[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [security-discuss] gnuradio project DoS attacks GNU wget users
From: |
Filip Brcic |
Subject: |
Re: [security-discuss] gnuradio project DoS attacks GNU wget users |
Date: |
Fri, 03 Mar 2017 19:38:29 +0100 |
User-agent: |
KMail/5.2.3 (Linux/4.8.0-40-generic; KDE/5.28.0; x86_64; ; ) |
Дана петак, 03. март 2017. у 11.08.26 CET, Richard Stallman написа:
> [[[ To any NSA and FBI agents reading my email: please consider ]]]
> [[[ whether defending the US Constitution against all enemies, ]]]
> [[[ foreign or domestic, requires you to follow Snowden's example. ]]]
>
> > even any browser more advanced than curl or wget), you would have
> > noticed that those links are part of the dropbox which itself is
> > part of the search field.
>
> The use of Dropbox is a possible concern. What job is Dropbox being
> used for, here? Can you tell me where in the pages to find that?
Not the Dropbox online cloud service, just the dropbox as in a search input
field with a combobox for selecting which part of the documentation is to be
searched. I clearly used the wrong word, sorry for the misunderstanding.
> > There is absolutely no way to make that functionality without
> > javascript,
>
> Nothing can justify sending users nonfree JS code, but it is
> acceptable for a GNU package web site to send Javascript code provided
> that code is free. It is best if the site does function with JS
> disabled (it's ok if that is ugly; ugly is better than
> malfunctioning).
>
> Can someone please tell me precisely where in the site this Javascript
> code appears? Does it visibly carry a free license? Is it
> distributed as true source code?
That JavaScript is part of the doxygen package. It is, therefore, licensed
under GPL-2, but now that I've rechecked the code it does not visibly carry
any license. It would probably be a good idea to ask doxygen to include some
GPL header in every included JavaScript file.
> The searchbox is the standard doxygen's searchbox which implements
> documentation search in javascript to avoid having to have a search
> engine on the server. So, if you don't like that searchbox, go to
> doxygen.org and tell them.
>
> You're saying that this Javascript code has somehing to do with
> doxygen.org. What is the relationship between this Javascript code
> and doxygen.org? Those words suggest multiple possibilities.
I think there is confusion as to which JavaScript is being talked about. The
code mentioned here is the doxygen's JavaScript code for searching the
documentations used by every documentation generated by doxygen (if user
decides to use the search functionality which is on by default).
--
GPG fingerprint: 9AFC0A4BD2CEF3D22CF6108196577BD3C105EDA4
Please read if you don't use GPG: https://emailselfdefense.fsf.org/
signature.asc
Description: This is a digitally signed message part.
- Re: [security-discuss] GFDL holds the answer about fancy javascript (was: gnuradio project..), (continued)
- Re: [security-discuss] GFDL holds the answer about fancy javascript (was: gnuradio project..), Richard Stallman, 2017/03/06
- Re: [security-discuss] GFDL holds the answer about fancy javascript (was: gnuradio project..), Jean Louis, 2017/03/06
- Re: [security-discuss] GFDL holds the answer about fancy javascript (was: gnuradio project..), Richard Stallman, 2017/03/06
- Re: [security-discuss] GFDL holds the answer about fancy javascript (was: gnuradio project..), Alfred M. Szmidt, 2017/03/07
- Re: [security-discuss] GFDL holds the answer about fancy javascript (was: gnuradio project..), Richard Stallman, 2017/03/05
- Re: [security-discuss] GFDL holds the answer about fancy javascript (was: gnuradio project..), Jean Louis, 2017/03/06
- Re: [security-discuss] GFDL holds the answer about fancy javascript, Paolo Bonzini, 2017/03/03
- Re: [security-discuss] gnuradio project DoS attacks GNU wget users, Richard Stallman, 2017/03/03
- Re: [security-discuss] gnuradio project DoS attacks GNU wget users,
Filip Brcic <=
- Re: [security-discuss] gnuradio project DoS attacks GNU wget users, Richard Stallman, 2017/03/04
- Re: [security-discuss] gnuradio project DoS attacks GNU wget users, Alfred M. Szmidt, 2017/03/04
- Re: [security-discuss] gnuradio project DoS attacks GNU wget users, Richard Stallman, 2017/03/05
- Re: [security-discuss] gnuradio project DoS attacks GNU wget users, Richard Stallman, 2017/03/05
- Re: [security-discuss] gnuradio project DoS attacks GNU wget users, Alfred M. Szmidt, 2017/03/05
- Re: [security-discuss] gnuradio project DoS attacks GNU wget users, Alfred M. Szmidt, 2017/03/03
- Re: [security-discuss] gnuradio project DoS attacks GNU wget users, Anonymous, 2017/03/03
- Re: [security-discuss] gnuradio project DoS attacks GNU wget users, Alfred M. Szmidt, 2017/03/03
Re: [security-discuss] gnuradio project DoS attacks GNU wget users, Nomen Nescio, 2017/03/02