He Calls Himself an Irishman?

He Calls Himself an Irishman?

So, Glynn‘s a posh
D4 Dubliner. Don’t mind him. Most of us Waterford knackers with
a bit of national pride think Ireland’s
Call is an abomination and that Ireland is losing some of
its national identity by not using Amhrán na
bhFiann for rugby.

It has one great side effect, though. Everyone can now actually
understand what they’re singing! You won’t find many irishmen
who are fluent enough in their national language enough to be
able to translate this: 

     Sinne Fianna Fáil
     A tá fé gheall ag Éirinn,
     buion dár slua
     Thar toinn do ráinig chugainn,
     Fé mhóid bheith saor.
     Sean tír ár sinsir feasta
     Ní fhagfar fé'n tiorán ná fé'n tráil
     Anocht a théam sa bhearna bhaoil,
     Le gean ar Ghaeil chun báis nó saoil
     Le guna screach fé lámhach na bpiléar
     Seo libh canaídh Amhrán na bhFiann.

Watch closely next time you see an Irish sports team during
their national anthem. Count with your fingers how many of
the players are actually singing rather than humming, swaying
from side to side and generally looking embarrassed. You
won’t need your other hand …

Terminal Services Prototype

After a couple of weeks work Caolan
and I have gotten together a prototype for a VNC based terminal services system which
also supports hotdesking. More details

here.

This is all part of a bigger plan to use VNC for the four different “remote desktop”
uses cases I think we have in GNOME:

  • Terminals (a.k.a. thin clients) which display your desktop running on a
    terminal server
  • Remote administration – allowing sysadmins to remotely help a user having
    difficulties with their desktop
  • Remote access – you’re at home and you need to do something on your machine
    in work like save a document you’d forgotten to save or something.
  • Collaboration – a colleague in another office is working on a CAD drawing and
    he wants to demonstrate some of his ideas while talking to you on the phone
    about it

I’ll post more of the technical details of how this should all work. Right now,
though, I need to go for a few pints and get away from this stuff 🙂

2004-05-27: Thursday

  • Up early; chewed mail;
  • Amazing lack of listening on the xdg list from Michael along the lines
    of: “let me fix my problems right now with the least amount of pain to
    me. I don’t mind if its a big hack which everyone else will copy”. The
    encouraging thing from this is I suppose that in the past I would have
    taken this (IMHO fairly nonsensical/incomprehensible stalling position)
    as cast-iron proof of Michael just not listening; however, one can only
    conclude from this discussion that there is some sort of unhelpful,
    underlying ignoring the
    point
    going on … nice to have this insight.

😛

Home Again

I’m back home again from Boston. Maybe I’ll start getting some work
done again now 🙂

I’ve put up some photos from the trip
here.

Crackrock

Okay, Havoc needs his pot leaf
head re-instanted. That
film has to be the most atrocious piece of work I’ve seen in a
long time … “So bad it was good”? Yeah, right.

Someone else has been smoking some goodness:

Corporate Whores

Looks like hadess,
mjcox,
gary
and dwmw2
have all taken a big overdose of the Red Hat drugs. So have I.

This Red Hat company meeting thing was a weird experience for
me. Realizing just how deeply rooted open source is in the Red Hat
culture. Realizing that what I’m hearing isn’t just the lip service to
open source that I heard in Sun. Seeing a real understanding of and
commitment to open source from each of the 600ish people
attending. Its like coming home or something. Man, I’m so psyched
after the whole thing.

Well, I’m pretty exhausted too 🙂

$LD_LIBRARY_PATH Update

Of course, Ulrich did know. The
System V ABI specification’s ELF section contains the requirement
that $LD_LIBRARY_PATH have those semantics

   a string that holds a list of directories, separated by colons
   (:). For example, the string /home/dir/lib:/home/dir2/lib: tells the
   dynamic linker to search first the directory /home/dir/lib, then
   /home/dir2/lib, and then the current directory to find dependencies.

Moral of the story. Don’t do

  export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/some/other/dir

Do this instead

  if [ -n $LD_LIBRARY_PATH ]; then
    export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/some/other/dir
  else
    export LD_LIBRARY_PATH=/some/other/dir
  fi

Or even

  export LD_LIBRARY_PATH=${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}/some/other/dir

Runtime Linker Voodoo

Kjartan pointed out a report of a gnome-session security vulnerability
to me earlier today. Now, it turns out to actually only be a
vulnerability in a script supplied with certain distributors’ packages,
but that’s not the interesting part.

The script contained something like this:

  export LD_LIBRARY_PATH=/opt/gnome/lib:$LD_LIBRARY_PATH

and the “vulnerability” was apparently that if $LD_LIBRARY_PATH
was originally unset, then you get
LD_LIBRARY_PATH=”/opt/gnome/lib:”.

I couldn’t for the life of me understand why it was actually a
vulnerability in the first place. It gnawed at me all day. After a bit
of poking at the runtime linker code in glibc though I realized that
setting $LD_LIBRARY_PATH like that is effectively the same as
setting it to LD_LIBRARY_PATH=”/opt/gnome/lib:./”. The problem is
clear then – an attacker can use it to force a rogue, untrusted
library to be loaded that could do nasty things.

So, this whole LD_LIBRARY_PATH=”:” causing “./” to be added to
the runtime linker’s search path thing came as a big suprise to me and
to some others. I’d never heard of before, but it seems known to at
least some people and is “expected behavior”. What worries me here is
that its likely most attackers know to look out for this and most
developers don’t.

My long search for a normative reference for this behaviour failed. If
anyone knows where it comes from, I’m dead curious. I expect Ulrich
knows, though 🙂

Another interesting thing to play with:

$> LD_DEBUG=help /lib/ld-linux.so.2
Valid options for the LD_DEBUG environment variable are:
 
  libs        display library search paths
  reloc       display relocation processing
  files       display progress for input file
  symbols     display symbol table processing
  bindings    display information about symbol binding
  versions    display version dependencies
  all         all previous options combined
  statistics  display relocation statistics
  help        display this help message and exit

I read a paper
from Ulrich some time ago that gave lots of details on how to write
shared libraries such that the runtime linker can more efficiently
resolve symbols etc. LD_DEBUG=statistics, among other things,
is useful there. I’d love to see someone with the time and interest
looking into this and analyzing GNOME libraries to see where we can
make improvements.

List moderator magic

I spent some time floundering about a while ago trying to figure out a
Javascript hack to allow you to mark all mails in a mailman moderation
queue to be discarded. I certainly wasn’t going to manually click
“Discard” for each of the 400 mails in the gconf-list queue.

DV saved me with some
jamesh magic.

Mailing list admins, bookmark this link –
Discard all mails

(No, don’t click on the link. Right-click, “Bookmark link…”)

St. Patrick’s Day

Recipe for a nice relaxing Paddy’s day:

  • Long walk by the sea to clear the hangover.
  • Cook gorgeous Thai Red Curry. Eat.
  • Snooze.
  • Bake a lemon cake. Eat.
  • Add wireless support to gnome-netstatus:

    Calum is the one responsible for the UI. I just did the fun hack 🙂