[02:49] <sarnold> Juest: publishing your keys should be pretty safe, at least if you want the email address on the keys to be published..
[02:50] <sarnold> Juest: consuming keys from the keyservers is riskier, but still moderately safe
[13:42] <teward> mdeslaur: just gonna ask but since when has Microsoft ever done anything to the standards expected for software specs and stuff (re: unzip bug)
[13:43] <mdeslaur> teward: hehe, well, you'd think they would do interoperability tests...but I guess not :)
[13:44] <teward> mdeslaur: I mean Microsoft **intentionally** ignores/violates email RFC for handling responding to messages, prioritizing the 'Thread-Topic' header - a microsoft-ism - over 'Subject' when hitting "Reply" in any Microsoft mail client
[13:45] <teward> and breaks things like lists, etc.
[13:45] <mdeslaur> teward: it took me _way_ too long to figure out why I couldn't extract a downloaded pictures zip file
[13:45] <teward> Microsoft has *zero* care for standards and they've proved it time and time again
[13:45] <teward> mdeslaur: welcome to Microsoft, population "Use our [CENSORED] and nothing else"
[13:45] <mdeslaur> teward: breathe in, breathe out
[13:46] <teward> mdeslaur: oh i haven't even BEGUN my daily microsoft hatred tirade!  *ground shakes and shatters and dark smoke and fire just erupt from the hellhole that opened*
[13:46] <teward> :P
[13:46] <teward> mdeslaur: but no Microsoft has never cared for interop with anything.  Except basic WSL stuff
[13:47] <teward> and... well, that's about it.  Only thing they did positive was SQL Server for Linux when you *need* MS SQL Server and PSQL isn't a good alternative
[13:47] <teward> ye i'm biased :P
[13:58] <mdeslaur> hehehe
[14:19] <teward> mdeslaur: security related question, how much of a 'security' bug is it when the default permissions set by the installer 
[14:19] <teward> for a netplan yml on install trigger immediate warnings from Netplan when applying?
[14:19] <teward> blah stupid keyboard
[14:19] <mdeslaur> teward: you mean the permissions are too open?
[14:20] <teward> encountered last night on a brand new 22.04 image with up to date netplan, the 50-cloud-config.yml file was created with 644 root:root perms and Netplan started whining about 'too open' and wouldn't stop yelling unless it was 600
[14:20] <teward> ye
[14:20] <teward> trying to reproduce in a 22.04 VM because LXD containers sometimes are not the most reliable test
[14:20] <mdeslaur> well, file a bug, but since it's the installer, there's no real point in it going to -security
[14:21] <teward> right that'd be against subiquity or whatever it is in use right now
[14:21] <teward> was wondering if it qualified as a security bug or not though
[14:21] <teward> just before i go down the rabbit hole :P
[14:24] <mdeslaur> sure, it's complaining for a reason, mark it security
[21:36] <teward> mdeslaur: for awareness, https://bugs.launchpad.net/subiquity/+bug/2052524 was filed for that issue i observed.  The backport of netplan.io to jammy-updates introduced the new warnings unlike previous, and Foundations has this on their todo list to address for the installer now I believe
[21:36] -ubottu:#ubuntu-security- Launchpad bug 2052524 in subiquity "INSECURE permissions for Ubuntu Netplan YAML on installer execution" [High, Triaged]
[21:36] <mdeslaur> cool, thanks teward