AltME groups: search

tried mplayer and all I got was the vid/no sound-yet it does play 
a mp3 ?

will check,thanks ! still a newbie in the Linux world-have a Linux 
user group meeting tonite :)

i have a /usr/lib/win32 full of such codes. and there where one or 
two other dirs mentioned too. IIRC xine suggested to download the 
mplayer-codes too, althought i installed from distro.

maybe your mandrake is just a bit old.

try to download mpeg4ip, it is a mp4-only player/encoder. that should 
in theory work...

also i can not get View 1.3.? to install it does not make a ./rebol 
dir ?

problem with most Linux distro is that I have a dual cpu and most 
don't support dual cpus :(

ubuntu sounds good. there is a kubuntu or something beased on kde. 
also, dont know about ubuntu, but on debian if i would install a 
kde-program without having kde, it would suggest a lot packeages, 
and 100mb later i would have everything including desktop i guess.

there is also a trick with linking new library to old library, but 
i forgot the details.

http://www.debian.org/distrib/packages, at the bottom you can enter 
a filename and usually get its package. most libs have compat-somethings. 
i guess the packages on ubuntu are similar, and that they have a 
similar page. (my link shows in german here, i guess thats some smartness. 
you should see something in your language).

thats a coincidence I want a new altme

maybe ubuntu does something a bit different? dont know. i am only 
expert in installign packages..

and expert in pasting error messages in google.

http://lists.ubuntu.com/archives/ubuntu-bugs/2005-July/068257.html

http://lists.ubuntu.com/archives/ubuntu-bugs/2005-July/069412.html
till now i know you have a bug.

I have libxaw6, libxaw7 and libxaw8 installed, which are standard 
Ubuntu packages. libxaw7 is the standard XFree86 library, libxaw6 
is the older X11 library, and libxaw8 is a new version of libxaw7

libxaw7 is currently default on most Linux systems. For older REBOL 
versions like AltME you have to install libxaw7. The new View 1.3, 
however, is already linked to libxaw7, which makes this a lot easier

In the same way, the new View needs a relatively new libstdc++ standard 
C++ library (part of GCC). On older Linux systems you may have to 
install this, but on most systems it's already standard, so this 
should usually not be a problem

See my links. Henrik has the lib, but a symbol is missing. Another 
app had same error-message, they say "deprecated, tell vendor".  
But they say also libxaw8 (unsupported) has it. You have it, maybe 
Henrik needs it to, even if altme says 6?

with a reboot Mandriva/Altme is working correct now

Ok, I need some advice from you Linux gurus out there: I'm running 
my xpeers server on an old RH 7.3 installation with EXT3 filesystem. 
The server is running in a data-center, so only remote access via 
SSH.


1. Does it make sense to update the kernel / system? If, how can 
I do this remote?

2. I think with xpeers ReiserFS might be a better choice because 
I have thousands of small files on my system, that needs to be handled. 
How can I update the filesystem?

it can be done (with a *lot* of effort), but it's too risky. it's 
much easier to rent a new server with reiser and move the data.

maybe you can do it by adding a new hd to the server. still a non-trivial 
task though, and i would try it on a local machine at least twice 
before attempting on a remote machine. :)

robert,  I would ask your hosting company if they can give you access 
to the terminal server  (so that you ssh there and then you can reboot 
and see boot messages as if you were on a local terminal - note you 
might have to configure the server first

otherwise you're better off letting them handle the os upgrade or 
better ask for a up to date box (e.g. with Fedora core 4) and migrate

Ok, thanks for the comments. What's this terminal-server stuff? Is 
this a special console I connect too?

The machine is a dedicated one. I'm the only user of it with full-root 
access rights.

the terminal server is used by the hosting company to access multiple 
servers consoles without having physical consoles. When they reboot 
a machine the can get the bios boot messages because there is a console 
cable to the terminal server and they normally access the terminal 
server via ssh

ok I am running into a problem running the last stable version on 
View-I can run as root but not a user ? running from root i have 
changed the permissions but when I do that,then I can not run a root 
? I remember on mandrake 10.1 I was able to run View as a user ? 
Also,what do I need to install to get the View 1.3 ? running on mandriva 
2006 ? Thanks from a Linux newbie

Is there any specific need to make View 1.3.50 running under Linux:
- It runs right while clicking the icon
- it fails to run from a terminal:
	./rebol
	** User Error: REBOL: Cannot connect to X server
	** Near: size-text self

I can only speak for myself, but Ubuntu installed flawlessly on the 
PC's I've installed it on. I use Knoppix only as a live CD.

Knoppix still has better detection, but yes, it's primarily a live 
CD. I use Ubuntu in most cases, but I use MEPIS instead of Knoppix, 
which is also very nice and can both be installed and used as a live 
CD, like Ubuntu

easy to use =  Xandros, linspire, mepis, pcbsd. I personally use 
linspire ( the only one that finds all my hardware and it works), 
mepis is real nice but it won't detect my 4 port lan ( only 2 ports) 
Xandros crashes with my video card, pcbsd ( freebsd) is very nice 
but right know it has issues with flat monitors, Oh Oh you can try 
PClinuxOS it is easy too and with a lot of eye candy.

Damn Small Linux 2.0 released..  http://www.damnsmalllinux.org/index.html


Damn Small is small enough and smart enough to do the following things:


    * Boot from a business card CD as a live linux distribution (LiveCD)
    * Boot from a USB pen drive

    * Boot from within a host operating system (that's right, it can 
    run *inside* Windows)

    * Run very nicely from an IDE Compact Flash drive via a method we 
    call "frugal install"

    * Transform into a Debian OS with a traditional hard drive install
    * Run light enough to power a 486DX with 16MB of Ram

    * Run fully in RAM with as little as 128MB (you will be amazed at 
    how fast your computer can be!)

    * Modularly grow -- DSL is highly extendable without the need to 
    customize

50mb and includes.. 


XMMS (MP3, CD Music, and MPEG), FTP client, Dillo web browser, links 
web browser, FireFox, spreadsheet, Sylpheed email, spellcheck (US 
English), a word-processor (FLwriter), three editors (Beaver, Vim, 
and Nano [Pico clone]), graphics editing and viewing (Xpaint, and 
xzgv), Xpdf (PDF Viewer), emelFM (file manager), Naim (AIM, ICQ, 
IRC), VNCviwer, Rdesktop, SSH/SCP server and client, DHCP client, 
PPP, PPPoE (ADSL), a web server, calculator, generic and GhostScript 
printer support, NFS, Fluxbox window manager, games, system monitoring 
apps, a host of command line tools, USB support, and pcmcia support, 
some wireless support.

Sorry, composing a question over VNC...

Really slow, which is odd because the target is a 'clean' WinXP install, 
where my old, upgraded-from-WinME XP install was much faster.  Anyway, 
inappropriate for the Linux group, I know.

Any suggestions on a better 'browse definition for Linux?

Trying to update my rebol installation on my red-hat 7.2 box. (Yes, 
it's old I know but it works without any problems). The new rebol 
stuff require a different glib_c version. How do I update this on 
my RH box?

Robert, you may find the right glibc rpm here: http://rpmfind.net/linux/RPM/index.html

Be sure to read about the different ones, so you get the right one.

You should be able to have more than one version of glibc installed 
at the same time (so everything will work). There are programs with 
GUIs in RedHat Linux to install rpms, or you can use the rpm command 
from the command line.

It's been a while, since I used Linux, and it can be a hazzle to 
update sometimes.

hazzle would a good portmanteau word combing hassle and hazzard :-)

Geomol, thanks a lot.

There exists no how-to for installing two version of glibc. I can't 
believe this. Haven't the Linux guys though about installing several 
different versions? Sounds like the MS-DLL-hell problem to me. Not 
a bit better than...

Robert, actually Linux not only has not solved the DLL problem, they 
are even worse in some respects. In particular, you'd need to compile 
and distribute a different version of REBOL for each linux distro, 
not because the code is any different, but because it needs to link 
to different version of libs and so on (with different include files...); 
there is no way to ensure compatibitly.

Well, its not designed for binaries.. Interface os thru a wrapper, 
distribute the wrapper and rebol.o, problem solved..

We've actually got a 90-95% working version of 1.3.2 plugin for Mozilla.

Ah, let me get back to you...we need to get a download location set 
up.

Gotta take a look at it a little more, it's only a few days old :)

I am ok with a test release if Josh is.

Josh, is there some way to automate the build process, and do the 
certificates or whatever, so when you leave again, a new version 
can still be easily built?

It wasn't meant as a joke.

is there a new IE plugin as well?

it's just a rebuild against the new viewdll (1.3.2).

yes, that is a limitation of REBOL itself....according to Carl, we're 
looking into removing that limitation for REBOL 3.0

Each plugin instance launches a new thread so viewdll has to be able 
to handle that

Infinite popups are blocked ..I think there's a limit.

Seriously, I'd love a list of any security problems that you guys 
have encountered as you've used the plugin.

just please send me a note privately if you find one :)

though I note I had to run a dummy window first otherwise the client 
run inside the browser window instead of as a separate window

If the chat client wipes your hard drive, consider it a security 
exploit!

Anyone have a good low-cost source of certificates?

no, it won't install without a valid certificate.

(The vender certification process can take a lot of time... they 
have to verify that we are "good guys".)

Otherwise it can take a week.

at the login page, there's a register button.

OK, so I want to get a discussion started. What do you guys want 
to see in the next version of the plugin?

1.3.3 is a feature upgrade, so i'm open to ideas...as long as it 
doesn't rely on something in rebol 3, we can look at it.

Not sure on that, I need to check with Carl....I think I understand 
your overall question though, can we make a version of the plugin 
that supports pro/command right?

I need the plugin for an application that could potentially be used 
for a few thousand users in an open enterprise environment, but signed 
scripts and security are essential there.

maybe have rebol in the plugin download a license from a web server 
or something like that.

we'd have to figure out a way to prevent others from using your license.

A way to protect plugin source code

A way to add higher order encryption

is a must...

I had this (wild?) idea that the plugin would be able to run normal 
rebol scripts, but with signed scripts encapped with the SDK would 
turn the same plugin into /Pro or /Command. I'm just brainstorming, 
but that would be a nice way to keep everything within one plugin. 
I don't know...

Carl, one thing I thought about is how do you convince a user that 
the security in the plugin going through the webbrowser is trustworthy 
when the SSL icon in the browser window is not on? they might think 
that nasty stuff could be going on in the background. I think there 
needs to be some kind of indication that the script currently running 
is really secure.

we can add some kind of indicator, that shouldn't be a problem.

one issue is size. do we distribute /pro/view to everyone, and make 
everyone download a bigger file? or do we have two different plugin, 
two different sizes?

It may require a certificated authentication server that stores the 
license keys.

there is also another issue, I've been thinking about. is it still 
possible to create an invisble area in the webpage where you could 
drop a rebol script that could work as a keylogger?

The latest client request I got was to have it called something other 
than "REBOL". I know this sounds funny to us, but they were doing 
a demo and the potential client did *not* like the idea of installing 
something that sounded rebellious. Seriously, this happened.

regarding the keylogger idea: that's a good idea, but the plugin 
can only capture keyboard input when it is activated. in fact, there's 
a new feature in IE 6.something that disables the plugin until the 
user clicks on it to activate it (it does this to all activex controls)

Announcement: We've made a very, very early release of REBOL/Plugin 
for Mozilla available.

NOTE: This is a PRE-ALPHA version. Install at your own risk. Do NOT 
install these files on a production system!

A few notes:

* There is currently no documentation (I'm sure you can figure it 
out from the HTML).

* The Mozilla plugin has only been tested with FireFox on Windows 
XP. 

* This is a Windows/Intel/x86 build; it will not work on Mac or Linux.

but it reports a missing plugin when I go to test.html

it works if you close the tab and open the url in a new one

Not RAMBO. Maybe create a checklist here and put them on it.

is there a new way to embed the plugin? http://www.rebol.net/plugin/demos/index.html
doesn't work

graham, it seems you need to use a different method to embed under 
mozilla than under IE

Cyphre demo, I just get a white screen. Test.html worked though

Now I recall one my old rant... would be very nice if  there's a 
way to call rebol func from javascript.  Something like: 

<input type="button" value="Send" onclick="rebPlugin.evaluate('send');"> 

So we can build an html interface and use plugin & rebol instead 
of  XMLHttpRequest and Javascript

this plugin is a great news, btw. Thanks :-)

Bugs found in Firefox with Cyphre demo: 

- starts with no sound (the music started when I opened a parallel 
session with Opera, in Opera the sound is ok)

- seems there are some problems with AGG: no rotating Carl Head, 
some flash with gears, no "rebol rulez" in the sky... (Opera is ok)

- when I close firefox the music continue for 4/5 seconds (until 
the buffer is empty ?). In Opera too.

- sometimes the plugin disappear if I refresh the page. I have to 
close the browser. In Opera too.


WIn2000, nVidia GeForce4 MX 440, Firefox 1.5.0.3, Opera 9.0 beta 
build 8393

Is this group more for bug fixes to the new plugin, or is it a place 
to make suggestions and discuss security issues?

Security Issues:

- We should to be able to restrict with the secure native what files 
and dlls the plugin can access.

- The default security of the RT-provided plugin (not encapped by 
a third-party) should prohibit any access to any local files or libraries 
at all, even in the same directory as the script, and prohibit access 
to third-party network addresses as well. Or at least ask.

- There should be some way to access the site's cookies from the 
plugin, because there shouldn't be any other way to store local data 
on the client computer's hard drive. Anything short of that will 
be a security hole.

- There should be no way to reduce the default security of the plugin 
through the use of plugin params.

- Any attempt to reduce access should prompt the user for permission, 
in terms a non-technical user can understand. This means rewriting 
the security dialogs to be more user-friendly.

- Any relaxation of these default security restrictions should require 
encapping the script.

- A user (or their lawyer) should to be able to (perhaps through 
RT) track down the author of any encapped script.

- An encapped script should count as a seperate plugin as far as 
the user is concerned, at least as far as permission-to-install is 
concerned.


Basically, the default security of the plugin should not allow scripts 
to do anything you wouldn't want your worst enemy to do on your computer. 
People will try to use this plugin for advertisements, for webbugs, 
for spyware, for every nasty thing that you aren't evil enough to 
think of. Avoiding that kind of thing should be the focus of the 
default security settings. Anything less will make the plugin unsafe 
to install.

Might I add that a requestor should appear for EACH port access needed 
and the remote url MUST be clearly identified, each time.

we should also be allowed, as a user, to filter out ip adresses and 
urls which we never want to accept.

the same for local disk access.  for example, we might restrict any 
file i/o to ONE sandbox.  anything trying to access or write out 
of user-specified paths, would either get a dialog, or be refused.

or maybe from within the browser, window like quicktime does it, 
with a right click within the plugin box.

No, the sandbox won't work for the default browser plugin. Think 
of what a malicious script could do with a sandbox - it could write 
data files that could fill your hard drive, keep tracking data that 
the user wouldn't know to delete, etc.

hum, disk space is a concern.  maybe the plugin could simply enforce 
the use of one single write space and protect individual sessions 
from accessing other sessions.

this could easily be handled like a cache and user could impose size 
limits on individual and collective size of all sessions.