<html>
<body>
All,<br><br>
Attendees:<br><br>
Jim Gettys<br>
Egbert Eich<br>
Howard Greenwell<br>
Stuart Kreitman<br>
Alan Coopersmith<br><br>
<br>
Minutes:<br><br>
1. Status<br><br>
Egbert analysed list of patches from Alex D. Separated into individual
reports. Sorted out the ones wanted for commit. Doing the build to make
sure everything is OK, before he then commits the changes to the tree.
<br><br>
Has changes to commit to the TM branch. All the references to xfree86
version have now been changed to "xorg" version. Should change
name of binary, log file and config file. <br>
Apart from these changes, no one has made any changes to the TM branch.
Need to get moving for a release soon. Should not hesitate to complete
work on this branch. <br><br>
ICE-unix file issue looks worse than expected. More than just denial of
service. Can get a man-in-the-middle attack. Need to get the owner of the
directory right. <br>
Behavoir should be that X should fail to progress if:<br>
1) the directory is not there, or<br>
2) if the directory is not owned by root, or<br>
3) if we cannot create a file owned by root within that
directory.<br><br>
Jim asked about PAM used by SUN and if this was an option to solve this
problem. Stuart said quite complicated to get working. <br><br>
Specific question is "can we use PAM to ensure that 'tmp/x11-unix'
and 'tmp/ICE-unix' have the correct ownership privileges?"<br>
(Know cannot use VT switch).<br>
<b>Action:</b> Stuart will speak with PAM experts at SUN, and Egbert with
the PAM expert at SuSe. <br><br>
More concern of attack against the ICE directory.<br>
Egbert summarized that the change is not something for this release.
Sleep commands are not of any use and can be removed for the release.
<br>
Egbert asked if this should fail. Agreed that should not fail, just keep
same behavoir as before, but without sleep commands. Must get the problem
fixed soon for next release. <br><br>
Needs to be raised on the xorg_security list. <br>
Agreed Mattais should probably be there from XFree86. Egbert will speak
with him. <br>
Egbert will send the name of the security expert for SuSe to be added to
the list. <br>
<b>Action:</b> Howard to follow up on getting new people on the security
list from Red Hat, etc.<br><br>
Commit messages are not being sent out. Need to have Kaleb look into the
problem. <br>
<b>Action:</b> Kaleb to look into why Egbert is not receiving Commit
messages. <br><br>
Alan mentioned that there was a break in the build of the TM branch.
Egbert suggest libfreetype may be too old. Set
"HasFreetype2=NO" to try to get around the problem. <br><br>
Egbert has spoken with Chisato Yamauchi. How can we help Chisato get the
attention of the Freetype project. Jim thinks best approach might be for
Keith to speak with David Turner. <br>
<b>Action:</b> Jim will speak with Keith so that he can intervene on the
issue. <br><br>
On Spam filtering for freedesktop, should probably speak with Daniel
Stone. <br><br>
Alan asked about the remaining IPv6 changes to be committed. Only real
change is ServerInterpreted to go in. Jim thinks OK. <br>
Agreed to Alan making the commits and then watching the tinderbox builds
OK. Alan out of contact til Sunday. Egbert will check the build and back
them out as necessary.<br><br>
Howard. </body>
</html>