it themselves at the
protocol level, but we really only care about the common protocols.
Does anybody really care about sendpage on something like Appletalk?
Not likely.

Even better is RedHat's mitigation advice:
https://bugzilla.redhat.com/show_bug.cgi?id=516949#c10

Best of all is this post I saw on PlanetDebian:
http://blog.bofh.it/debian/id_294 which reads:

cd /lib/modules/$(uname -r)/kernel/ && \
rm net/ipx/ipx.ko net/irda/irda.ko net/x25/x25.ko \
net/ax25/ax25.ko net/bluetooth/bluetooth.ko \
net/sctp/sctp.ko drivers/net/pppoe.ko drivers/net/pppox.ko

Basically, if you use bluetooth or some obscure networking protocol in
your kernel and someone else has local access, you might be vulnerable.
If you remove the modules for those vulnerable protocols, you're fine.

-Barry

_______________________________________________
BLUG mailing list
BLUG@linuxfan.com
http://mailman.cs.indiana.edu/mailman/listinfo/blug

Re: [BLUG] California approves OS textbooks

On Thu, 20 Aug 2009, Simón Ruiz wrote:

> You know, that's a point I hadn't considered yet. Cutting down trees
> as a good thing...
>
> If you planted a large enough forest (or a fast-enough growing woody
> plant) specifically with the intent to set yourself up to continuously
> cut down significantly sized trees for the purposes of carbon
> sequestration, that'd be one thing; I could be okay with that,
> someday.

Head North. Find one of the areas that supply popple for
the Duluth particle board plants. They have a humongous machine
like a mower, and cut the trees in swaths -- with enough swaths
to let each get back up to the size they want before mowing again
(several years). New popples grow up from the stumps of the old
ones. (In Virginia, the oaks do that, too -- quercus
sempervivens, in effect -- though it takes a lot longer.)

> Right now, as I understand the number of trees on the planet is
> still dropping regularly, I find it really hard to think of
> that as a really great idea to be pursuing just yet.

Why should the grand total be the criterion? Mowing
popples for particle board (or paper) has to be a net
subtraction, whatever the grand total is doing.

[....]
> Then the argument that "without copyright, and people being granted
> practically unlimited and indefinite monopolies on certain work,
> nobody would produce those works" would be demonstrably false.

Straw man. Question is how the poets & playwrights would
eat, while still working full time on their writings.

--
Beartooth the Stubborn, Sclerotic Squirreler
Death is not evil. Suffering is evil.