Monthly Archives: December 2007

SELinux mitigates HPLIP vulnerability

I missed this one at the time, but a member of the Red Hat security response team just pointed me at this RHEL advisory from October, where a vulnerability in HPLIP was mitigated by standard targeted policy.

That is, SELinux provided zero-day protection against local users exploiting this vulnerability to run arbitrary code as root.

Previously:

FOSS.IN/2007 Wrapup

I’m finally back from FOSS.IN/2007, although my body clock seems to be lost somewhere in the Arabian Sea.

The push to make the conference more contributor-focused seemed to work very well.

The final talk slot, which was given to Rusty on short notice, included an invitation for FOSS developers to come down and stand on the stage. First, people who had contributed code to a project — way more people than anyone expected — stood up and came down. Then, progressively, people who’d submitted a bug report, or written documentation, or helped others, and finally, anyone who’d used FOSS. Here’s what it looked like:

foss.in closing talk: contributors on stage

Photo by Jim Grisanzio

Members of the then non-audience passed the microphone around for some ad-hoc lightning talks on what they were doing.

Following that, Atul spoke about the future of FOSS contribution in India, explaining that FOSS.IN would not move around the country, as it is preferred that each region develop their own event. Organizers of other Indian FOSS conferences provided brief overviews of each, including the entirely student-run FOSS Meet@NITC in Calicut.

It was a great ending to a great conference, and overall, simply refreshing to see so much grassroots activity.

An older attendee wrote a nice email to the conference mailing list with some interesting observations, such as “You are prime-movers of modern India” and “Some had weird hairstyles”. Indeed, as has been noted by others, including Simon Phipps, there’s an intense enthusiasm for technology in India which I’ve not seen elsewhere.

I really would not be surprised, within ten years, to see India become the top FOSS contributing country.

As a foreign speaker, I found the conference to be a great opportunity to spread knowledge in a direct way — beyond what is possible via code, documentation, blogging etc. — and can highly recommend it to others. Rusty had fun, although he definitely under-assessed his final talk.

If you’ve ever wondered what it’s like to return from your morning coffee run to be serenaded by a Nadaswaram, “the world’s loudest non-brass acoustic instrument”, here’s a video starring Andrew Cowie, Spot Calloway and the omnipresent Rusty as part of the audience.

http://www.youtube.com/watch?v=9kwI3Vn7aiM

FOSS.IN/2007 Photos

I’ve started uploading a conference photo set here. Expect to see more soon. You can find many photos by others by searching flickr for the tag “fossin2007”.

e.g. http://flickr.com/search/?q=fossin2007&w=all

some foss.in speakers

Jet lag is fun, as always — I didn’t think it’d be so bad traveling from Sydney instead of Boston, but it’s possibly worse. Thankfully, there is no shortage of strong coffee in Bangalore.

FOSS.IN kicks off

The FOSS.IN project days have commenced, ahead of the main conference. It’s great to be back in India, and to meet up with everyone again.

Rusty and I were walking around Bangalore yesterday, and encountered a family of monkeys crossing the road.

(video in case the embedding doesn’t work…)