[opensuse-factory] Let's keep acroread for pure reasons of usability.
I think we ought to keep acroread in the distro simply because it's about usability. The current suggestions: a) download it from adobe yourself b) use something else are not good enough. If (a) was a real solution, why are we building building a distro at all. (b) is not a solution because there is no 100% replacement for acroread. By removing acroread, we are sacrificing critical usability because of a rule about unmaintained software. I suggest we reconsider and wait until the alternatives have caught up. Once we have a mature plug-compatible alternative, we can remove acroread. -- Per Jessen, Zürich (17.0°C) http://www.hostsuisse.com/ - dedicated server rental in Switzerland. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Am 07.11.2013 14:31, schrieb Per Jessen:
I think we ought to keep acroread in the distro simply because it's about usability. The current suggestions:
a) download it from adobe yourself b) use something else
are not good enough. If (a) was a real solution, why are we building building a distro at all. (b) is not a solution because there is no 100% replacement for acroread.
By removing acroread, we are sacrificing critical usability because of a rule about unmaintained software. I suggest we reconsider and wait until the alternatives have caught up. Once we have a mature plug-compatible alternative, we can remove acroread.
"unmaintained" alone is not the big deal. But known exploited security issues probably are. Unmaintained software can still get band-aids to fix security stuff usually if it's OSS. Shipping acroread further means putting known security backdoors into user's systems. To the other comment: We are building a distribution out of free software to make it easy for people to start working immediately. acroread is not part of the operating system, it's not OSS, it's not maintained which for non-OSS means, it's vulnerable by design and I guess its track record proves that it is highly vulnerable. And I really would hope we could ditch Flash now but the alternatives there are not really existant yet. In case of PDF they are good enough though. Wolfgang -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Wolfgang Rosenauer wrote:
Am 07.11.2013 14:31, schrieb Per Jessen:
I think we ought to keep acroread in the distro simply because it's about usability. The current suggestions:
a) download it from adobe yourself b) use something else
are not good enough. If (a) was a real solution, why are we building building a distro at all. (b) is not a solution because there is no 100% replacement for acroread.
By removing acroread, we are sacrificing critical usability because of a rule about unmaintained software. I suggest we reconsider and wait until the alternatives have caught up. Once we have a mature plug-compatible alternative, we can remove acroread.
"unmaintained" alone is not the big deal. But known exploited security issues probably are.
None were mentioned sofar, but yes, if they endanger the average user's system and open it to abuse, that is certainly a problem.
Unmaintained software can still get band-aids to fix security stuff usually if it's OSS. Shipping acroread further means putting known security backdoors into user's systems.
For any new users, perhaps.
To the other comment: We are building a distribution out of free software to make it easy for people to start working immediately.
Precisely. Not including important software doesn't enable to people to start working immediately.
In case of PDF they are good enough though.
Not judging by the current on that topic. Btw, do I need to do something special to make Okular support multiple document in one window (tabbed) ? -- Per Jessen, Zürich (16.8°C) http://www.hostsuisse.com/ - dedicated server rental in Switzerland. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Thu, Nov 7, 2013 at 9:39 PM, Wolfgang Rosenauer <wolfgang@rosenauer.org> wrote:
a) download it from adobe yourself b) use something else
are not good enough. If (a) was a real solution, why are we building building a distro at all. (b) is not a solution because there is no 100% replacement for acroread. To the other comment: We are building a distribution out of free software to make it easy for people to start working immediately. acroread is not part of the operating system, it's not OSS, it's not
Am 07.11.2013 14:31, schrieb Per Jessen: maintained which for non-OSS means, it's vulnerable by design and I guess its track record proves that it is highly vulnerable.
More plain explanation: We didn't build an open source distribution to run commerical software. That's, well, at least not the aim for a community project. Commerical software ran before because the company behind it (Adobe) wanted to have it running. It was not because we work hard to have it (of course, still some work done). It's a close-source stuff so basically we totally have no idea of what's inside that black box. It's not even built from source but from binary. So basically, the only difference between the rpm downloaded from Adobe and the one in our repository is just where it's download from. There're no superior bits in our rpm. And you can even take that we had acroread in non-oss before as a side-effect. It's simply because when SUSE Linux made the deal with Adobe, it took us into consideration and made sure the deal covers openSUSE too. or acroread didn't suppose to be here at all. So besically it's not a "take away". I'd better take it as: I used some applications misplaced and doesn't belong to me. Marguerite -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
So here're the options left: 1. open source alternatives (I didn't say they're equal) for normal use 2. download rpm from Adobe 3. have a windows in vm/dual boot, download exe from Adobe 4. buy a SLED (I don't know if they'll maintain acroread any further in the coming SLE 12) For advanced users only: 5. maintain your own download-on-user-system script on OBS Note: Not download using a _service "onto" OBS, because it's still against the blacklist. see steam in games repo or bumblebee for how to do it right. as well as maintaining/keeping the openSUSE hacks like notifications blabla...don't know if it's possible 'coz I don't know if such hacks are open source ones. 6. Jump in and help open source ones from fulfilling your needs as quickly as you can. There're no more options. It's not about "equal replacement" or "openSUSE should", because in the rare cases we met (some forms), neither openSUSE nor your government claimed that openSUSE can be used to do the job. (We didn't promise something on our slideshow during installation like: filling tax forms using Adobe, neither your government did, actually, some governments like mine, explicitly told you: you can only use Microsoft 95 to pay your tax) So if you wanna focusing on solving problems, pay attention to the options I listed above. Marguerite -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
2013/11/7 Per Jessen <per@computer.org>
I think we ought to keep acroread in the distro simply because it's about usability. The current suggestions:
a) download it from adobe yourself b) use something else
are not good enough. If (a) was a real solution, why are we building building a distro at all. (b) is not a solution because there is no 100% replacement for acroread.
By removing acroread, we are sacrificing critical usability because of a rule about unmaintained software. I suggest we reconsider and wait until the alternatives have caught up. Once we have a mature plug-compatible alternative, we can remove acroread.
-- Per Jessen, Zürich (17.0°C) http://www.hostsuisse.com/ - dedicated server rental in Switzerland.
Hi, I, as a regular user, never installed acroread and used what is installed by default to read/print pdfs (okular in my case), so this drop means no usability lost for my case. Of course Carlos case is a valid case and indeed he needs acroread, but is a corner case. Regards, Luiz -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday, 2013-11-07 at 11:44 -0200, Luiz Fernando Ranghetti wrote:
Of course Carlos case is a valid case and indeed he needs acroread, but is a corner case.
All utility here (electricity, gas, water, telephone, etc) send their receipts via paper, but all of them push for the clients to switch to "electronic receipts", which mean PDF, and usually those PDFs are signed. Unless signed electronically they don't have legal value; with the signature, they are valid. Only acroread supports signature verification. I have tried the same receipt on okular and evince, and they don't even say there is a signature. (interestingly, the receipt was generated not by adobe software, but by 3-Heights(TM) PDF Producer) The other feature is PDF XFA form filling. None of the available open source programs fully support forms. You need acroread to at least compare and see if the alternatives are good enough or not, per case. These forms may contain javascript code. (interestingly, one of the samples posted here was produced by AFPL Ghostscript 8.53, not adobe) Those are two cases that require adobe software, and they affect many users. In Windows I understand there are alternatives, but not in Linux. Acroread in Wine does not work, except version 8 (according to wine docs), and that is as bad as directly using Linux version number 8 or 9. Many Linux users have also Windows machines, but I try to avoid booting to Windows as much as I can. It can be argued that there may be other methods to generate such forms and signed document with open means. Perhaps. However, those organizations, many of them, have chosen PDF, even if they don't use adobe software to generate them. Surely they have explored the market to find out what is available, thus also surely PDF is the best out there. Previously I thought that Adobe had sold their product very well, but finding out that the PDFs are often generated by alternate software, that is no longer the explanation. So, what exactly are the security risks I get into by opening local PDF files (generated by reputable sources, such as governments) with acroread in Linux? Can they be avoided or limited with a good AppArmor profile? If the danger is in the Firefox plugin, for instance, that can be removed with less trouble. - -- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlJ76P4ACgkQtTMYHG2NR9Vv/ACfZSzejdoY7zJQIsBUrUhPi1hh +4oAoIkA0hQOeI0ftCxms1CV8DuUypZ/ =yO2N -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
2013/11/7 Carlos E. R. <carlos.e.r@opensuse.org>:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Thursday, 2013-11-07 at 11:44 -0200, Luiz Fernando Ranghetti wrote:
Of course Carlos case is a valid case and indeed he needs acroread, but is a corner case.
All utility here (electricity, gas, water, telephone, etc) send their receipts via paper, but all of them push for the clients to switch to "electronic receipts", which mean PDF, and usually those PDFs are signed. Unless signed electronically they don't have legal value; with the signature, they are valid.
Hi, Here the receipts (banks, etc) have an autentication code [1] wich one can verify and validate on the bank itself. Regards, Luiz [1]http://paste.opensuse.org/5409202 -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday, 2013-11-07 at 17:45 -0200, Luiz Fernando Ranghetti wrote:
2013/11/7 Carlos E. R. <>:
Here the receipts (banks, etc) have an autentication code [1] wich one can verify and validate on the bank itself.
Yes, I one of the organizations I get PDFs from use that method. But it is not a receipt, it is used as a pass or authorization for some services. The other entity needs the verification code because what we carry is the paper.
Ah, no, that verification code is much larger. The one I talked about is about 12 letters. - -- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlJ785AACgkQtTMYHG2NR9XLvACfXE5ukT0ehX9SQjehCLDGeM2X 03cAoJWgSbPoARgKuIU3my6cvPmJpeiQ =lUU4 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Thursday 07 November 2013, Carlos E. R. wrote:
On Thursday, 2013-11-07 at 11:44 -0200, Luiz Fernando Ranghetti wrote:
Of course Carlos case is a valid case and indeed he needs acroread, but is a corner case.
All utility here (electricity, gas, water, telephone, etc) send their receipts via paper, but all of them push for the clients to switch to "electronic receipts", which mean PDF, and usually those PDFs are signed. Unless signed electronically they don't have legal value; with the signature, they are valid.
Only acroread supports signature verification. I have tried the same receipt on okular and evince, and they don't even say there is a signature.
(interestingly, the receipt was generated not by adobe software, but by 3-Heights(TM) PDF Producer)
The other feature is PDF XFA form filling. None of the available open source programs fully support forms. You need acroread to at least compare and see if the alternatives are good enough or not, per case. These forms may contain javascript code.
Seriously, have you tried google-chrome's built-in pdf viewer yet? This is one of the closed source parts of chrome and I could imagine that it's less broken than okular, evince and friends. Moreover could be that many pdf creaters have tested their pdfs with chrome because it has so widely useed and the build-in viewer is enabled by default. cu, Rudi -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Thursday 07 November 2013, Ruediger Meier wrote:
On Thursday 07 November 2013, Carlos E. R. wrote:
On Thursday, 2013-11-07 at 11:44 -0200, Luiz Fernando Ranghetti wrote:
Of course Carlos case is a valid case and indeed he needs acroread, but is a corner case.
All utility here (electricity, gas, water, telephone, etc) send their receipts via paper, but all of them push for the clients to switch to "electronic receipts", which mean PDF, and usually those PDFs are signed. Unless signed electronically they don't have legal value; with the signature, they are valid.
Only acroread supports signature verification. I have tried the same receipt on okular and evince, and they don't even say there is a signature.
(interestingly, the receipt was generated not by adobe software, but by 3-Heights(TM) PDF Producer)
The other feature is PDF XFA form filling. None of the available open source programs fully support forms. You need acroread to at least compare and see if the alternatives are good enough or not, per case. These forms may contain javascript code.
Seriously, have you tried google-chrome's built-in pdf viewer yet? This is one of the closed source parts of chrome and I could imagine that it's less broken than okular, evince and friends. Moreover could be that many pdf creaters have tested their pdfs with chrome because it has so widely useed and the build-in viewer is enabled by default.
Now I see your other mail that you've tried it already. However if you ever complain at your gas company you could say you have tried google-chrome. That may sound more reasonable for them as xpdf or evince :) cu, Rudi -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday, 2013-11-07 at 21:13 +0100, Ruediger Meier wrote:
However if you ever complain at your gas company you could say you have tried google-chrome. That may sound more reasonable for them as xpdf or evince :)
Their answer: use acrobat on Windows, as everybody. It is your stupid fault for using... what did you say, linws? What on earth is that? Never heard of it. Use Windows, that's what we test. Don't be stupid. Or words to that effect. - -- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlJ8PhQACgkQtTMYHG2NR9UZygCdFH4jNuya78uAIdIxfzMyVFfZ hBEAnixXg7vxe9G6ZNo8/YGXmW6VhEiw =7ynt -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Friday 2013-11-08 02:27, Carlos E. R. wrote:
Their answer: use acrobat on Windows, as everybody. It is your stupid fault for using... what did you say, linws?
Just name Android for a change — they cannot excuse themselves from that ;) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday, 2013-11-08 at 04:22 +0100, Jan Engelhardt wrote:
On Friday 2013-11-08 02:27, Carlos E. R. wrote:
Their answer: use acrobat on Windows, as everybody. It is your stupid fault for using... what did you say, linws?
Just name Android for a change — they cannot excuse themselves from that ;)
I don't know if you can view PDFs with certificates in Android, and I would never try, anyway. No privacy guaranteed. I bought an Android phone before realising the privacy concerns, because they told me that was the IN brand of smart phone to have. You can handle banking from android, too. I'm not keen on trying. Actually, some of my goverment agencies do create software for android. I have one gadget informing me of road conditions and warnings like snow storm road blocks. Useful. No privacy concern, I think. I guess. Dunno. Sigh... - -- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlJ84vcACgkQtTMYHG2NR9UREgCgiRiN1Hntse4gO6U8LlMNQhu3 SlEAoJZPXdwlheikenbUZYAKVkJiEo66 =Dk7R -----END PGP SIGNATURE-----
On Thu, 2013-11-07 at 20:24 +0100, Carlos E. R. wrote:
On Thursday, 2013-11-07 at 11:44 -0200, Luiz Fernando Ranghetti wrote:
Of course Carlos case is a valid case and indeed he needs acroread, but is a corner case.
All utility here (electricity, gas, water, telephone, etc) send their receipts via paper, but all of them push for the clients to switch to "electronic receipts", which mean PDF, and usually those PDFs are signed. Unless signed electronically they don't have legal value; with the signature, they are valid.
Only acroread supports signature verification. I have tried the same receipt on okular and evince, and they don't even say there is a signature.
(interestingly, the receipt was generated not by adobe software, but by 3-Heights(TM) PDF Producer)
The other feature is PDF XFA form filling. None of the available open source programs fully support forms. You need acroread to at least compare and see if the alternatives are good enough or not, per case. These forms may contain javascript code.
(interestingly, one of the samples posted here was produced by AFPL Ghostscript 8.53, not adobe)
Those are two cases that require adobe software, and they affect many users. In Windows I understand there are alternatives, but not in Linux. Acroread in Wine does not work, except version 8 (according to wine docs), and that is as bad as directly using Linux version number 8 or 9. Many Linux users have also Windows machines, but I try to avoid booting to Windows as much as I can.
It can be argued that there may be other methods to generate such forms and signed document with open means. Perhaps. However, those organizations, many of them, have chosen PDF, even if they don't use adobe software to generate them. Surely they have explored the market to find out what is available, thus also surely PDF is the best out there.
Previously I thought that Adobe had sold their product very well, but finding out that the PDFs are often generated by alternate software, that is no longer the explanation.
So, what exactly are the security risks I get into by opening local PDF files (generated by reputable sources, such as governments) with acroread in Linux? Can they be avoided or limited with a good AppArmor profile?
If the danger is in the Firefox plugin, for instance, that can be removed with less trouble.
So, for some simple pdf okular & Co are apparently good enough. But as Carlos wrote, it isn't working for more complicated ones. Counting options.... A) Obviously keeping acroread forever isn't an option B) keeping it for now is just postponing the inevitable C) telling people, that if they want, they can install an ancient version of acroread is just as bad as A) D) in the beginning of this thread, someone suggested running a recent version of acroread under wine. -> When doing such thing, doesn't that involve any security risks? <- -> What is the chance of providing this for the "default end-user" <- -> Would it be allowed (if even possible) to create such a nested&foreign package <- E) Worst case scenario, having to install W7, just for viewing/filling PDF's Any other options???? -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday, 2013-11-07 at 22:12 +0100, Hans Witvliet wrote:
D) in the beginning of this thread, someone suggested running a recent version of acroread under wine.
Does not work. According to the wine people, the last version to work is number 8.
E) Worst case scenario, having to install W7, just for viewing/filling PDF's
That is what I said at the start.
Any other options????
An old version of acrobat, or Windows. Nothing else. Maybe there is a webservice to render the documents, but that has privacy concerns that maybe worse. - -- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlJ8P1IACgkQtTMYHG2NR9VV9wCfYzSGkS9+QlWl11KhmAoaAnRH 9usAn37ULLBxkNgZRbdvVPm0VT2eGVzF =tN6X -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On 7 November 2013 22:12, Hans Witvliet <suse@a-domani.nl> wrote:
So, for some simple pdf okular & Co are apparently good enough.
But as Carlos wrote, it isn't working for more complicated ones. Counting options.... A) Obviously keeping acroread forever isn't an option B) keeping it for now is just postponing the inevitable C) telling people, that if they want, they can install an ancient version of acroread is just as bad as A)
D) in the beginning of this thread, someone suggested running a recent version of acroread under wine. -> When doing such thing, doesn't that involve any security risks? <- -> What is the chance of providing this for the "default end-user" <- -> Would it be allowed (if even possible) to create such a nested&foreign package <-
E) Worst case scenario, having to install W7, just for viewing/filling PDF's
Any other options????
F) All the distros get together and fund a project to improve poppler to the point where it meets the required needs. Seriously, this will be an issue for all distros, and waiting on volunteer developers to find enough time to solve the really hard problems involved will never get you there. It's a key problem that needs investment and at least one of the distros needs to step up and fund a solution. Same for printing. John. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Hello, On Nov 8 10:50 John Layt wrote (excerpt):
It's a key problem that needs investment
Investment needs money and money comes from customers who pay so that the crucial question is whether or not customers who pay are interested in a free software solution for PDF processing or if the Adobe Reader as provided by Adobe for free (for no money) is sufficient for customers who pay. Kind Regards Johannes Meixner -- SUSE LINUX Products GmbH -- Maxfeldstrasse 5 -- 90409 Nuernberg -- Germany HRB 16746 (AG Nuernberg) GF: Jeff Hawn, Jennifer Guild, Felix Imendoerffer -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Am 08.11.2013 10:57, schrieb Johannes Meixner:
Hello,
On Nov 8 10:50 John Layt wrote (excerpt):
It's a key problem that needs investment
Investment needs money and money comes from customers who pay so that the crucial question is whether or not customers who pay are interested in a free software solution for PDF processing or if the Adobe Reader as provided by Adobe for free (for no money) is sufficient for customers who pay.
as Adobe stopped providing the Reader for Linux, commercial distributions have the same issue (same as free ones used for commercial purposes). Linux Desktops (not much) are in use in public service environments worldwide and in case SUSE will provide a SLED12 (no idea if that's the case) I see improvements coming at some point. So there is hope I think but it will take some time probably and that may be a pain for some people relying on it but still the software is still available on the planet. Everyone is still free to install it. BTW, we will face a very similar situation with Flash soon and it'll be much more of a pain until alternatives are ready and polished enough. Wolfgang -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Hello, - probably off topic (or not?) - On Nov 8 11:08 Wolfgang Rosenauer wrote (excerpt):
BTW, we will face a very similar situation with Flash soon and it'll be much more of a pain until alternatives are ready and polished enough.
Oh my God for haven's sake I am shocked what should I do my way of life breaks down how can I use the Internet how can I watch videos must I really go out and get in contact with reality or even enter a cinema... ;-) Kind Regards Johannes Meixner -- SUSE LINUX Products GmbH -- Maxfeldstrasse 5 -- 90409 Nuernberg -- Germany HRB 16746 (AG Nuernberg) GF: Jeff Hawn, Jennifer Guild, Felix Imendoerffer -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Am 08.11.2013 11:21, schrieb Johannes Meixner:
Hello,
- probably off topic (or not?) -
On Nov 8 11:08 Wolfgang Rosenauer wrote (excerpt):
BTW, we will face a very similar situation with Flash soon and it'll be much more of a pain until alternatives are ready and polished enough.
Oh my God for haven's sake I am shocked what should I do my way of life breaks down how can I use the Internet how can I watch videos must I really go out and get in contact with reality or even enter a cinema... ;-)
Unfortunately still by now some infrastructure WebUIs are built on Flash technology. Prominent example: VMWare vCenter's webagent And I'm pretty sure there are many similar things out there in the wild even and especially for corporate usecases. Videos will be covered first from the alternatives anyway. But anyway. I'm not worried about myself but really even if it's for fun stuff. The Flash situation has the potential to move people back to Windows or (I'm most worried about ;-)) to use Chrome / Chromium with its own Flash. Wolfgang -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Hello, On Nov 8 11:30 Wolfgang Rosenauer wrote (excerpt):
Unfortunately still by now some infrastructure WebUIs are built on Flash technology.
Fortunately all broken-by-design stuff will go where it belongs. Kind Regards Johannes Meixner -- SUSE LINUX Products GmbH -- Maxfeldstrasse 5 -- 90409 Nuernberg -- Germany HRB 16746 (AG Nuernberg) GF: Jeff Hawn, Jennifer Guild, Felix Imendoerffer -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Friday 2013-11-08 13:48, Johannes Meixner wrote:
On Nov 8 11:30 Wolfgang Rosenauer wrote (excerpt):
Unfortunately still by now some infrastructure WebUIs are built on Flash technology.
Fortunately all broken-by-design stuff will go where it belongs.
Unfortunately, a broken-by-design stuff is invented every once in a while. There will be no shortage of work to come, hooray for the GDP. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On 11/8/2013 7:48 AM, Johannes Meixner wrote:
Hello,
On Nov 8 11:30 Wolfgang Rosenauer wrote (excerpt):
Unfortunately still by now some infrastructure WebUIs are built on Flash technology.
Fortunately all broken-by-design stuff will go where it belongs.
Even if your bosses paid $250,000.00 for it only last year... Hey whatever, who needs raises or jobs, as long as you don't have to worry about annoying flash. -- bkw -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Brian K. White - 12:57 8.11.13 wrote:
On 11/8/2013 7:48 AM, Johannes Meixner wrote:
Hello,
On Nov 8 11:30 Wolfgang Rosenauer wrote (excerpt):
Unfortunately still by now some infrastructure WebUIs are built on Flash technology.
Fortunately all broken-by-design stuff will go where it belongs.
Even if your bosses paid $250,000.00 for it only last year...
Hey whatever, who needs raises or jobs, as long as you don't have to worry about annoying flash.
You are right, it sounds like your boss doesn't deserve his job :-) -- Michal HRUSECKY SUSE LINUX, s.r.o. openSUSE Team Lihovarska 1060/12 PGP 0xFED656F6 19000 Praha 9 mhrusecky[at]suse.cz Czech Republic http://michal.hrusecky.net http://www.suse.cz -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday, 2013-11-08 at 11:21 +0100, Johannes Meixner wrote:
- probably off topic (or not?) -
Yes :-)
On Nov 8 11:08 Wolfgang Rosenauer wrote (excerpt):
BTW, we will face a very similar situation with Flash soon and it'll be much more of a pain until alternatives are ready and polished enough.
Oh my God for haven's sake I am shocked what should I do my way of life breaks down how can I use the Internet how can I watch videos must I really go out and get in contact with reality or even enter a cinema... ;-)
Flash is not only videos. There are sites, even banks, that use flash for menus. You can not even work with them if you block flash. Yes, it is disgusting, but such are things. Yes, of course I hope they change to some other thing. The sooner the better. - -- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlJ8490ACgkQtTMYHG2NR9WErwCgg32jZ3LjiMhj/2oCF1XVWqqH lI0An1DN4yr+o1aho1dfgTKkQhyzHkyU =J8ze -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Hello, On Nov 8 14:15 Carlos E. R. wrote (excerpt):
On Friday, 2013-11-08 at 11:21 +0100, Johannes Meixner wrote:
- probably off topic (or not?) -
Yes :-)
mu! http://en.wiktionary.org/wiki/mu#Etymology_2
There are sites, even banks, that use flash for menus. You can not even work with them if you block flash.
You do online banking with a bank (i.e. you trust it) that uses flash for its online banking web pages? Kind Regards Johannes Meixner -- SUSE LINUX Products GmbH -- Maxfeldstrasse 5 -- 90409 Nuernberg -- Germany HRB 16746 (AG Nuernberg) GF: Jeff Hawn, Jennifer Guild, Felix Imendoerffer -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday, 2013-11-08 at 14:45 +0100, Johannes Meixner wrote:
There are sites, even banks, that use flash for menus. You can not even work with them if you block flash.
You do online banking with a bank (i.e. you trust it) that uses flash for its online banking web pages?
What do you expect me to do? I have to live. - -- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlJ9IusACgkQtTMYHG2NR9X2fQCeMGdL5D5Qr2+vU1sJaKCTsnIw e5gAnRayLNTGcLTCXF+NJ8mKGFWYqpWJ =1cHa -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On 2013-11-08 18:44 (GMT+0100) Carlos E. R. composed:
On Friday, 2013-11-08 at 14:45 +0100, Johannes Meixner wrote:
There are sites, even banks, that use flash for menus. You can not even work with them if you block flash.
You do online banking with a bank (i.e. you trust it) that uses flash for its online banking web pages?
What do you expect me to do? I have to live.
Not to expect it would do so, but ask the bank to provide you with a Windows license. It might get it to understand that embedding proprietary features in its web site causes customers to need non-free software (Windows, not Flash or Acroread) that they otherwise have no need for, or that their hardware cannot support. Come spring, supported Windows versions will have hardware requirements exceeding the capability of many perfectly useful computers. Inducing people to need new PCs just to use a bank site is environmentally abhorrent policy. -- "The wise are known for their understanding, and pleasant words are persuasive." Proverbs 16:21 (New Living Translation) Team OS/2 ** Reg. Linux User #211409 ** a11y rocks! Felix Miata *** http://fm.no-ip.com/ -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday, 2013-11-08 at 13:09 -0500, Felix Miata wrote:
Not to expect it would do so, but ask the bank to provide you with a Windows license. It might get it to understand that embedding proprietary features in its web site causes customers to need non-free software (Windows, not Flash or Acroread) that they otherwise have no need for, or that their hardware cannot support.
In this country, Windows is gratis. That's what they tell me. Most people pirate it, anyway. And if it is not, busineses like people spending money on other busineses, so your argument doesn't buy any butter with them. Consider: if I have to phone my bank to do some operation - for instance, my credit card is stolen, so I call to cancel it - I have to call a 902 phone. These numbers pay extra, no matter if my phone plan include free calls all day everywhere in the country. These calls cost extra, and not cheap. They *love* me paying for things. You have to pay for Windows? Perfect! Wonderful" - -- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlJ9iyQACgkQtTMYHG2NR9UNcwCeOBc1ex++JyIO616kOwz2a5I/ XcUAn2J3BApEp7x+akBki1rGdlvkK2tp =SUXu -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
* Carlos E. R. <robin.listas@telefonica.net> [2013-11-08 18:44]:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Friday, 2013-11-08 at 14:45 +0100, Johannes Meixner wrote:
There are sites, even banks, that use flash for menus. You can not even work with them if you block flash.
You do online banking with a bank (i.e. you trust it) that uses flash for its online banking web pages?
What do you expect me to do? I have to live.
Complain to Adobe and especially your bank, because in contrast to openSUSE they are actually in a position to do something about this problem (and preferrably now before Adobe completely drops it). -- Guido Berhoerster -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Carlos E. R. - 18:44 8.11.13 wrote:
On Friday, 2013-11-08 at 14:45 +0100, Johannes Meixner wrote:
There are sites, even banks, that use flash for menus. You can not even work with them if you block flash.
You do online banking with a bank (i.e. you trust it) that uses flash for its online banking web pages?
What do you expect me to do? I have to live.
Offtopic as the whole thread, but I would switch the bank that requires me to do silly and potentially dangerous stuff. I don't want to loose my hard worked for money. And I already switched bank because of totally broken internet banking in past. If you are willing to go through such a loops just because they say so, installing proprietary dangerous software seems not so much different. -- Michal HRUSECKY SUSE LINUX, s.r.o. openSUSE Team Lihovarska 1060/12 PGP 0xFED656F6 19000 Praha 9 mhrusecky[at]suse.cz Czech Republic http://michal.hrusecky.net http://www.suse.cz -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday, 2013-11-08 at 22:16 +0100, Michal Hrusecky wrote:
You do online banking with a bank (i.e. you trust it) that uses flash for its online banking web pages?
What do you expect me to do? I have to live.
Offtopic as the whole thread, but I would switch the bank that requires me to do silly and potentially dangerous stuff.
Yes, so would I. Do you think that's easy? I can't. They have me by the b***s. (read about the "preferentes" fraud in Spain, if you want to know why) Plus, it is not only one bank that uses flash. Some of the most relieable otherwise use it. They also use android apps, which is very vulnerable... the NSA reads it all, via google. - -- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlJ9jDAACgkQtTMYHG2NR9WsqACfT7WUQ6kXr0wPjQPDlzaJSQt/ icIAoJXQEld4DZRkyho5bZ9EaBzNIDBn =Qp3J -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On 11/8/2013 5:21 AM, Johannes Meixner wrote:
Hello,
- probably off topic (or not?) -
On Nov 8 11:08 Wolfgang Rosenauer wrote (excerpt):
BTW, we will face a very similar situation with Flash soon and it'll be much more of a pain until alternatives are ready and polished enough.
Oh my God for haven's sake I am shocked what should I do my way of life breaks down how can I use the Internet how can I watch videos must I really go out and get in contact with reality or even enter a cinema...
Try the vmware vcenter client for managing entire vmware clusters. Requires flash and none of the flash alternatives works. And it's the only way to admin those clusters and hosts and vms and storage pools and network and firewall infrastructure. Well one other option, you could install a real install of full Windows and install a 400 meg download on that. That is a native Windows vcenter admin app. There are countless other special purpose things like that. Some built into hardware that is not updatable and/or will never see another update since the manufacturer may not even exist anymore to do it even if they did care, which they don't. It's not all cat videos. Thanks for caring. -- bkw -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday, 2013-11-08 at 12:55 -0500, Brian K. White wrote:
It's not all cat videos. Thanks for caring.
Indeed. - -- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlJ9jIcACgkQtTMYHG2NR9VHRgCfXkPIuNK8mYXWKMsb6KGcpZZ/ K44AnR8mv6I0FpCnl4IByJ4pyjPQtasS =gNhU -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday, 2013-11-08 at 11:08 +0100, Wolfgang Rosenauer wrote:
Am 08.11.2013 10:57, schrieb Johannes Meixner:
On Nov 8 10:50 John Layt wrote (excerpt):
It's a key problem that needs investment
Investment needs money and money comes from customers who pay so that the crucial question is whether or not customers who pay are interested in a free software solution for PDF processing or if the Adobe Reader as provided by Adobe for free (for no money) is sufficient for customers who pay.
as Adobe stopped providing the Reader for Linux, commercial distributions have the same issue (same as free ones used for commercial purposes). Linux Desktops (not much) are in use in public service environments worldwide and in case SUSE will provide a SLED12 (no idea if that's the case) I see improvements coming at some point.
So there is hope I think but it will take some time probably and that may be a pain for some people relying on it but still the software is still available on the planet. Everyone is still free to install it.
Interestingly, several of the pdf forms and pdf receipts I get are not created with adobe software. It appears that in Windows there are alternative comercial software that do work. (one was AFPL Ghostscript - don't we have that in Linux?) Why is it that we do not have working alternatives in Linux? For both things, creation and reading?
BTW, we will face a very similar situation with Flash soon and it'll be much more of a pain until alternatives are ready and polished enough.
One push against flash, I believe, is that some of the mobile platforms (android?) do not support flash. - -- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlJ85RIACgkQtTMYHG2NR9UY5QCeLz5P9ovwA5RwNhJomva4uKdc xA4An087lAoRzybOp6141Vf/ig3NcC+o =qh52 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Carlos E. R. wrote:
Interestingly, several of the pdf forms and pdf receipts I get are not created with adobe software. It appears that in Windows there are alternative comercial software that do work.
(one was AFPL Ghostscript - don't we have that in Linux?)
Why is it that we do not have working alternatives in Linux? For both things, creation and reading?
For creation, I have sofar done quite well with libreoffice and imagemagick, although I have not tried to use any of the more advanced pdf features. -- Per Jessen, Zürich (14.9°C) http://www.hostsuisse.com/ - dedicated server rental in Switzerland. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Wolfgang Rosenauer wrote:
BTW, we will face a very similar situation with Flash soon and it'll be much more of a pain until alternatives are ready and polished enough.
It is no doubt dependent on one's situation, but speaking for myself and my company, acroread is far more important than flash. By an order of magnitude or more. -- Per Jessen, Zürich (14.9°C) http://www.hostsuisse.com/ - dedicated server rental in Switzerland. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday, 2013-11-08 at 16:13 +0100, Per Jessen wrote:
Wolfgang Rosenauer wrote:
BTW, we will face a very similar situation with Flash soon and it'll be much more of a pain until alternatives are ready and polished enough.
It is no doubt dependent on one's situation, but speaking for myself and my company, acroread is far more important than flash. By an order of magnitude or more.
True... - -- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlJ9IzEACgkQtTMYHG2NR9W2gwCggLR3OCn51ws+tBGuPuJDSfnb fpgAn3HHOyQfvzi5S+MtOfwjzwRQmnmS =Favk -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Friday 08 of November 2013 10:50:49 John Layt wrote:
F) All the distros get together and fund a project to improve poppler to the point where it meets the required needs.
Seriously, this will be an issue for all distros, and waiting on volunteer developers to find enough time to solve the really hard problems involved will never get you there. It's a key problem that needs investment and at least one of the distros needs to step up and fund a solution. Same for printing.
Perhaps focusing on mupdf would be more efficient, because it is much faster and more memory efficient, already includes more features than poppler, the company behind it is very experienced in matters of document rendering, and just lacks a proper front-end at the moment. About the latter, there exists a preliminary mupdf backend for okular.
John. Regards, Peter -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Hello, On Nov 8 12:51 auxsvr@gmail.com wrote (excerpt):
Perhaps focusing on mupdf would be more efficient, because it is much faster and more memory efficient, already includes more features than poppler, the company behind it is very experienced in matters of document rendering
It seems mupdf is also available for Windows, Android, iPad and iPhone, see http://www.mupdf.com/ -------------------------------------------------------------------- Download packages of the latest release for your system: o Source code for all platforms. o Windows viewer and tools. o Android viewer for phones and tablets on Google Play. o iPad and iPhone version on the App Store. -------------------------------------------------------------------- This way mupdf could become THE standard free software PDF renderer on the usual hardware platforms nowadays. Kind Regards Johannes Meixner -- SUSE LINUX Products GmbH -- Maxfeldstrasse 5 -- 90409 Nuernberg -- Germany HRB 16746 (AG Nuernberg) GF: Jeff Hawn, Jennifer Guild, Felix Imendoerffer -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday, 2013-11-08 at 12:51 +0200, auxsvr@gmail.com wrote:
Perhaps focusing on mupdf would be more efficient, because it is much faster and more memory efficient, already includes more features than poppler, the company behind it is very experienced in matters of document rendering, and just lacks a proper front-end at the moment. About the latter, there exists a preliminary mupdf backend for okular.
Interesting. - -- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlJ85VoACgkQtTMYHG2NR9XTYQCeLm2rV32z5VnV1LpMOGup7qGr ka0An2epHfRQYDoUBGP8U5HYwdBoQzXV =YIgy -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On 7 November 2013 22:12, Hans Witvliet <suse@a-domani.nl> wrote:
Any other options????
Running some windows version under Wine? Can't Wine run a fair number of programs these days? -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Sat, 9 Nov 2013 19:35, Linda Walsh <suse@...> wrote:
On 7 November 2013 22:12, Hans Witvliet <suse@a-domani.nl> wrote:
Any other options????
Running some windows version under Wine?
Can't Wine run a fair number of programs these days?
Most of the Adobe programs (Acroread, Acrobat, Photoshop) do NOT install / run under wine. Try 'Foxit Reader' that works under wine. (incl. signatues and forms, javascript animations, sorry no button test - didn't have a pdf with buttons handy) - Yamaban. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Sat, Nov 09, 2013 at 10:35:59AM -0800, Linda Walsh wrote:
On 7 November 2013 22:12, Hans Witvliet <suse@a-domani.nl> wrote:
Any other options????
Running some windows version under Wine?
Can't Wine run a fair number of programs these days?
I tried it, it currently does not install. Can't say if it runs after installing. Ciao, Marcus -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Saturday, 2013-11-09 at 23:05 +0100, Marcus Meissner wrote:
Running some windows version under Wine?
Can't Wine run a fair number of programs these days?
I tried it, it currently does not install.
Can't say if it runs after installing.
The wine people say only version 8 installs and run completely. Version 9 partially (and for those we'd better use the Linux version, anyway). Versions X and XII, total failure. The other alternatives are virtual machines. XP needs to be at SP3 for X to work, but XP is EOL on 2014, the wikipedia says. Thus it would have to be W7, which is more expensive. Gratis alternatives, well, Android. I just installed Android 4 under vimware player, emulating a tablet. I installed Acrobat 10.6, but it is a PITA. The display is small, there are no guest tools (AFAIK), PgUp/PgDn do not work. Gestures with a mouse are complicated things... In all, acrobat in android, unless on real hardware, is barely usable. - -- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlJ+7TQACgkQtTMYHG2NR9UNCQCcCndjcW/xo6guDxCycpS2lAfe HBgAniZnsf28BmpzP91owyog04DUAyCx =hsS5 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Hello, Am Donnerstag, 7. November 2013 schrieb Carlos E. R.:
So, what exactly are the security risks I get into by opening local PDF files (generated by reputable sources, such as governments) with acroread in Linux? Can they be avoided or limited with a good AppArmor profile?
I don't know about the exact security risks - maybe someone from the security team knows more details. With an AppArmor profile, you can make sure that acroread only reads *.pdf files and doesn't read or modify random files on your disk. You can also forbid networking - but this doesn't sound too useful when you need to submit a form online ;-) Anyway, I'll attach my AppArmor profile for acroread. It's not as tight as it could be (and I'll probably do some changes to it now that I know acroread won't get security updates anymore), but it's a good start. Be warned that you will need to change it - for example I'm quite sure your home directory is not /home/cb/ ;-) Note: the profile only covers the binary, not the wrapper script.
If the danger is in the Firefox plugin, for instance, that can be removed with less trouble.
Indeed, just zypper rm acroread-browser-plugin I'd strongly recommend to do that (guess who split off this subpackage, and why... ;-) Regards, Christian Boltz -- <coolo> Ilmehtar: in rails you don't javascript, you jquery <coolo> or even worse, you coffee <ancor> Ilmehtar: coolo is right. I always use jquery <ancor> but I'm not still used to coffee <vad> tea, then? [from #opensuse-project]
Hello, I would also like to express my vote to keep Adobe Reader available in an openSUSE customized version! Maybe not in NON-OSS repo, but possibly in packman? Reasons: 1) Official Adobe RPM (suggested as a workaround) does not work flawlessly on openSUSE. The openSUSE RPM has specific modifications to work around problems of Adobe Reader in openSUSE (eg. suse-do-not-grab-server.so and many others). Hence the official RPM is not equivalent for users. 2) Much bigger point not mentioned before: PRINTING!! I need to print US/letter page PDFs on A4 frequently, as well as PDF presentations created by pdflatex. Non of the opensource PDF alternatives (on KDE) provide *all* of these printing features: - booklets (kde#186732, kde#248673) - subset of pages, i.e. 1,3-5,9,11-16 - scale to fit printer margins (fixed in kde 4.12?) (kde#192189) - multiple pages per sheet (in custom/different orders/orientations). All of these printing limitations originally come from the KDE4, which does simply not consider printing as important (kde#77624 unmaintained)! Fancy GUI animations and so on are way more important... Asking people to wait for KDE to catch up in terms of printing is an insult, really. It could easily take another decade! The whole printing area seems to (or was for a long time) unmaintained. Acrobat in contrast had its own printing dialog, where most of these things are available in a simple GUI. So, how about providing openSUSE customized Acrobat RPM on packman repos? On 11/07/2013 05:20 PM, Christian Boltz wrote:
Hello,
Am Donnerstag, 7. November 2013 schrieb Carlos E. R.:
So, what exactly are the security risks I get into by opening local PDF files (generated by reputable sources, such as governments) with acroread in Linux? Can they be avoided or limited with a good AppArmor profile?
I don't know about the exact security risks - maybe someone from the security team knows more details.
With an AppArmor profile, you can make sure that acroread only reads *.pdf files and doesn't read or modify random files on your disk. You can also forbid networking - but this doesn't sound too useful when you need to submit a form online ;-)
Anyway, I'll attach my AppArmor profile for acroread. It's not as tight as it could be (and I'll probably do some changes to it now that I know acroread won't get security updates anymore), but it's a good start. Be warned that you will need to change it - for example I'm quite sure your home directory is not /home/cb/ ;-)
Note: the profile only covers the binary, not the wrapper script.
If the danger is in the Firefox plugin, for instance, that can be removed with less trouble.
Indeed, just zypper rm acroread-browser-plugin
I'd strongly recommend to do that (guess who split off this subpackage, and why... ;-)
Regards,
Christian Boltz
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday, 2013-11-07 at 18:01 -0500, Joschi Brauchle wrote:
Reasons: 1) Official Adobe RPM (suggested as a workaround) does not work flawlessly on openSUSE. The openSUSE RPM has specific modifications to work around problems of Adobe Reader in openSUSE (eg. suse-do-not-grab-server.so and many others). Hence the official RPM is not equivalent for users.
Oh. :-(
2) Much bigger point not mentioned before: PRINTING!!
True. Often I tell acroread to print to ps file, and then I manipulate that ps for printing. The fit to page feature is nice.
So, how about providing openSUSE customized Acrobat RPM on packman repos?
That would be a solution. If they wish... :-? - -- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlJ8QnIACgkQtTMYHG2NR9VJ/wCdHOLzwy2j8ksw7RCuQPQDq4SG mXgAnRwsKRf3miBLRlaefH/rPg0KZTK8 =zq8v -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Fri, Nov 8, 2013 at 7:01 AM, Joschi Brauchle <joschi.brauchle@tum.de> wrote:
Hello,
I would also like to express my vote to keep Adobe Reader available in an openSUSE customized version! Maybe not in NON-OSS repo, but possibly in packman?
Hi, guys, I would like to mention the basic design theory of Packman: 1. it's a separate project from openSUSE. eg, building packages for openSUSE project doesn't mean they're the same. 2. it's an open source project. it aims to "workaround" for open source multimedia projects that upstream warned about potential pa*ent violations. So a known commercial proprietary product isn't able to be in Packman, esp. when it needs a new redistribution promission from Adobe. The previous permission was issued to SUSE Linux and openSUSE. But not for Packman. And Packman isn't able to accquire such permission, I think. I don't know how exactly Packman is designed to be a firewall in law, but it's common sense, if you're able to receive something from a company, of course you're able to receive summon from a court too. So I think maybe a non-existent-in-law project isn't an entity for just deals. Meanwhile, as Adobe declared unmaintenance itself, of course it will not issue such permissions after that. Greetings. Marguerite -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Fri, Nov 08, 2013 at 10:01:18AM +0800, Marguerite Su wrote:
On Fri, Nov 8, 2013 at 7:01 AM, Joschi Brauchle <joschi.brauchle@tum.de> wrote:
Hello,
I would also like to express my vote to keep Adobe Reader available in an openSUSE customized version! Maybe not in NON-OSS repo, but possibly in packman?
Hi, guys,
I would like to mention the basic design theory of Packman:
1. it's a separate project from openSUSE. eg, building packages for openSUSE project doesn't mean they're the same. 2. it's an open source project. it aims to "workaround" for open source multimedia projects that upstream warned about potential pa*ent violations.
So a known commercial proprietary product isn't able to be in Packman, esp. when it needs a new redistribution promission from Adobe. The previous permission was issued to SUSE Linux and openSUSE. But not for Packman. And Packman isn't able to accquire such permission, I think. I don't know how exactly Packman is designed to be a firewall in law, but it's common sense, if you're able to receive something from a company, of course you're able to receive summon from a court too. So I think maybe a non-existent-in-law project isn't an entity for just deals. Meanwhile, as Adobe declared unmaintenance itself, of course it will not issue such permissions after that.
License is not a big issue for Adobe Reader. It requires a click-through shrinkwrap license. So having a license confirmation dialog is sufficient. No special contracts requried according to our understanding for Adobe Reader. Ciao, Marcus -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
* Marcus Meissner <meissner@suse.de> [2013-11-08 11:41]:
On Fri, Nov 08, 2013 at 10:01:18AM +0800, Marguerite Su wrote:
On Fri, Nov 8, 2013 at 7:01 AM, Joschi Brauchle <joschi.brauchle@tum.de> wrote:
Hello,
I would also like to express my vote to keep Adobe Reader available in an openSUSE customized version! Maybe not in NON-OSS repo, but possibly in packman?
Hi, guys,
I would like to mention the basic design theory of Packman:
1. it's a separate project from openSUSE. eg, building packages for openSUSE project doesn't mean they're the same. 2. it's an open source project. it aims to "workaround" for open source multimedia projects that upstream warned about potential pa*ent violations.
So a known commercial proprietary product isn't able to be in Packman, esp. when it needs a new redistribution promission from Adobe. The previous permission was issued to SUSE Linux and openSUSE. But not for Packman. And Packman isn't able to accquire such permission, I think. I don't know how exactly Packman is designed to be a firewall in law, but it's common sense, if you're able to receive something from a company, of course you're able to receive summon from a court too. So I think maybe a non-existent-in-law project isn't an entity for just deals. Meanwhile, as Adobe declared unmaintenance itself, of course it will not issue such permissions after that.
License is not a big issue for Adobe Reader.
It requires a click-through shrinkwrap license. So having a license confirmation dialog is sufficient.
No special contracts requried according to our understanding for Adobe Reader.
Huh? From the Adobe Reader Licensing Agreement: 3.3 Distribution. This license does not grant you the right to sublicense or distribute the Software. For information about obtaining the right to distribute the Software on tangible media or through an internal network or with your product or service please refer to http://www.adobe.com/go/acrobat_distribute for information about Adobe Reader; or http://www.adobe.com/go/licensing for information about the Adobe Runtimes. On http://www.adobe.com/products/reader/distribution.html you can apply for a license to distribute the reader under the following terms: 3.2 Distribution. Distributor may: [...] (c) Distribute the Software, with the exception of ARH, as a part of or with Distributor Product or Distributor Service (i) through electronic means such as electronic download --including, without limitation, electronic software download-- for example bundled in Distributor’s installer, which in turn, is downloaded through the Internet and (ii) on physical media (such as CD-ROMs, DVDs, hard disk, etc.). (d) Distribute ARH only (i) as bundled with the Distributor Product or Service and (ii) (y) through electronic means such as electronic download --including, without limitation, electronic software download-- for example bundled in Distributor's installer, which in turn, is downloaded through the Internet and (z) on physical media (such as CD-ROMs, DVDs, hard disk, etc.). In all cases the Software is to be distributed in complete form and only for purposes of complete installation and use by the end user. The Software shall not be configured or distributed for use without installation. So that would not allow the package in its current form to be distributed either, furthermore there is no legal entity behind Packman which could negotiate a custom license to distribute and even if there were this would pose a problem for mirrors. Apart from that it will not enter Packman for the same reason it was removed from openSUSE so this whole discussion is growing increasingly pointless. -- Guido Berhoerster -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday, 2013-11-08 at 12:46 +0100, Guido Berhoerster wrote:
So that would not allow the package in its current form to be distributed either, furthermore there is no legal entity behind Packman which could negotiate a custom license to distribute and even if there were this would pose a problem for mirrors.
Apart from that it will not enter Packman for the same reason it was removed from openSUSE so this whole discussion is growing increasingly pointless.
Thanks for the clarification. Road closed. - -- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlJ85dcACgkQtTMYHG2NR9VxoQCfT74RS/0MDQFYd/yZvRTQwC/x qbUAn3vCFQJSyDK/5U2ZYbCMhzZc6Vsv =rwSg -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
May I ask a quick: (it may be answered elsewhere but I'm not sure as this thread has gone out of proportion) In order to save some hassle for me and my institution, I currently branched the last available version of the openSUSE RPM of Adobe Reader in OBS. I figured, as the package was available in the official openSUSE 'non-free' repos on OBS before and still is for < 13.1, this would be OK. So is it OK to branch or not? There are several other non-official repos which have it branched currently. Is a branched package in a home repo in OBS technically still being distibuted by openSUSE? Thanks for any help! On 11/08/2013 06:46 AM, Guido Berhoerster wrote:
* Marcus Meissner <meissner@suse.de> [2013-11-08 11:41]:
On Fri, Nov 08, 2013 at 10:01:18AM +0800, Marguerite Su wrote:
On Fri, Nov 8, 2013 at 7:01 AM, Joschi Brauchle <joschi.brauchle@tum.de> wrote:
Hello,
I would also like to express my vote to keep Adobe Reader available in an openSUSE customized version! Maybe not in NON-OSS repo, but possibly in packman?
Hi, guys,
I would like to mention the basic design theory of Packman:
1. it's a separate project from openSUSE. eg, building packages for openSUSE project doesn't mean they're the same. 2. it's an open source project. it aims to "workaround" for open source multimedia projects that upstream warned about potential pa*ent violations.
So a known commercial proprietary product isn't able to be in Packman, esp. when it needs a new redistribution promission from Adobe. The previous permission was issued to SUSE Linux and openSUSE. But not for Packman. And Packman isn't able to accquire such permission, I think. I don't know how exactly Packman is designed to be a firewall in law, but it's common sense, if you're able to receive something from a company, of course you're able to receive summon from a court too. So I think maybe a non-existent-in-law project isn't an entity for just deals. Meanwhile, as Adobe declared unmaintenance itself, of course it will not issue such permissions after that.
License is not a big issue for Adobe Reader.
It requires a click-through shrinkwrap license. So having a license confirmation dialog is sufficient.
No special contracts requried according to our understanding for Adobe Reader.
Huh? From the Adobe Reader Licensing Agreement:
3.3 Distribution. This license does not grant you the right to sublicense or distribute the Software. For information about obtaining the right to distribute the Software on tangible media or through an internal network or with your product or service please refer to http://www.adobe.com/go/acrobat_distribute for information about Adobe Reader; or http://www.adobe.com/go/licensing for information about the Adobe Runtimes.
On http://www.adobe.com/products/reader/distribution.html you can apply for a license to distribute the reader under the following terms:
3.2 Distribution. Distributor may:
[...]
(c) Distribute the Software, with the exception of ARH, as a part of or with Distributor Product or Distributor Service (i) through electronic means such as electronic download --including, without limitation, electronic software download-- for example bundled in Distributor’s installer, which in turn, is downloaded through the Internet and (ii) on physical media (such as CD-ROMs, DVDs, hard disk, etc.).
(d) Distribute ARH only (i) as bundled with the Distributor Product or Service and (ii) (y) through electronic means such as electronic download --including, without limitation, electronic software download-- for example bundled in Distributor's installer, which in turn, is downloaded through the Internet and (z) on physical media (such as CD-ROMs, DVDs, hard disk, etc.).
In all cases the Software is to be distributed in complete form and only for purposes of complete installation and use by the end user. The Software shall not be configured or distributed for use without installation.
So that would not allow the package in its current form to be distributed either, furthermore there is no legal entity behind Packman which could negotiate a custom license to distribute and even if there were this would pose a problem for mirrors.
Apart from that it will not enter Packman for the same reason it was removed from openSUSE so this whole discussion is growing increasingly pointless.
On Friday 2013-11-08 19:59, Joschi Brauchle wrote:
In order to save some hassle for me and my institution, I currently branched the last available version of the openSUSE RPM of Adobe Reader in OBS.
I figured, as the [acroread] package was available in the official openSUSE 'non-free' repos on OBS before and still is for < 13.1, this [branched the last available version of the openSUSE RPM of Adobe Reader] would be OK.
As has been mentioned before in this thread, the Adobe license does not permit redistribution by default. Whether branching is acceptable depends on whether the special permission SUSE had obtained from Adobe specifies whether the redist permission propagates. (The safe default stance for a packager is to assume that it is not; therefore, branches would be a… "risk" as they call it ;-) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
* Joschi Brauchle <joschi.brauchle@tum.de> [2013-11-08 19:59]:
May I ask a quick: (it may be answered elsewhere but I'm not sure as this thread has gone out of proportion)
In order to save some hassle for me and my institution, I currently branched the last available version of the openSUSE RPM of Adobe Reader in OBS.
I figured, as the package was available in the official openSUSE 'non-free' repos on OBS before and still is for < 13.1, this would be OK.
So is it OK to branch or not? There are several other non-official repos which have it branched currently. Is a branched package in a home repo in OBS technically still being distibuted by openSUSE?
Thanks for any help!
Packages under a non-OSI license are only allowed in openSUSE:*:Non-Free(:*) according to the rules* and may be deleted, so I'd just check out the package from openSUSE:12.3:NonFree:Update and build it locally for 13.1. [*] http://en.opensuse.org/openSUSE:Build_Service_application_blacklist -- Guido Berhoerster -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Thank you very much for the answer to my question, the link for reference and the suggestion on what to do. I'll do exactly that! On 11/08/2013 06:09 PM, Guido Berhoerster wrote:
* Joschi Brauchle <joschi.brauchle@tum.de> [2013-11-08 19:59]:
May I ask a quick: (it may be answered elsewhere but I'm not sure as this thread has gone out of proportion)
In order to save some hassle for me and my institution, I currently branched the last available version of the openSUSE RPM of Adobe Reader in OBS.
I figured, as the package was available in the official openSUSE 'non-free' repos on OBS before and still is for < 13.1, this would be OK.
So is it OK to branch or not? There are several other non-official repos which have it branched currently. Is a branched package in a home repo in OBS technically still being distibuted by openSUSE?
Thanks for any help!
Packages under a non-OSI license are only allowed in openSUSE:*:Non-Free(:*) according to the rules* and may be deleted, so I'd just check out the package from openSUSE:12.3:NonFree:Update and build it locally for 13.1.
[*] http://en.opensuse.org/openSUSE:Build_Service_application_blacklist
On Saturday 09 November 2013, Guido Berhoerster wrote:
* Joschi Brauchle <joschi.brauchle@tum.de> [2013-11-08 19:59]:
May I ask a quick: (it may be answered elsewhere but I'm not sure as this thread has gone out of proportion)
In order to save some hassle for me and my institution, I currently branched the last available version of the openSUSE RPM of Adobe Reader in OBS.
I figured, as the package was available in the official openSUSE 'non-free' repos on OBS before and still is for < 13.1, this would be OK.
So is it OK to branch or not? There are several other non-official repos which have it branched currently. Is a branched package in a home repo in OBS technically still being distibuted by openSUSE?
Thanks for any help!
Packages under a non-OSI license are only allowed in openSUSE:*:Non-Free(:*) according to the rules* and may be deleted, so I'd just check out the package from openSUSE:12.3:NonFree:Update and build it locally for 13.1.
Can't you simply use the 12.3 package? What is the benefit of rebuilding a package with binary-only sources? cu, Rudi -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Hallo, On Nov 7 18:01 Joschi Brauchle wrote (excerpt):
I would also like to express my vote to keep Adobe Reader available in an openSUSE customized version! Maybe not in NON-OSS repo, but possibly in packman?
Packman provides packages for openSUSE but Packman is not openSUSE so that you may have to suggest that directly to the Packman people.
Reasons: 1) Official Adobe RPM (suggested as a workaround) does not work flawlessly on openSUSE. The openSUSE RPM has specific modifications to work around problems of Adobe Reader in openSUSE (eg. suse-do-not-grab-server.so and many others). Hence the official RPM is not equivalent for users.
Basically you ask for openSUSE contributors to fix bugs in Adobe's proprietary software while Adobe itself shows basically no interest to provide their own software so that it works well on openSUSE? Assume the Adobe Reader would not work flawlessly on Windows, would you ask Microsoft to fix that or would you ask Adobe to fix their own bugs in their own software? Kind Regards Johannes Meixner -- SUSE LINUX Products GmbH -- Maxfeldstrasse 5 -- 90409 Nuernberg -- Germany HRB 16746 (AG Nuernberg) GF: Jeff Hawn, Jennifer Guild, Felix Imendoerffer -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday, 2013-11-07 at 23:20 +0100, Christian Boltz wrote:
Am Donnerstag, 7. November 2013 schrieb Carlos E. R.:
So, what exactly are the security risks I get into by opening local PDF files (generated by reputable sources, such as governments) with acroread in Linux? Can they be avoided or limited with a good AppArmor profile?
I don't know about the exact security risks - maybe someone from the security team knows more details.
With an AppArmor profile, you can make sure that acroread only reads *.pdf files and doesn't read or modify random files on your disk. You can also forbid networking - but this doesn't sound too useful when you need to submit a form online ;-)
No, I don't need to submit forms online. That only works, AFAIK, on intranets. It needs a special adobe server and probably only works on the Windows version. I've never had the chance to try, anyway. In fact, when I remember, I activate a firewall trick to block acroread from communicating on internet.
Anyway, I'll attach my AppArmor profile for acroread. It's not as tight as it could be (and I'll probably do some changes to it now that I know acroread won't get security updates anymore), but it's a good start. Be warned that you will need to change it - for example I'm quite sure your home directory is not /home/cb/ ;-)
It is a start, thanks. Now that I think, the yast apparmour wizard has disappeared, so it is more difficult to adjust profiles.
Note: the profile only covers the binary, not the wrapper script.
Which is that?
If the danger is in the Firefox plugin, for instance, that can be removed with less trouble.
Indeed, just zypper rm acroread-browser-plugin
I'd strongly recommend to do that (guess who split off this subpackage, and why... ;-)
No idea... But I already removed it some hours ago. - -- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlJ8QXgACgkQtTMYHG2NR9WWlwCeOPRgR2iWs/UNnipezaGqkyHg uMUAnAxJeCOkoqVOqL0YvjOuDZt/Nzbs =l6bc -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Hello, Am Freitag, 8. November 2013 schrieb Carlos E. R.:
On Thursday, 2013-11-07 at 23:20 +0100, Christian Boltz wrote:
Am Donnerstag, 7. November 2013 schrieb Carlos E. R.:
Anyway, I'll attach my AppArmor profile for acroread. It's not as tight as it could be (and I'll probably do some changes to it now that I know acroread won't get security updates anymore), but it's a good start. Be warned that you will need to change it - for example I'm quite sure your home directory is not /home/cb/ ;-)
It is a start, thanks.
Now that I think, the yast apparmour wizard has disappeared, so it is more difficult to adjust profiles.
Hmm, I didn't check the YaST module for a long time (I never use it), but the changelog says you are right: * Mo Aug 19 2013 jreidinger@suse.com - fix broken dialog in edit profiles - drop reporting and profile generation tools (FATE#308684,308683) Needless to say that both FATE entries are non-public :-( which means I don't know any details why this was done. The only thing I know is that the changelog entry is partly wrong - the "reporting" part was already disabled in 2011 because of upstream changes. In the remaining part, I even found a crash :-( (-> bug 849571) That said - you don't need YaST to update the profiles ;-) - the commandline tools work as good as always. To update an existing profile, run aa-logprof It will ask you in the same way YaST did, the only difference is that you need to use your keyboard instead of your mouse ;-) New profiles can be created with aa-genprof.
Note: the profile only covers the binary, not the wrapper script.
Which is that?
That's easy to find out ;-) # which acroread # ls -l `which acroread` (and then follow the symlink) Or just run aa-genprof acroread to create a profile ;-) Note: AFAIK the wrapper script uses LD_PRELOAD when starting the real binary, which means you should _not_ clean the environment when the binary is executed ("px" instead of "Px" in the profile) That all said: The most secure solution is of course to use a maintained PDF reader like Okular, but if you really _have to_ use acroread for some reason, it's more secure (or should I say less exploitable with an AppArmor profile.
If the danger is in the Firefox plugin, for instance, that can be removed with less trouble.
Indeed, just zypper rm acroread-browser-plugin
I'd strongly recommend to do that (guess who split off this subpackage, and why... ;-)
No idea...
You can blame me for the subpackage ;-) Regards, Christian Boltz --
CPU&-Register: die Person (mit Kurzzeitgedaechnis) Ich darf doch schwer bitten. Wenn ich morgens aufwache, brauche ich nicht erst Aktenordner durchzulesen. Ich kann mich auch so erinnern. [> David Haller und Bernd Brodesser in suse-linux]
-- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday, 2013-11-08 at 13:41 +0100, Christian Boltz wrote:
Now that I think, the yast apparmour wizard has disappeared, so it is more difficult to adjust profiles.
Hmm, I didn't check the YaST module for a long time (I never use it), but the changelog says you are right:
* Mo Aug 19 2013 jreidinger@suse.com - fix broken dialog in edit profiles - drop reporting and profile generation tools (FATE#308684,308683)
Needless to say that both FATE entries are non-public :-( which means I don't know any details why this was done. The only thing I know is that the changelog entry is partly wrong - the "reporting" part was already disabled in 2011 because of upstream changes.
In the remaining part, I even found a crash :-( (-> bug 849571)
Mmm.
That said - you don't need YaST to update the profiles ;-) - the commandline tools work as good as always.
To update an existing profile, run aa-logprof It will ask you in the same way YaST did, the only difference is that you need to use your keyboard instead of your mouse ;-)
I'll try... never used those, as far as I remember.
New profiles can be created with aa-genprof.
Note: the profile only covers the binary, not the wrapper script.
Which is that?
That's easy to find out ;-)
# which acroread # ls -l `which acroread` (and then follow the symlink)
Ah, ok, I understand. cer@Telcontar:~> file /usr/lib/Adobe/Reader9/bin/acroread /usr/lib/Adobe/Reader9/bin/acroread: POSIX shell script, ASCII text executable I didn't realise there was a script involved. And the script is provided by openSUSE, because I see refrences to bugzillas in it. So, in order to install adobe from "upstream", I would still need to keep the script from a previous install. :-( Hum... the script says copyright be Adobe... I don't understand.
Or just run aa-genprof acroread to create a profile ;-) Note: AFAIK the wrapper script uses LD_PRELOAD when starting the real binary, which means you should _not_ clean the environment when the binary is executed ("px" instead of "Px" in the profile)
Mmmm.
That all said: The most secure solution is of course to use a maintained PDF reader like Okular, but if you really _have to_ use acroread for some reason, it's more secure (or should I say less exploitable with an AppArmor profile.
Oh, yes. I seldom use acroread, in fact.
If the danger is in the Firefox plugin, for instance, that can be removed with less trouble.
Indeed, just zypper rm acroread-browser-plugin
I'd strongly recommend to do that (guess who split off this subpackage, and why... ;-)
No idea...
You can blame me for the subpackage ;-)
:-) - -- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlJ86GEACgkQtTMYHG2NR9XRzwCfdUWSFUBdgfO1deRRrhufHN0f oG8An1opSXtIIl0Be6tqMDip9iYYx1KK =QMYA -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Christian Boltz wrote:
Am Freitag, 8. November 2013 schrieb Carlos E. R.:
On Thursday, 2013-11-07 at 23:20 +0100, Christian Boltz wrote:
Am Donnerstag, 7. November 2013 schrieb Carlos E. R.:
Anyway, I'll attach my AppArmor profile for acroread. It's not as tight as it could be (and I'll probably do some changes to it now that I know acroread won't get security updates anymore), but it's a good start. Be warned that you will need to change it - for example I'm quite sure your home directory is not /home/cb/ ;-)
It is a start, thanks.
Yes, thanks, that's very useful! -- Per Jessen, Zürich (14.8°C) http://www.hostsuisse.com/ - dedicated server rental in Switzerland. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Fri, Nov 8, 2013 at 6:20 AM, Christian Boltz <opensuse@cboltz.de> wrote:
I don't know about the exact security risks - maybe someone from the security team knows more details.
With an AppArmor profile, you can make sure that acroread only reads *.pdf files and doesn't read or modify random files on your disk. You can also forbid networking - but this doesn't sound too useful when you need to submit a form online ;-)
Anyway, I'll attach my AppArmor profile for acroread. It's not as tight as it could be (and I'll probably do some changes to it now that I know acroread won't get security updates anymore), but it's a good start. Be warned that you will need to change it - for example I'm quite sure your home directory is not /home/cb/ ;-)
Note: the profile only covers the binary, not the wrapper script.
Security flaws are not judged by whether there're workarounds... You can have a entry on Release Note mention: ha, something doesn't work...here's how to get it work. But you can't say: ha...we are potential targets for...well here's how... It'll mean: we're insecure by default...that's crazy and insane...of course almost 90% of network tools' security flaws can be "fixed" by disconnection from network...I don't wanna look like a troll but that's an extreme example... And I don't think a public hearing on a puclic mailing list for explanations of what those security flaws are or where they're is a _good_ idea...maybe we can open a _close_ security bug report? Marguerite -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On November 7, 2013 at 2:31 PM Per Jessen <per@computer.org> wrote: I think we ought to keep acroread in the distro simply because it's about usability. The current suggestions:
Usability ... hmm, well, my first concern is security. If someone trusts the unmaintained stuff, then he/she should install it.
a) download it from adobe yourself b) use something else
c) if someone is really interested, why doesn't he maintain his own version in OBS?
are not good enough. If (a) was a real solution, why are we building building a distro at all. (b) is not a solution because there is no 100% replacement for acroread.
By removing acroread, we are sacrificing critical usability because of a rule about unmaintained software. I suggest we reconsider and wait until the alternatives have caught up. Once we have a mature plug-compatible alternative, we can remove acroread.
Now, as there have been many complaints about okular and other replacements here on this list: honestly, does anyone have opened a bug for it? ... hmm, I guess no, and so will it be until users are starting to use other things than acroread ... and they won't start until that package is removed. BTW: what are other distros doing? Have a nice day, Berny -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Thursday 07 November 2013, Bernhard Voelker wrote:
On November 7, 2013 at 2:31 PM Per Jessen <per@computer.org> wrote: I think we ought to keep acroread in the distro simply because it's about usability. The current suggestions:
Usability ... hmm, well, my first concern is security. If someone trusts the unmaintained stuff, then he/she should install it.
a) download it from adobe yourself b) use something else
c) if someone is really interested, why doesn't he maintain his own version in OBS?
I guess this is not possible because of the License. I had tried this for flash plugin one time and got delete requests by self-proclaimed OBS policemen. BTW the reason why I had to build flash was similar. Security had removed the 64bit version just because it was slightly older than the 32bit one. Then zypper patch tried to install the 32bit one and this was a real mess of my 64bit-only installation.
are not good enough. If (a) was a real solution, why are we building building a distro at all. (b) is not a solution because there is no 100% replacement for acroread.
By removing acroread, we are sacrificing critical usability because of a rule about unmaintained software. I suggest we reconsider and wait until the alternatives have caught up. Once we have a mature plug-compatible alternative, we can remove acroread.
Now, as there have been many complaints about okular and other replacements here on this list: honestly, does anyone have opened a bug for it? ... hmm, I guess no, and so will it be until users are starting to use other things than acroread ... and they won't start until that package is removed.
BTW: what are other distros doing?
cu, Rudi -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Bernhard Voelker wrote:
On November 7, 2013 at 2:31 PM Per Jessen <per@computer.org> wrote: I think we ought to keep acroread in the distro simply because it's about usability. The current suggestions:
Usability ... hmm, well, my first concern is security. If someone trusts the unmaintained stuff, then he/she should install it.
a) download it from adobe yourself b) use something else
c) if someone is really interested, why doesn't he maintain his own version in OBS?
We really ought to keep our focus on the general/default user, not our own narrow-minded use-cases. I also have no problem with installing acroread myself or even using okular (still a bit kludgy imho), but Grandma Brown and her support-grandson most probably will see things differently. I know my 70-something year old mother would.
are not good enough. If (a) was a real solution, why are we building building a distro at all. (b) is not a solution because there is no 100% replacement for acroread.
By removing acroread, we are sacrificing critical usability because of a rule about unmaintained software. I suggest we reconsider and wait until the alternatives have caught up. Once we have a mature plug-compatible alternative, we can remove acroread.
Now, as there have been many complaints about okular and other replacements here on this list: honestly, does anyone have opened a bug for it?
Let's not open that can of worms. People have probably looked at okular then installed acroread. Problem solved. I use acroread because I need some assurance that whatever PDF's I produce will look correct/appropriate in the tool used by my customers.
... hmm, I guess no, and so will it be until users are starting to use other things than acroread ... and they won't start until that package is removed.
You definitely are not wearing your user-friendly cap. :-( -- Per Jessen, Zürich (13.9°C) http://www.hostsuisse.com/ - dedicated server rental in Switzerland. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday, 2013-11-07 at 19:21 +0100, Per Jessen wrote:
Now, as there have been many complaints about okular and other replacements here on this list: honestly, does anyone have opened a bug for it?
Let's not open that can of worms. People have probably looked at okular then installed acroread. Problem solved. I use acroread because I need some assurance that whatever PDF's I produce will look correct/appropriate in the tool used by my customers.
Same here. I did report problems with forms (and other issues) time ago, till I got tired. - -- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlJ76uEACgkQtTMYHG2NR9UTeQCeJW8xB5thtyLSsTh1E8HrX29i UakAn3oe87TdVZHlNo/exLlXcMwgqkLy =iwx0 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Thu, 2013-11-07 at 14:31 +0100, Per Jessen wrote:
I think we ought to keep acroread in the distro simply because it's about usability. The current suggestions:
a) download it from adobe yourself b) use something else
are not good enough. If (a) was a real solution, why are we building building a distro at all. (b) is not a solution because there is no 100% replacement for acroread.
By removing acroread, we are sacrificing critical usability because of a rule about unmaintained software. I suggest we reconsider and wait until the alternatives have caught up. Once we have a mature plug-compatible alternative, we can remove acroread.
-- Per Jessen, Zürich (17.0°C) http://www.hostsuisse.com/ - dedicated server rental in Switzerland.
I've used openSUSE as my main OS for many years now. Until this thread about the removal of acroread, I didn't even know we had Acrobad Reader available in the distribution evince has proven more than satisfactory for all of the online/semi online/offline PDF forms I've had to deal with, which coincidentally been quite a few in the last weeks. Form filling, saving, printing, all fine. I've only ever come across *one* form that worked 'better' in acroread than evince, and this was a cosmetic glitch with an informative banner that did not need to be submitted or printed, not a functional problem. So, for pure reasons of sanity, can we please stop spawning new threads about acroread? If there is anything more to be discussed on the topic, and I think that's questionable, then I would recommend the 'No more acroread?' thread. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Hello, On Nov 7 15:07 Richard Brown wrote (excerpt):
I've used openSUSE as my main OS for many years now. Until this thread about the removal of acroread, I didn't even know we had Acrobad Reader available in the distribution
evince has proven more than satisfactory for all of the online/semi online/offline PDF forms I've had to deal with, which coincidentally been quite a few in the last weeks. Form filling, saving, printing, all fine.
Lucky you! Perhaps even most users never need the Adobe Reader. But there is a constant (relatively low) level of incoming bugs where printing some PDFs fails and then usually printing that PDFs from the Adobe Reader works. See the "Background information" in https://bugzilla.novell.com/show_bug.cgi?id=838487#c7 The latest issue is https://bugzilla.novell.com/show_bug.cgi?id=848493 FYI: Personally I do not care if openSUSE povides this or that kind of non-free software - personally I could help myself. Kind Regards Johannes Meixner -- SUSE LINUX Products GmbH -- Maxfeldstrasse 5 -- 90409 Nuernberg -- Germany HRB 16746 (AG Nuernberg) GF: Jeff Hawn, Jennifer Guild, Felix Imendoerffer -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Hello, On Nov 7 15:59 Johannes Meixner wrote (excerpt):
... there is a constant (relatively low) level of incoming bugs where printing some PDFs fails and then usually printing that PDFs from the Adobe Reader works.
I missed https://bugzilla.novell.com/show_bug.cgi?id=843835 and its OBS request 202001 https://build.opensuse.org/request/show/202001 I fully agree to drop such kind of software and I fully agree with http://lists.opensuse.org/opensuse-factory/2013-11/msg00222.html Kind Regards Johannes Meixner -- SUSE LINUX Products GmbH -- Maxfeldstrasse 5 -- 90409 Nuernberg -- Germany HRB 16746 (AG Nuernberg) GF: Jeff Hawn, Jennifer Guild, Felix Imendoerffer -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Richard Brown wrote:
So, for pure reasons of sanity, can we please stop spawning new threads about acroread?
I created a new thread precisely for sanity. The original thread morphed into something else.
If there is anything more to be discussed on the topic, and I think that's questionable, then I would recommend the 'No more acroread?' thread.
Surely you meant the "Requesting people to test RC1 of RC2 or whatever" thread. -- Per Jessen, Zürich (13.8°C) http://www.hostsuisse.com/ - dedicated server rental in Switzerland. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
* Per Jessen <per@computer.org> [2013-11-07 14:31]:
I think we ought to keep acroread in the distro simply because it's about usability. The current suggestions:
a) download it from adobe yourself b) use something else
are not good enough. If (a) was a real solution, why are we building building a distro at all. (b) is not a solution because there is no 100% replacement for acroread.
By removing acroread, we are sacrificing critical usability because of a rule about unmaintained software. I suggest we reconsider and wait until the alternatives have caught up. Once we have a mature plug-compatible alternative, we can remove acroread.
It's not only unmaintained but unmaintained closed-source software which means at the point in time it becomes unmaintained upstream it turns into a time bomb. The next time security vulnerabilities are discovered in the Acrobat Reader on other platforms Adobe will not evaluate it on Linux, issue a notification and update to fix the issue and nobody else will be able to either. OTOH potential attackers will take notice if we ship an unmaintained and vulnerable version and happily exploit that. And this is harmful and a disservice to our users and the distro, wheN using openSUSE users should be confident that we are making our best effort to keep them safe. And I agree that poppler sucks, rendering of scaled bitmaps is horrible, form and js support aren't up to par, there is no signature verification etc. Unfortunately it seems to be "good enough" for most people, so without competition or a potent sponsor we'll likely be stuck with a mediocre solution. mupdf has some improvements but unfortunately brings its own share of problems (e.g. license, no dynamic linking, lack of real thread-safety). -- Guido Berhoerster -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On 11/7/2013 8:31 AM, Per Jessen wrote:
I think we ought to keep acroread in the distro simply because it's about usability. The current suggestions:
a) download it from adobe yourself b) use something else
are not good enough. If (a) was a real solution, why are we building building a distro at all. (b) is not a solution because there is no 100% replacement for acroread.
By removing acroread, we are sacrificing critical usability because of a rule about unmaintained software. I suggest we reconsider and wait until the alternatives have caught up. Once we have a mature plug-compatible alternative, we can remove acroread.
package up a download-and-install-the-fly script surely acroread is no more unmaintained than microsoft true type fonts from 15 years ago? -- bkw -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Brian K. White - 21:03 7.11.13 wrote:
On 11/7/2013 8:31 AM, Per Jessen wrote:
I think we ought to keep acroread in the distro simply because it's about usability. The current suggestions:
a) download it from adobe yourself b) use something else
are not good enough. If (a) was a real solution, why are we building building a distro at all. (b) is not a solution because there is no 100% replacement for acroread.
By removing acroread, we are sacrificing critical usability because of a rule about unmaintained software. I suggest we reconsider and wait until the alternatives have caught up. Once we have a mature plug-compatible alternative, we can remove acroread.
package up a download-and-install-the-fly script
surely acroread is no more unmaintained than microsoft true type fonts from 15 years ago?
But software that renders them is maintained ;-) -- Michal HRUSECKY SUSE LINUX, s.r.o. openSUSE Team Lihovarska 1060/12 PGP 0xFED656F6 19000 Praha 9 mhrusecky[at]suse.cz Czech Republic http://michal.hrusecky.net http://www.suse.cz -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Btw. I tested the newest adobe reader with wine. The installer hangs, I extracted the content of the *exe and ran AcroRd32 which worked so the GUI is ok but actually I did not manage to open a .pdf with it, I get an error which I suspect is because I skipped the installation. But there is another free windows pdf reader called foxit which does all that (signing, printing, all the forms). Just tried it. Download, install, start, editing pdf. No problem with wine. 2013/11/8 Michal Hrusecky <mhrusecky@suse.cz>:
Brian K. White - 21:03 7.11.13 wrote:
On 11/7/2013 8:31 AM, Per Jessen wrote:
I think we ought to keep acroread in the distro simply because it's about usability. The current suggestions:
a) download it from adobe yourself b) use something else
are not good enough. If (a) was a real solution, why are we building building a distro at all. (b) is not a solution because there is no 100% replacement for acroread.
By removing acroread, we are sacrificing critical usability because of a rule about unmaintained software. I suggest we reconsider and wait until the alternatives have caught up. Once we have a mature plug-compatible alternative, we can remove acroread.
package up a download-and-install-the-fly script
surely acroread is no more unmaintained than microsoft true type fonts from 15 years ago?
But software that renders them is maintained ;-)
-- Michal HRUSECKY SUSE LINUX, s.r.o. openSUSE Team Lihovarska 1060/12 PGP 0xFED656F6 19000 Praha 9 mhrusecky[at]suse.cz Czech Republic http://michal.hrusecky.net http://www.suse.cz -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Fri, Nov 08, 2013 at 08:09:03AM +0000, Damian Ivanov wrote:
Btw. I tested the newest adobe reader with wine. The installer hangs, I extracted the content of the *exe and ran AcroRd32 which worked so the GUI is ok but actually I did not manage to open a .pdf with it, I get an error which I suspect is because I skipped the installation.
But there is another free windows pdf reader called foxit which does all that (signing, printing, all the forms). Just tried it. Download, install, start, editing pdf. No problem with wine.
Thanks for beeing constructive. Would you mind to create some wiki page, which can contain all those information regarding PDF readers (incl wine section)? Regards Michal Vyskocil
2013/11/8 Michal Hrusecky <mhrusecky@suse.cz>:
Brian K. White - 21:03 7.11.13 wrote:
On 11/7/2013 8:31 AM, Per Jessen wrote:
I think we ought to keep acroread in the distro simply because it's about usability. The current suggestions:
a) download it from adobe yourself b) use something else
are not good enough. If (a) was a real solution, why are we building building a distro at all. (b) is not a solution because there is no 100% replacement for acroread.
By removing acroread, we are sacrificing critical usability because of a rule about unmaintained software. I suggest we reconsider and wait until the alternatives have caught up. Once we have a mature plug-compatible alternative, we can remove acroread.
package up a download-and-install-the-fly script
surely acroread is no more unmaintained than microsoft true type fonts from 15 years ago?
But software that renders them is maintained ;-)
-- Michal HRUSECKY SUSE LINUX, s.r.o. openSUSE Team Lihovarska 1060/12 PGP 0xFED656F6 19000 Praha 9 mhrusecky[at]suse.cz Czech Republic http://michal.hrusecky.net http://www.suse.cz -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday, 2013-11-08 at 13:03 +0100, Michal Vyskocil wrote:
On Fri, Nov 08, 2013 at 08:09:03AM +0000, Damian Ivanov wrote:
But there is another free windows pdf reader called foxit which does all that (signing, printing, all the forms). Just tried it. Download, install, start, editing pdf. No problem with wine.
I tested it. Signature check fails. Dunno if something is missing or faulty, or simply does not work in Wine.
Thanks for beeing constructive. Would you mind to create some wiki page, which can contain all those information regarding PDF readers (incl wine section)?
It has been created: <http://en.opensuse.org/Adobe_Reader> - -- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlKEKnUACgkQtTMYHG2NR9U9mwCfSOvEwQQ68Ym1Zonirr/v6Aiy UrwAn2SsgYK9jTBIQO/ruOprajfeU/ra =WaEd -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Thu, 14 Nov 2013 02:42, Carlos E. R. <robin.listas@...> wrote:
On Friday, 2013-11-08 at 13:03 +0100, Michal Vyskocil wrote:
On Fri, Nov 08, 2013 at 08:09:03AM +0000, Damian Ivanov wrote:
But there is another free windows pdf reader called foxit which does all that (signing, printing, all the forms). Just tried it. Download, install, start, editing pdf. No problem with wine.
I tested it. Signature check fails. Dunno if something is missing or faulty, or simply does not work in Wine.
Hmmm, poking around there, it seems that FoxIt tries to use the Mircosoft Windows provided "Signature-Store", which is NOT available in wine. Background: MS-Windows provides a OS managed certification framework, some apps use that, some provide their own. E.g. Mozilla products bring and use their own, Apple products use the OS (MS-Win or OS-X / IOS ) provided framework. That's my guess based on the api-calls I've traced. - Yamaban. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Wed, Nov 13, 2013 at 10:59 PM, Yamaban <foerster@lisas.de> wrote:
On Thu, 14 Nov 2013 02:42, Carlos E. R. <robin.listas@...> wrote:
On Friday, 2013-11-08 at 13:03 +0100, Michal Vyskocil wrote:
On Fri, Nov 08, 2013 at 08:09:03AM +0000, Damian Ivanov wrote:
But there is another free windows pdf reader called foxit which does all that (signing, printing, all the forms). Just tried it. Download, install, start, editing pdf. No problem with wine.
I tested it. Signature check fails. Dunno if something is missing or faulty, or simply does not work in Wine.
Hmmm, poking around there, it seems that FoxIt tries to use the Mircosoft Windows provided "Signature-Store", which is NOT available in wine.
Background: MS-Windows provides a OS managed certification framework, some apps use that, some provide their own.
E.g. Mozilla products bring and use their own, Apple products use the OS (MS-Win or OS-X / IOS ) provided framework.
That's my guess based on the api-calls I've traced.
I guess wine could and should provide the store. That's a bug report/feature request/patch waiting to happen. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Thu, 14 Nov 2013 03:11, Claudio Freire <klaussfreire@...> wrote:
On Wed, Nov 13, 2013 at 10:59 PM, Yamaban <foerster@lisas.de> wrote:
On Thu, 14 Nov 2013 02:42, Carlos E. R. <robin.listas@...> wrote:
On Friday, 2013-11-08 at 13:03 +0100, Michal Vyskocil wrote:
On Fri, Nov 08, 2013 at 08:09:03AM +0000, Damian Ivanov wrote:
But there is another free windows pdf reader called foxit which does all that (signing, printing, all the forms). Just tried it. Download, install, start, editing pdf. No problem with wine.
I tested it. Signature check fails. Dunno if something is missing or faulty, or simply does not work in Wine.
Hmmm, poking around there, it seems that FoxIt tries to use the Mircosoft Windows provided "Signature-Store", which is NOT available in wine.
Background: MS-Windows provides a OS managed certification framework, some apps use that, some provide their own.
That's my guess based on the api-calls I've traced.
I guess wine could and should provide the store. That's a bug report/feature request/patch waiting to happen.
Uh-uh that's a no-no! Big BAD can of worms! A small soft firm (microsoft) will send their lawers to happily and readily roast you over coals if you try to touch their "Signature-Store" technology. What wine could do would be presenting a api that redirects / rewrites the calls to openssl / or similar cert-proving software available in the underlaying system. So, it's no bug, but a non-implemented feature due to legal concerns and no direct need so far. That also the background why proving a ssl-cert in IE under wine does not work. - Yamaban. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Wed, Nov 13, 2013 at 11:59 PM, Yamaban <foerster@lisas.de> wrote:
Uh-uh that's a no-no! Big BAD can of worms! A small soft firm (microsoft) will send their lawers to happily and readily roast you over coals if you try to touch their "Signature-Store" technology.
What wine could do would be presenting a api that redirects / rewrites the calls to openssl / or similar cert-proving software available in the underlaying system.
So, it's no bug, but a non-implemented feature due to legal concerns and no direct need so far.
I don't see how certificate store API would be any legally gray-er than the rest of windows ABI, but I'm no lawyer. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Thu, Nov 14, 2013 at 01:03:33AM -0200, Claudio Freire wrote:
On Wed, Nov 13, 2013 at 11:59 PM, Yamaban <foerster@lisas.de> wrote:
Uh-uh that's a no-no! Big BAD can of worms! A small soft firm (microsoft) will send their lawers to happily and readily roast you over coals if you try to touch their "Signature-Store" technology.
What wine could do would be presenting a api that redirects / rewrites the calls to openssl / or similar cert-proving software available in the underlaying system.
So, it's no bug, but a non-implemented feature due to legal concerns and no direct need so far.
I don't see how certificate store API would be any legally gray-er than the rest of windows ABI, but I'm no lawyer.
wine does implement parts of various cryptographic apis already, so its generally possible. I just dont know exactly what Foxit uses there. Wine APPDB entry for all versions known: http://appdb.winehq.org/objectManager.php?sClass=application&iId=4060 Ciao, Marcus -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Hi, as said few times in thread already, Acrobat is not coming back, can we stop this flame now? Or take it to Adobe ;-) -- Michal HRUSECKY SUSE LINUX, s.r.o. openSUSE Team Lihovarska 1060/12 PGP 0xFED656F6 19000 Praha 9 mhrusecky[at]suse.cz Czech Republic http://michal.hrusecky.net http://www.suse.cz -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday, 2013-11-08 at 11:43 +0100, Michal Hrusecky wrote:
as said few times in thread already, Acrobat is not coming back, can we stop this flame now? Or take it to Adobe ;-)
Wasn't this a community? Or is it a dictatorship? :-? - -- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlJ86Q8ACgkQtTMYHG2NR9VIiQCfXQ2yZPvvLVvHFS5brF1okQsX 8QEAoIEwFiCk0SOKhFkQl9hDOSiLXTMA =oOwW -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Dne Pá 8. listopadu 2013 14:37:19, Carlos E. R. napsal(a):
On Friday, 2013-11-08 at 11:43 +0100, Michal Hrusecky wrote:
as said few times in thread already, Acrobat is not coming back, can we stop this flame now? Or take it to Adobe ;-)
Wasn't this a community? Or is it a dictatorship? :-?
-- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar)
Carlos, this is definitely community driven technical channel. But as I say it is technical one, you are not supposed to start vote about You are supposed to use this list for these tasks: 1) announce major changes in components (yast move to ruby, etc) 2) query about technical issues you are uncertain of (if they are relevant for whole distro not just for some part, where you should ask the team there directly) 3) discussion about technical proposals (eg change of process how to store spec files) I don't see your complaining about acroread being up par at all, you are actually just wasting time of numerous people that have to go over your mails to get to the relevant ones. There were few quite constructive in the whole thread, proposal of mupdf and some testing with wine/etc. which should be afterwards moved to wiki and no longer be discussed here. So please take your time to think of your actions and realise we have to read this in order to be able to react to relevant mails. I know coolo gave up on this list and just blatanly ignores some people, but I honestly think we should have less chit-chat like this around and more up-par list where people could subscribe to see only the problems of importance. Cheers Tom
Tomáš Chvátal wrote:
Dne Pá 8. listopadu 2013 14:37:19, Carlos E. R. napsal(a):
On Friday, 2013-11-08 at 11:43 +0100, Michal Hrusecky wrote:
as said few times in thread already, Acrobat is not coming back, can we stop this flame now? Or take it to Adobe ;-)
Wasn't this a community? Or is it a dictatorship? :-?
-- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar)
Carlos,
this is definitely community driven technical channel. But as I say it is technical one, you are not supposed to start vote about
You are supposed to use this list for these tasks:
1) announce major changes in components (yast move to ruby, etc) 2) query about technical issues you are uncertain of (if they are relevant for whole distro not just for some part, where you should ask the team there directly) 3) discussion about technical proposals (eg change of process how to store spec files)
Where do you suggest we go to discuss e.g. policy and distro content? This is currently the best suited list, imho. -- Per Jessen, Zürich (14.6°C) http://www.hostsuisse.com/ - dedicated server rental in Switzerland. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Dne Pá 8. listopadu 2013 16:33:36, Per Jessen napsal(a):
Where do you suggest we go to discuss e.g. policy and distro content? This is currently the best suited list, imho.
But you are NOT discussing policies. You are whining about removal of one particular package. Which was removed in accordance of all the security rules and with blessing from release team. Don't know how more by the book change you want to have. If you want to change/discuss the security policy you are more than welcome to do so, but I guess it won't have much chance for approval as the current one is really sensible. If you just feel offended about the fact we removed your favorite and popular application after the vendor stopped providing support for it then I suggest you bring it forward to the vendor of the named software. Cheers Tom
Tomáš Chvátal wrote:
Dne Pá 8. listopadu 2013 16:33:36, Per Jessen napsal(a):
Where do you suggest we go to discuss e.g. policy and distro content? This is currently the best suited list, imho.
But you are NOT discussing policies.
I beg to differ.
You are whining about removal of one particular package.
Please be civil. I simply made a proposal to focus on usability for our users. Personally I have no issue with downloading directly from Adobe (as long as it lasts) and tightening my environment with apparmor.
If you just feel offended about the fact we removed your favorite and popular application after the vendor stopped providing support for it then I suggest you bring it forward to the vendor of the named software.
No, I am not offended, I am merely puzzled by the lack of consideration for the openSUSE user. -- Per Jessen, Zürich (14.4°C) http://www.hostsuisse.com/ - dedicated server rental in Switzerland. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday, 2013-11-08 at 16:58 +0100, Per Jessen wrote:
You are whining about removal of one particular package.
Please be civil. I simply made a proposal to focus on usability for our users. Personally I have no issue with downloading directly from Adobe (as long as it lasts) and tightening my environment with apparmor.
I agree.
If you just feel offended about the fact we removed your favorite and popular application after the vendor stopped providing support for it then I suggest you bring it forward to the vendor of the named software.
No, I am not offended, I am merely puzzled by the lack of consideration for the openSUSE user.
Me too. :-| - -- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlJ9IjMACgkQtTMYHG2NR9XMRQCgkb6pKZORt0m7KdNMl8up0ZPV jHcAmwXfSTlamMd/mLiAz1fRMy6+yI/B =oNwP -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On 11/08/2013 11:41 AM, Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Friday, 2013-11-08 at 16:58 +0100, Per Jessen wrote:
You are whining about removal of one particular package.
Please be civil. I simply made a proposal to focus on usability for our users. Personally I have no issue with downloading directly from Adobe (as long as it lasts) and tightening my environment with apparmor.
I agree.
If you just feel offended about the fact we removed your favorite and popular application after the vendor stopped providing support for it then I suggest you bring it forward to the vendor of the named software.
No, I am not offended, I am merely puzzled by the lack of consideration for the openSUSE user.
Me too. :-|
I disagree. The decision is a sign of consideration for the openSUSE user. Remember that Adobe Reader is being maintained on Windows but not on Linux. Every fix for Windows becomes a roadmap on how to exploit the Linux version, which likely has the same security hole. The people on this list have the necessary information for evaluating the risk and avoiding any problems like this, but can you say that for the average user? If you really want to run Adobe Reader, install any suitable flavor of Windows in a Virtual Machine, share your entire Linux disk with that VM, and boot it when you need to process a PDF that okular cannot handle. That way, you can handle the PDF without needing to shut down Linux. I use that method to handle 2 programs that do not run under wine. For simplicity, my VM is Windows XP. My wife runs Windows 7 and has a VM containing Windows XP so that she can run an Office 97 database program that fails on a 64-bit OS. If she can handle this, you certainly will be able to do so. Larry -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Larry Finger wrote:
On 11/08/2013 11:41 AM, Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Friday, 2013-11-08 at 16:58 +0100, Per Jessen wrote:
You are whining about removal of one particular package.
Please be civil. I simply made a proposal to focus on usability for our users. Personally I have no issue with downloading directly from Adobe (as long as it lasts) and tightening my environment with apparmor.
I agree.
If you just feel offended about the fact we removed your favorite and popular application after the vendor stopped providing support for it then I suggest you bring it forward to the vendor of the named software.
No, I am not offended, I am merely puzzled by the lack of consideration for the openSUSE user.
Me too. :-|
I disagree. The decision is a sign of consideration for the openSUSE user. The people on this list have the necessary information for evaluating the risk and avoiding any problems like this, but can you say that for the average user? If you really want to run Adobe Reader, install any suitable flavor of Windows in a Virtual Machine, share your entire Linux disk with that VM, and boot it when you need to process a PDF that okular cannot handle.
Larry, that is just not a viable alternative for the average user to whom we should be catering. To anyone technically able, the lack of acroread will only become a problem when it is no longer available for download or no longer runs on one's distro. I can work with that for my purposes until open-source alternatives have (hopefully) matured sufficiently, but Joe Bloggs and his grandmum cannot. I am repeating myself, but I remain puzzled by the lack of consideration for the openSUSE user, average or otherwise. I sincerely hope we/openSUSE are not turning into an ivory tower. -- Per Jessen, Zürich (13.8°C) http://www.hostsuisse.com/ - dedicated server rental in Switzerland. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Fri, Nov 8, 2013 at 4:56 PM, Per Jessen <per@computer.org> wrote:
I disagree. The decision is a sign of consideration for the openSUSE user. The people on this list have the necessary information for evaluating the risk and avoiding any problems like this, but can you say that for the average user? If you really want to run Adobe Reader, install any suitable flavor of Windows in a Virtual Machine, share your entire Linux disk with that VM, and boot it when you need to process a PDF that okular cannot handle.
Larry, that is just not a viable alternative for the average user to whom we should be catering. To anyone technically able, the lack of acroread will only become a problem when it is no longer available for download or no longer runs on one's distro. I can work with that for my purposes until open-source alternatives have (hopefully) matured sufficiently, but Joe Bloggs and his grandmum cannot. I am repeating myself, but I remain puzzled by the lack of consideration for the openSUSE user, average or otherwise. I sincerely hope we/openSUSE are not turning into an ivory tower.
It's not a lack of concern, it's a lack of power. Adobe withdrew support. It's their software, their license. openSuse cannot ship software with known security holes by default. That's simply a disservice. The effective risk (way beyond potential at this point) far outweights any potential benefit. Malware attacks the vector with the least resistance, and up till now, that has usually been windows. But if openSuse starts shipping software with known vulnerabilities, that will change, and openSuse will be the best target. That's simply unacceptable. AppArmor, or a VM even, cannot compensate insecure software. It mitigates, but it does not compensate. There have been POC on how to compromise the host of a VM by compromising the VM itself as a pivoting point. So the only alternative left to OSS is the slow and painful one: build support for the missing features on the OS alternatives. If mupdf is promising, a mupdf frontend is only a natural step. I just wonder how much of an attack vector mupdf is, compared to adobe's software. I bet that hasn't been analyzed with any depth yet. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Claudio Freire wrote:
On Fri, Nov 8, 2013 at 4:56 PM, Per Jessen <per@computer.org> wrote:
I disagree. The decision is a sign of consideration for the openSUSE user. The people on this list have the necessary information for evaluating the risk and avoiding any problems like this, but can you say that for the average user? If you really want to run Adobe Reader, install any suitable flavor of Windows in a Virtual Machine, share your entire Linux disk with that VM, and boot it when you need to process a PDF that okular cannot handle.
Larry, that is just not a viable alternative for the average user to whom we should be catering. To anyone technically able, the lack of acroread will only become a problem when it is no longer available for download or no longer runs on one's distro. I can work with that for my purposes until open-source alternatives have (hopefully) matured sufficiently, but Joe Bloggs and his grandmum cannot. I am repeating myself, but I remain puzzled by the lack of consideration for the openSUSE user, average or otherwise. I sincerely hope we/openSUSE are not turning into an ivory tower.
It's not a lack of concern, it's a lack of power.
Adobe withdrew support. It's their software, their license.
Did they withdraw the license for us/openSUSE to ship it? If we are prematurely withdrawing acroread from the distro, we are showing an utter lack of concern for our users. I presume acroread already has known security holes, but for those average users with a genuine need, surely we should let them chose their poison rather than just take it away. Just like with cigarettes and alcohol, put a big label on acroread saying "dangerous/poisonous/deprecated/unsupported". What's wrong with that?
AppArmor, or a VM even, cannot compensate insecure software. It mitigates, but it does not compensate.
Agree. I don't think anyone suggested otherwise.
So the only alternative left to OSS is the slow and painful one: build support for the missing features on the OS alternatives.
It is most unfortunate that we have not succeeded in this sofar, but it is not a reason to drop our average users in it in the deep end. IMHO. -- Per Jessen, Zürich (13.2°C) http://www.hostsuisse.com/ - dedicated server rental in Switzerland. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Per Jessen - 21:40 8.11.13 wrote:
Claudio Freire wrote:
On Fri, Nov 8, 2013 at 4:56 PM, Per Jessen <per@computer.org> wrote:
I disagree. The decision is a sign of consideration for the openSUSE user. The people on this list have the necessary information for evaluating the risk and avoiding any problems like this, but can you say that for the average user? If you really want to run Adobe Reader, install any suitable flavor of Windows in a Virtual Machine, share your entire Linux disk with that VM, and boot it when you need to process a PDF that okular cannot handle.
Larry, that is just not a viable alternative for the average user to whom we should be catering. To anyone technically able, the lack of acroread will only become a problem when it is no longer available for download or no longer runs on one's distro. I can work with that for my purposes until open-source alternatives have (hopefully) matured sufficiently, but Joe Bloggs and his grandmum cannot. I am repeating myself, but I remain puzzled by the lack of consideration for the openSUSE user, average or otherwise. I sincerely hope we/openSUSE are not turning into an ivory tower.
It's not a lack of concern, it's a lack of power.
Adobe withdrew support. It's their software, their license.
Did they withdraw the license for us/openSUSE to ship it? If we are prematurely withdrawing acroread from the distro, we are showing an utter lack of concern for our users. I presume acroread already has known security holes, but for those average users with a genuine need, surely we should let them chose their poison rather than just take it away. Just like with cigarettes and alcohol, put a big label on acroread saying "dangerous/poisonous/deprecated/unsupported". What's wrong with that?
As repeated over and over again - unmaintained and with security holes = doesn't belong to the distro. If you don't like it and would like to have everything inside, make a proposal to change a policy to what you think is a better one (the one that includes dangerous software). Or create repo that includes Acrobat, trojans and other weird stuff. Stop flaming about how much do you miss Acrobat or take your flame somewhere where they can change something about Acrobat support on Linux - swamp Adobe mail support.
AppArmor, or a VM even, cannot compensate insecure software. It mitigates, but it does not compensate.
Agree. I don't think anyone suggested otherwise.
So the only alternative left to OSS is the slow and painful one: build support for the missing features on the OS alternatives.
It is most unfortunate that we have not succeeded in this sofar, but it is not a reason to drop our average users in it in the deep end. IMHO.
-- Michal HRUSECKY SUSE LINUX, s.r.o. openSUSE Team Lihovarska 1060/12 PGP 0xFED656F6 19000 Praha 9 mhrusecky[at]suse.cz Czech Republic http://michal.hrusecky.net http://www.suse.cz -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Michal Hrusecky wrote:
Per Jessen - 21:40 8.11.13 wrote:
Claudio Freire wrote:
On Fri, Nov 8, 2013 at 4:56 PM, Per Jessen <per@computer.org> wrote:
I disagree. The decision is a sign of consideration for the openSUSE user. The people on this list have the necessary information for evaluating the risk and avoiding any problems like this, but can you say that for the average user? If you really want to run Adobe Reader, install any suitable flavor of Windows in a Virtual Machine, share your entire Linux disk with that VM, and boot it when you need to process a PDF that okular cannot handle.
Larry, that is just not a viable alternative for the average user to whom we should be catering. To anyone technically able, the lack of acroread will only become a problem when it is no longer available for download or no longer runs on one's distro. I can work with that for my purposes until open-source alternatives have (hopefully) matured sufficiently, but Joe Bloggs and his grandmum cannot. I am repeating myself, but I remain puzzled by the lack of consideration for the openSUSE user, average or otherwise. I sincerely hope we/openSUSE are not turning into an ivory tower.
It's not a lack of concern, it's a lack of power.
Adobe withdrew support. It's their software, their license.
Did they withdraw the license for us/openSUSE to ship it? If we are prematurely withdrawing acroread from the distro, we are showing an utter lack of concern for our users. I presume acroread already has known security holes, but for those average users with a genuine need, surely we should let them chose their poison rather than just take it away. Just like with cigarettes and alcohol, put a big label on acroread saying "dangerous/poisonous/deprecated/unsupported". What's wrong with that?
As repeated over and over again - unmaintained and with security holes = doesn't belong to the distro. If you don't like it and would like to have everything inside, make a proposal to change a policy to what you think is a better one (the one that includes dangerous software).
See $SUBJ. -- Per Jessen, Zürich (4.1°C) http://www.hostsuisse.com/ - dedicated server rental in Switzerland. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Per Jessen - 20:12 11.11.13 wrote:
Michal Hrusecky wrote:
...
See $SUBJ.
Whining for policy exception for something that can't happen now anyway :-) -- Michal HRUSECKY SUSE LINUX, s.r.o. openSUSE Team Lihovarska 1060/12 PGP 0xFED656F6 19000 Praha 9 mhrusecky[at]suse.cz Czech Republic http://michal.hrusecky.net http://www.suse.cz -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Michal Hrusecky wrote:
Per Jessen - 20:12 11.11.13 wrote:
Michal Hrusecky wrote:
...
See $SUBJ.
Whining for policy exception for something that can't happen now anyway :-)
Will you please stop "whining" yourself. I was in no way "whining" about anything, I was making a suggestion. -- Per Jessen, Zürich (4.2°C) http://www.hostsuisse.com/ - dedicated server rental in Switzerland. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Fri, Nov 8, 2013 at 5:40 PM, Per Jessen <per@computer.org> wrote:
Claudio Freire wrote:
On Fri, Nov 8, 2013 at 4:56 PM, Per Jessen <per@computer.org> wrote:
I disagree. The decision is a sign of consideration for the openSUSE user. The people on this list have the necessary information for evaluating the risk and avoiding any problems like this, but can you say that for the average user? If you really want to run Adobe Reader, install any suitable flavor of Windows in a Virtual Machine, share your entire Linux disk with that VM, and boot it when you need to process a PDF that okular cannot handle.
Larry, that is just not a viable alternative for the average user to whom we should be catering. To anyone technically able, the lack of acroread will only become a problem when it is no longer available for download or no longer runs on one's distro. I can work with that for my purposes until open-source alternatives have (hopefully) matured sufficiently, but Joe Bloggs and his grandmum cannot. I am repeating myself, but I remain puzzled by the lack of consideration for the openSUSE user, average or otherwise. I sincerely hope we/openSUSE are not turning into an ivory tower.
It's not a lack of concern, it's a lack of power.
Adobe withdrew support. It's their software, their license.
Did they withdraw the license for us/openSUSE to ship it? If we are prematurely withdrawing acroread from the distro, we are showing an utter lack of concern for our users. I presume acroread already has known security holes, but for those average users with a genuine need, surely we should let them chose their poison rather than just take it away. Just like with cigarettes and alcohol, put a big label on acroread saying "dangerous/poisonous/deprecated/unsupported". What's wrong with that?
Their license disallows modifications of the software. That means we could not apply security patches even if we had a way to patch the binary (say with reverse engineering or whatever). Acroread may have known security holes. What makes it unacceptable as a package now, and not before, is that now we KNOW those holes won't be plugged. Ever. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On 11/08/2013 02:56 PM, Per Jessen pecked at the keyboard and wrote:
Larry Finger wrote:
On 11/08/2013 11:41 AM, Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Friday, 2013-11-08 at 16:58 +0100, Per Jessen wrote:
You are whining about removal of one particular package.
Please be civil. I simply made a proposal to focus on usability for our users. Personally I have no issue with downloading directly from Adobe (as long as it lasts) and tightening my environment with apparmor.
I agree.
If you just feel offended about the fact we removed your favorite and popular application after the vendor stopped providing support for it then I suggest you bring it forward to the vendor of the named software.
No, I am not offended, I am merely puzzled by the lack of consideration for the openSUSE user.
Me too. :-|
I disagree. The decision is a sign of consideration for the openSUSE user. The people on this list have the necessary information for evaluating the risk and avoiding any problems like this, but can you say that for the average user? If you really want to run Adobe Reader, install any suitable flavor of Windows in a Virtual Machine, share your entire Linux disk with that VM, and boot it when you need to process a PDF that okular cannot handle.
Larry, that is just not a viable alternative for the average user to whom we should be catering. To anyone technically able, the lack of acroread will only become a problem when it is no longer available for download or no longer runs on one's distro. I can work with that for my purposes until open-source alternatives have (hopefully) matured sufficiently, but Joe Bloggs and his grandmum cannot. I am repeating myself, but I remain puzzled by the lack of consideration for the openSUSE user, average or otherwise. I sincerely hope we/openSUSE are not turning into an ivory tower.
Does Microsoft supply Acrobat Reader to it's user base? The obvious answer is no, so how do the MS users get it installed on their PC's? They install it on their own. Just be thankful the openSUSE has been providing it via a repo for a number of years. -- Ken Schneider SuSe since Version 5.2, June 1998 -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday, 2013-11-08 at 17:05 -0500, Ken Schneider - openSUSE wrote:
Does Microsoft supply Acrobat Reader to it's user base? The obvious answer is no, so how do the MS users get it installed on their PC's? They install it on their own. Just be thankful the openSUSE has been providing it via a repo for a number of years.
There is a difference. openSUSE provides all the software as part of the distribution, like firefox, libreoffice, gimp... Windows does not ditribute those, either. We do. - -- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlJ9iMAACgkQtTMYHG2NR9VSJgCZATMWvHQ+Tr8CcGWsd9ep407L nvQAn2kexnRaYtDQ87KlcTes4z1r6ONl =DwU5 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Am 09.11.2013 01:58, schrieb Carlos E. R.:
On Friday, 2013-11-08 at 17:05 -0500, Ken Schneider - openSUSE wrote:
Does Microsoft supply Acrobat Reader to it's user base? The obvious answer is no, so how do the MS users get it installed on their PC's? They install it on their own. Just be thankful the openSUSE has been providing it via a repo for a number of years.
There is a difference. openSUSE provides all the software as part of the distribution, like firefox, libreoffice, gimp...
All the mentioned software that we provide is open source. Adobe crap is not. We should just drop all non-free stuff finally, to make it explicitly clear that something like this bikeshedding thread will not happen again. And again, all this has nothing to do with the topics of opensuse-factory as it is completely non-technical. -- Stefan Seyfried "Mit Außerirdischen, die nicht weiter gekommen sind als Microsoft und Apple, will ich persönlich nichts zu tun haben." -- Prof. Harald Lesch -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Saturday 09 November 2013 14:48:01 Stefan Seyfried wrote:
Does Microsoft supply Acrobat Reader to it's user base? The obvious answer is no, so how do the MS users get it installed on their PC's? They install it on their own. Just be thankful the openSUSE has been providing it via a repo for a number of years.
There is a difference. openSUSE provides all the software as part of the distribution, like firefox, libreoffice, gimp...
All the mentioned software that we provide is open source. Adobe crap is not.
We should just drop all non-free stuff finally, to make it explicitly clear that something like this bikeshedding thread will not happen again.
And again, all this has nothing to do with the topics of opensuse-factory as it is completely non-technical.
I know no open source PDF reader that supports subpixel hinting. I would say, write one first, then delete the non-free one. :-( -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Sun, 10 Nov 2013 06:36:24 +0400, Ilya Chernykh wrote:
I know no open source PDF reader that supports subpixel hinting. I would say, write one first, then delete the non-free one. :-(
How is that in any way a reasonable suggestion? That the openSUSE project "has" to write an OSS replacement for a proprietary piece of software that was included in the past - as a convenience to those who have come to rely on it - in order to drop it because the proprietary software company that makes it has decided not to support Linux properly? Go beat up on Adobe. It's their product, it's their closed/proprietary file format. It's not the openSUSE project's fault that Adobe decided Linux support wasn't important, and it's sure not the openSUSE project's job to fix Adobe's decision. Jim -- Jim Henderson Please keep on-topic replies on the list so everyone benefits -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
В Sun, 10 Nov 2013 04:50:05 +0000 (UTC) Jim Henderson <hendersj@gmail.com> пишет:
Go beat up on Adobe. It's their product, it's their closed/proprietary file format.
I thought that PDF spec are public. I even have one lying somewhere around. Do you mean that it is incomplete and Adobe is using more features than it publishes? -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Content-ID: <alpine.LNX.2.00.1311101508160.19793@Telcontar.valinor> On Sunday, 2013-11-10 at 09:04 +0400, Andrey Borzenkov wrote:
В Sun, 10 Nov 2013 04:50:05 +0000 (UTC) Jim Henderson <> пишет:
Go beat up on Adobe. It's their product, it's their closed/proprietary file format.
I thought that PDF spec are public. I even have one lying somewhere around. Do you mean that it is incomplete and Adobe is using more features than it publishes?
You are correct, it is ISO 32000, So it is not a proprietary format. See <http://en.wikipedia.org/wiki/Portable_Document_Format> for more details. However, while it is true that adobe adds proprietary things, they in time end in the standard. The XFA forms were published in 2009, with earlier specifications (see wikipedia table), all part of that ISO standard. There is no excuse for not fully supporting the standard in Linux. :-( - -- Cheers, Carlos E. R. (from 12.3 x86_64 "Dartmouth" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iEYEARECAAYFAlJ/k4sACgkQtTMYHG2NR9Wz5wCfaF+0JZPcM4YUNrAdDzvmmE0N xwQAni0QcloupDEyHh6Sfo7ft02R/zxF =jZwj -----END PGP SIGNATURE-----
On 2013-11-10 15:09 (GMT+0100) Carlos E. R. composed:
You are correct, it is ISO 32000, So it is not a proprietary format.
See <http://en.wikipedia.org/wiki/Portable_Document_Format> for more details. However, while it is true that adobe adds proprietary things, they in time end in the standard. The XFA forms were published in 2009, with earlier specifications (see wikipedia table), all part of that ISO standard.
There is no excuse for not fully supporting the standard in Linux. :-(
That support can be no better than ethereal, key words being "in time". Adobe continues to add features to Acrobat versions the document creators upgrade to like lemmings itching to feed their money to Adobe, and that take time to reach the spec and get incorporated into installed FOSS readers and plugins. -- "The wise are known for their understanding, and pleasant words are persuasive." Proverbs 16:21 (New Living Translation) Team OS/2 ** Reg. Linux User #211409 ** a11y rocks! Felix Miata *** http://fm.no-ip.com/ -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Sun, 10 Nov 2013 09:04:01 +0400, Andrey Borzenkov wrote:
В Sun, 10 Nov 2013 04:50:05 +0000 (UTC) Jim Henderson <hendersj@gmail.com> пишет:
Go beat up on Adobe. It's their product, it's their closed/proprietary file format.
I thought that PDF spec are public. I even have one lying somewhere around. Do you mean that it is incomplete and Adobe is using more features than it publishes?
If that's the case - and the full spec is in the wild, then take the problem of incomplete support to those who write PDF readers that lack the features you need. I still don't see how it's a reasonable position to state "since none of the other OSS PDF reader solutions are out there, the openSUSE project *MUST* continue to include a discontinued proprietary package or throw resources into solving a problem that applies to a small segment of users." Jim -- Jim Henderson Please keep on-topic replies on the list so everyone benefits -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On 2013-11-08 13:09 (GMT-0600) Larry Finger composed:
Every fix for Windows becomes a roadmap on how to exploit the Linux version, which likely has the same security hole.
Seriously, roadmap? Adobe announces details of every fix otherwise hidden in its close-source proprietaryware? Flag, maybe, but roadmap? Not yet mentioned that I've seen in the thread: Adobe still supports Mac OS X (x86 no less), right? Are Mac's BSD underpinnings so different from GNU/Linux that a way couldn't be found to use it in some way similar to how Windows apps can be run in Wine? -- "The wise are known for their understanding, and pleasant words are persuasive." Proverbs 16:21 (New Living Translation) Team OS/2 ** Reg. Linux User #211409 ** a11y rocks! Felix Miata *** http://fm.no-ip.com/ -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Friday 08 of November 2013 16:52:10 Tomáš Chvátal wrote:
Dne Pá 8. listopadu 2013 16:33:36, Per Jessen napsal(a):
Where do you suggest we go to discuss e.g. policy and distro content? This is currently the best suited list, imho.
But you are NOT discussing policies.
You are whining about removal of one particular package. Which was removed in accordance of all the security rules and with blessing from release team. Don't know how more by the book change you want to have.
If you want to change/discuss the security policy you are more than welcome to do so, but I guess it won't have much chance for approval as the current one is really sensible.
Wouldn't it be more sensible for everyone if the current version of acroread is preserved bundled with an extremely restricted apparmor profile? Namely no network access, no write access in user directories apart from the settings directories, no access to shell or other executables?
Cheers
Tom
Regards, Peter -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
* auxsvr@gmail.com <auxsvr@gmail.com> [2013-11-08 17:07]:
On Friday 08 of November 2013 16:52:10 Tomáš Chvátal wrote:
Dne Pá 8. listopadu 2013 16:33:36, Per Jessen napsal(a):
Where do you suggest we go to discuss e.g. policy and distro content? This is currently the best suited list, imho.
But you are NOT discussing policies.
You are whining about removal of one particular package. Which was removed in accordance of all the security rules and with blessing from release team. Don't know how more by the book change you want to have.
If you want to change/discuss the security policy you are more than welcome to do so, but I guess it won't have much chance for approval as the current one is really sensible.
Wouldn't it be more sensible for everyone if the current version of acroread is preserved bundled with an extremely restricted apparmor profile? Namely no network access, no write access in user directories apart from the settings directories, no access to shell or other executables?
No. Set up a kvm vm with no external network access, make a minimal X11 install of 12.3 with acroread, snapshot the image and use it indefinetly. (Of course with the adoption of new pdf features unsupported by the unmaintained acroread version it will become less and less useful over time). -- Guido Berhoerster -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On 11/8/2013 10:52 AM, Tomáš Chvátal wrote:
Dne Pá 8. listopadu 2013 16:33:36, Per Jessen napsal(a):
Where do you suggest we go to discuss e.g. policy and distro content? This is currently the best suited list, imho.
But you are NOT discussing policies.
You are whining about removal of one particular package. Which was removed in accordance of all the security rules and with blessing from release team. Don't know how more by the book change you want to have.
If you want to change/discuss the security policy you are more than welcome to do so, but I guess it won't have much chance for approval as the current one is really sensible.
If you just feel offended about the fact we removed your favorite and popular application after the vendor stopped providing support for it then I suggest you bring it forward to the vendor of the named software.
Cheers
Tom
You have it backwards. If you don't find this topic interesting, you should not participate in it. -- bkw -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Fri, 2013-11-08 at 13:04 -0500, Brian K. White wrote: <snip> He is correct in certainly one aspect: this discussion might better be done on the users-ML, instead of the __factory__ ML Hans -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Hans Witvliet wrote:
On Fri, 2013-11-08 at 13:04 -0500, Brian K. White wrote:
<snip> He is correct in certainly one aspect: this discussion might better be done on the users-ML, instead of the __factory__ ML
The discussion concerns a yet-to-be-released version of openSUSE. Where better than here. -- Per Jessen, Zürich (13.3°C) http://www.hostsuisse.com/ - dedicated server rental in Switzerland. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Per Jessen - 21:41 8.11.13 wrote:
Hans Witvliet wrote:
On Fri, 2013-11-08 at 13:04 -0500, Brian K. White wrote:
<snip> He is correct in certainly one aspect: this discussion might better be done on the users-ML, instead of the __factory__ ML
The discussion concerns a yet-to-be-released version of openSUSE. Where better than here.
The discussion is far of off-topic flame and discusses how to handle weird forms that you might encounter and how people love closed source unmaintained software that nobody can fix and is known to be buggy. This is in no sense *TECHNICAL* discussion. Apart from that, 13.1 is locked as coolo announced, so 13.1 is not accepting even updates now, only maintenance updates, so no new packages now. -- Michal HRUSECKY SUSE LINUX, s.r.o. openSUSE Team Lihovarska 1060/12 PGP 0xFED656F6 19000 Praha 9 mhrusecky[at]suse.cz Czech Republic http://michal.hrusecky.net http://www.suse.cz -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On 11/8/2013 4:09 PM, Michal Hrusecky wrote:
Per Jessen - 21:41 8.11.13 wrote:
Hans Witvliet wrote:
On Fri, 2013-11-08 at 13:04 -0500, Brian K. White wrote:
<snip> He is correct in certainly one aspect: this discussion might better be done on the users-ML, instead of the __factory__ ML
The discussion concerns a yet-to-be-released version of openSUSE. Where better than here.
The discussion is far of off-topic flame and discusses how to handle weird forms that you might encounter and how people love closed source unmaintained software that nobody can fix and is known to be buggy. This is in no sense *TECHNICAL* discussion. Apart from that,
13.1 is locked as coolo announced, so 13.1 is not accepting even updates now, only maintenance updates, so no new packages now.
Since this is a factory list, not a 13.1 list, who cares what can and can't be done for 13.1 one second after 13.1 releases? But I agree the real problems/blames are: 1) Adobe ships a proprietary binary. They can do whatever they want with it, including charge, not-charge, support, not-support, drop altogether. 2) Users all buy what Adobe sells and don't think about the consequences. A few years go by and here we are. Given the starting conditions, it is inevitable, a guarantee, not a surprise. It doesn't matter how much we've all come to depend of something we have no control over. It's still only Adobe's fault for mistreating their users, or us users fault for putting ourselves under Adobe's control, or both. Adobe and yourself, not suse. In no way is it suse's fault for having the perfectly correct policy that you can't ship a known unsupported and physically unsupportable software, even IF they had the legal right to do so, which they most likely do NOT have anyways. The gas station near my house used to sell good gasoline, then they made a change and now sell gasoline with 10% ethanol in it, which is bad for my cars engines and gives less mpg and attracts water and causes sludge over time and attacks rubber parts over time etc etc. I hate it. But it would be stupid to yell at the gas station owner for changing their product and selling me a bad product. The government made a law that all gas everywhere must include at least 10% ethanol. The fault is the governments, the various big companies that instigated this change to make money, and all the people's for allowing the government to do it. -- bkw -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Michal Hrusecky wrote:
Per Jessen - 21:41 8.11.13 wrote:
Hans Witvliet wrote:
On Fri, 2013-11-08 at 13:04 -0500, Brian K. White wrote:
<snip> He is correct in certainly one aspect: this discussion might better be done on the users-ML, instead of the __factory__ ML
The discussion concerns a yet-to-be-released version of openSUSE. Where better than here.
The discussion is far of off-topic flame
Apart from your own less-than-civil postings, noone has been flaming anyone. If you believe the discussion to be off-topic, I suggest you be more constructive and suggest to whom people should address their grievances in this respect. For an "openSUSE Team" member, your responses in this thread do you no credit, IMHO. -- Per Jessen, Zürich (4.4°C) http://www.hostsuisse.com/ - dedicated server rental in Switzerland. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Am 14.11.2013 22:02, schrieb Per Jessen:
If you believe the discussion to be off-topic, I suggest you be more constructive and suggest to whom people should address their grievances in this respect.
It has been stated many times in this thread that people need to go to Adobe with their complaints. In case it was too small to read for you, I'll have figlet spell it out bigger: _ _ _ / \ __| | ___ | |__ ___ / _ \ / _` |/ _ \| '_ \ / _ \ / ___ \ (_| | (_) | |_) | __/ /_/ \_\__,_|\___/|_.__/ \___| -- Stefan Seyfried "If your lighter runs out of fluid or flint and stops making fire, and you can't be bothered to figure out about lighter fluid or flint, that is not Zippo's fault." -- bkw -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Friday 2013-11-15 06:20, Stefan Seyfried wrote:
Am 14.11.2013 22:02, schrieb Per Jessen:
If you believe the discussion to be off-topic, I suggest you be more constructive and suggest to whom people should address their grievances in this respect.
It has been stated many times in this thread that people need to go to Adobe with their complaints.
In case it was too small to read for you, I'll have figlet spell it out bigger:
_ _ _ / \ __| | ___ | |__ ___ / _ \ / _` |/ _ \| '_ \ / _ \ / ___ \ (_| | (_) | |_) | __/ /_/ \_\__,_|\___/|_.__/ \___|
I suggest you write it in the puny HTML that they so desire, with <font size="72"><b><i><u><blink> ;) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On 2013-11-15 06:27 (GMT+0100) Jan Engelhardt composed:
/ \ __| | ___ | |__ ___ / _ \ / _` |/ _ \| '_ \ / _ \ / ___ \ (_| | (_) | |_) | __/ /_/ \_\__,_|\___/|_.__/ \___|
I suggest you write it in the puny HTML that they so desire, with <font size="72"><b><i><u><blink> ;)
What you might want to try is <font size="7">. :-p <font size="72"> wasn't valid even before <font> was deprecated: http://www.w3.org/TR/html401/present/graphics.html#edef-FONT I'm not sure if all current browsers will actually apply it, but I'm sure most if not all will disregard <blink>. To get puny you need one of the following: <font size="1">, <span style="font-size: 7pt">, <span style="font-size: 9px">, <span style="font-size: xx-small"> or any of several similar style rules, and hope the user doesn't know about minimum font size or zoom. :-D -- "The wise are known for their understanding, and pleasant words are persuasive." Proverbs 16:21 (New Living Translation) Team OS/2 ** Reg. Linux User #211409 ** a11y rocks! Felix Miata *** http://fm.no-ip.com/ -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Per Jessen - 22:02 14.11.13 wrote:
Michal Hrusecky wrote:
Per Jessen - 21:41 8.11.13 wrote:
Hans Witvliet wrote:
On Fri, 2013-11-08 at 13:04 -0500, Brian K. White wrote:
<snip> He is correct in certainly one aspect: this discussion might better be done on the users-ML, instead of the __factory__ ML
The discussion concerns a yet-to-be-released version of openSUSE. Where better than here.
The discussion is far of off-topic flame
Apart from your own less-than-civil postings, noone has been flaming anyone. If you believe the discussion to be off-topic, I suggest you be more constructive and suggest to whom people should address their grievances in this respect.
Suggested many times over and over, go to the Adobe, just to be clear as it looks like that people somehow can't read the Adobe and keep blaming openSUSE, Linux, kittens and whoever.
For an "openSUSE Team" member, your responses in this thread do you no credit, IMHO.
Really? So I should not try to convince people to stay on focus and stop sending mails that has nothing to do with mailing list topic? I should instead encourage people to post whatever they want? Should we start collecting here wishes for ponies and send it on behalf of the project to Santa Claus? That sounds about equally relevant as this topic at this point... PS: Originally didn't want to respond anymore as it looks this going nowhere discussion will continue with few guys anyway regardless of how meaningless it gets, but as this was targeted kinda personal, I decided to reply anyway ;-) -- Michal HRUSECKY SUSE LINUX, s.r.o. openSUSE Team Lihovarska 1060/12 PGP 0xFED656F6 19000 Praha 9 mhrusecky[at]suse.cz Czech Republic http://michal.hrusecky.net http://www.suse.cz -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Friday 2013-11-08 14:37, Carlos E. R. wrote:
On Friday, 2013-11-08 at 11:43 +0100, Michal Hrusecky wrote:
as said few times in thread already, Acrobat is not coming back, can we stop this flame now? Or take it to Adobe ;-)
Wasn't this a community? Or is it a dictatorship? :-?
Playing devil's linguist: A community is a community, but a dictatorship is a system (with autocratic attributes) by which a community is governed. Take your pick from http://en.wikipedia.org/wiki/Form_of_government -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
participants (33)
-
Andrey Borzenkov -
auxsvr@gmail.com -
Bernhard Voelker -
Brian K. White -
Carlos E. R. -
Carlos E. R. -
Christian Boltz -
Claudio Freire -
Damian Ivanov -
Felix Miata -
Guido Berhoerster -
Hans Witvliet -
Ilya Chernykh -
Jan Engelhardt -
Jim Henderson -
Johannes Meixner -
John Layt -
Joschi Brauchle -
Ken Schneider - openSUSE -
Larry Finger -
Linda Walsh -
Luiz Fernando Ranghetti -
Marcus Meissner -
Marguerite Su -
Michal Hrusecky -
Michal Vyskocil -
Per Jessen -
Richard Brown -
Ruediger Meier -
Stefan Seyfried -
Tomáš Chvátal -
Wolfgang Rosenauer -
Yamaban