=== sarnold_ is now known as sarnold === chris14_ is now known as chris14 [02:49] Juest: publishing your keys should be pretty safe, at least if you want the email address on the keys to be published.. [02:50] Juest: consuming keys from the keyservers is riskier, but still moderately safe [13:42] mdeslaur: just gonna ask but since when has Microsoft ever done anything to the standards expected for software specs and stuff (re: unzip bug) [13:43] teward: hehe, well, you'd think they would do interoperability tests...but I guess not :) [13:44] mdeslaur: I mean Microsoft **intentionally** ignores/violates email RFC for handling responding to messages, prioritizing the 'Thread-Topic' header - a microsoft-ism - over 'Subject' when hitting "Reply" in any Microsoft mail client [13:45] and breaks things like lists, etc. === sdeziel_ is now known as sdeziel [13:45] teward: it took me _way_ too long to figure out why I couldn't extract a downloaded pictures zip file [13:45] Microsoft has *zero* care for standards and they've proved it time and time again [13:45] mdeslaur: welcome to Microsoft, population "Use our [CENSORED] and nothing else" [13:45] teward: breathe in, breathe out [13:46] mdeslaur: oh i haven't even BEGUN my daily microsoft hatred tirade! *ground shakes and shatters and dark smoke and fire just erupt from the hellhole that opened* [13:46] :P [13:46] mdeslaur: but no Microsoft has never cared for interop with anything. Except basic WSL stuff [13:47] and... well, that's about it. Only thing they did positive was SQL Server for Linux when you *need* MS SQL Server and PSQL isn't a good alternative [13:47] ye i'm biased :P [13:58] hehehe [14:19] mdeslaur: security related question, how much of a 'security' bug is it when the default permissions set by the installer [14:19] for a netplan yml on install trigger immediate warnings from Netplan when applying? [14:19] blah stupid keyboard [14:19] teward: you mean the permissions are too open? [14:20] encountered last night on a brand new 22.04 image with up to date netplan, the 50-cloud-config.yml file was created with 644 root:root perms and Netplan started whining about 'too open' and wouldn't stop yelling unless it was 600 [14:20] ye [14:20] trying to reproduce in a 22.04 VM because LXD containers sometimes are not the most reliable test [14:20] well, file a bug, but since it's the installer, there's no real point in it going to -security [14:21] right that'd be against subiquity or whatever it is in use right now [14:21] was wondering if it qualified as a security bug or not though [14:21] just before i go down the rabbit hole :P [14:24] sure, it's complaining for a reason, mark it security === chris14_ is now known as chris14 [21:36] mdeslaur: for awareness, https://bugs.launchpad.net/subiquity/+bug/2052524 was filed for that issue i observed. The backport of netplan.io to jammy-updates introduced the new warnings unlike previous, and Foundations has this on their todo list to address for the installer now I believe [21:36] -ubottu:#ubuntu-security- Launchpad bug 2052524 in subiquity "INSECURE permissions for Ubuntu Netplan YAML on installer execution" [High, Triaged] [21:36] cool, thanks teward