[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Libcdio-devel] Rock Ridge and libisofs/xorriso 'AL' extension

From: Pete Batard
Subject: Re: [Libcdio-devel] Rock Ridge and libisofs/xorriso 'AL' extension
Date: Tue, 25 Jul 2017 19:39:37 +0100
User-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.2.1

On 2017.07.25 17:44, Thomas Schmitt wrote:
Is there a way to approach moderators in advance ?

I would think there is, but I haven't gone through that exercise myself (the interactions I've had were in reply to an edit, or through the user page, which each Wikipedia contributor gets).

I expect the means to contact moderators can be found on Wikipedia. The other thing you may do is create a new topic on the Talk page that is associated with each Wikipedia entry (in this case mentioning your request... and wait until someone picks it up.

I could submit a plan
how to restructure the Rock Ridge article and disclose my conflicts of

If it were up to me, I would go at it this way:

1. On the talk page, mention the intention to edit the page, as well as the potential conflict of interest, and leave sufficient time (e.g. 1 month) for someone to comment or object.

2. If noone opposes the plan from the Talk page, got for the edit(s), while making sure that on the reason for editing, you indicate your affiliation/possible conflict of interest.

3. If a Wikipedia moderator then engages with you post-edit, point them to the very explicit steps you have taken above, as well as the fact that this is obviously a technical subject, where bias is much easier for other contributors to spot and correct, than what is the case with "soft" subjects.

But then again, I'd suggest you try to engage with a moderator if you can. My experience, which was only with a very limited number of moderators (and a limited number of edits), leads me to think that such an approach is unlikely to lead to major recrimination, but of course, I can't speak for what the Wikipedia staff sees as the right way to go.

I can try to get back to the Kali maintainers on that, but I'm not
sure how much they're gonna like being asked about this for the 3rd time in
a row...

Is that conversation public ?

Sure is:

If you register an account, you should be able to comment, as the issue has not yet been closed. Haven't asked them about the command line yet since I decided to bite the bullet and install Kali to see it for myself (before finding out, about 1 hour ago, that the live ISO generation I started had failed on account of the 20GB virtual disk I was using being to small to extract all the packages. But at least, the live creation process doesn't require a lot of involvement besides waiting...)

Funnily i am just today busy with explaining to an ISOLINUX user why
i decided against publishing the xorrisofs options without explicit
consent by the user.
The Debian based genisoimage developers decided for the same, independently.

I can see your point, though personally, I like openness a lot better. It's not like we're going to be dealing with a private keys or passwords here (or is there encryption that can be involved during ISO generation with xorriso?), and when there's a lot of incentive for reproducible builds these days, I don't really like the idea of security through (semi) obscurity.

IMO, better leave the people who don't want the benefit of openness, yet chose to use an Open Source tool, fork their own version that hides the command line options if that is their wish... Plus, a lot of these ISOs are going to be used for boot, where you certainly want to make sure nothing funky has been going on during the media creation process.

Very firmly, with my GNU xorriso maintainer hat on: Not by default.

I dimly remember to have read statements by FSF that we do not rat out
our users.

I still fail to see what kind of private information there is to rat out, especially in options that may be critical to determine if a boot ISO, one has been downloading off the Internet, is trying to do something dodgy.

Personal information dissemination must certainly be opt-in. But the way I understand it, this is not user information we're dealing with here... Or does xorriso include options that you think could be used to individually identify a user (e.g. IP, uid/gid, etc.)?

I'm not sure there's much to find in live-build-config.

Hrmpf, nothing to see of mkisofs options or a xorriso run.

Yeah. I'm still going to try to complete a live Kali build, and post the default ISO generation command line when I get it, but I need to resize my disk first, which probably won't happen before tomorrow.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]