On Friday 29 August 2008, Craig White wrote: >On Fri, 2008-08-29 at 10:38 -0400, Gene Heskett wrote: >> On Friday 29 August 2008, Rahul Sundaram wrote: >> >Gene Heskett wrote: >> >> And the simple fact that those of us who want a working java are going >> >> to the sun site, getting the latest jre and installing it, never again >> >> to click on an ICED TEA update in yumex. Really, I think that says it >> >> all. You for legal reasons are defending an emasculated version, but >> >> the final say on what gets run is us, its our machine. Sue us? I >> >> doubt it. :) >> > >> >It is not iced tea now. It is called OpenJDK and that is a certified >> >Java from Sun. I won't sue for getting the details wrong ;-) >> > >> >Rahul >> >> Oh? From my yumex screen (F8 install) >> java-1.7.0-icedtea >> jave-1.7.0-icedtea-plugin >> >> and from an rpm -qa|grep java >> java-1.7.0-icedtea-1.7.0.0-0.19.b21.snapshot.fc8 >> java-1.5.0-gcj-1.5.0.0-17.fc8 >> tzdata-java-2008d-1.fc8 >> glib-java-0.2.6-10.fc8 >> java_cup-0.10-0.k.6jpp.1 >> java-1.7.0-icedtea-plugin-1.7.0.0-0.19.b21.snapshot.fc8 >> >> Humm, I may be wrong about not having icedtea > >---- >icedtea was F8, but not F9 >---- > >> [root@coyote ~]# which java >> /usr/bin/java >> [root@coyote ~]# ls -l `which java` >> lrwxrwxrwx 1 root root 22 2008-03-31 >> 19:34 /usr/bin/java -> /etc/alternatives/java >> [root@coyote ~]# ls -l /etc/alternatives/java/ >> ls: cannot access /etc/alternatives/java/: Not a directory >> [root@coyote ~]# ls -l /etc/alternatives/java >> lrwxrwxrwx 1 root root 39 2008-03-31 >> 19:41 /etc/alternatives/java -> /usr/lib/jvm/jre-1.7.0-icedtea/bin/java >> >> However, from FF's about:plugins, I get this: >> Java(TM) Plug-in 1.6.0_06-b02 >> >> File name: /usr/java/jre1.6.0_06/plugin/i386/ns7/libjavaplugin_oji.so >> Java(TM) Plug-in 1.6.0_06 > >---- >which java command is for running java from command shell > >java plugin in Firefox is a separate issue...what's so difficult to >understand about that? >---- > >> So, do I need to replace that link? By installing the yumex offerings and >> bearing in mind that I long since gave up trying to keep up with every new >> browser version having its own plugins dir, created one & put all the >> plugins there, and linked all the other browsername/plugins to it? >> >> In that case, is it safe to do so since updates are not yet flowing? >> Those are old packages that have been sitting there for a month or more. >> >> A side note, we (my local group of friends) have found a blog >> <http://blogs.zdnet.com/security/?p=1803&tag=nl.e539> that gives a few >> hints on finding out if we too have been infected. According to it, no >> systems here are. The point being that the extreme privacy this has been >> kept under has now been exposed, letting the horse out of the barn so to >> speak, and this list deserves more candor from its 'parent' regarding it. >> We had been led to believe this was only a debian problem because of the >> speedup shortcut in the random number section of the code supposedly only >> they used. If this is a different exploit, then we need to know. We >> aren't above pulling in the src's and building our own you know, however >> my reading that code is not going to tell me if its safe, so I've told the >> one in my local group who was going to do that to hold off another day or >> so... His exposure to an exploit is 100x that of mine, so lets see some >> activity of some kind other than take a potato and wait. We are beginning >> to need a second potato to stave off the hunger here. > >---- >as someone who runs gui as root...you have so many issues to worry about >I wouldn't know where to start...in fact, your assertion that someone >else has an exposure to exploitation more than you is laughable. > >Craig When I get hacked and rootkitted is the time to gloat, until then, well.. (this is occasionally a mixed list) And may I complement you on your ability to change the subject when I ask a potentially embarrassing question? -- Cheers, Gene "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) That feeling just came over me. -- Albert DeSalvo, the "Boston Strangler" -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
