| 1 |
Samuli Suominen posted on Tue, 26 Apr 2011 21:56:06 +0300 as excerpted: |
| 2 |
|
| 3 |
> You have 24 hours to comment on this news item. Sorry to put it so |
| 4 |
> bluntly but this is required for major security bug (#364973). |
| 5 |
> |
| 6 |
> See attachment. |
| 7 |
> Title: Upgrade to GLIB 2.28 Author: GNOME Team <gnome@g.o> |
| 8 |
> Content-Type: text/plain Posted: 2011-04-26 Revision: 1 |
| 9 |
> News-Item-Format: 1.0 Display-If-Installed: <dev-libs/glib-2.28 |
| 10 |
> |
| 11 |
> The way of setting default URI handlers has changed since |
| 12 |
> dev-libs/glib-2.28 and above. If you used the GConf registry to set them |
| 13 |
> before, they will now be ignored. |
| 14 |
> |
| 15 |
> If you use GNOME, you must upgrade gnome-session and |
| 16 |
> gnome-control-center and set your default browser/mail-client again. |
| 17 |
> |
| 18 |
> If you don't use GNOME, you should ensure that the file |
| 19 |
> ~/.local/share/applications/mimeapps.list has the following content: |
| 20 |
> |
| 21 |
> [Added Associations] |
| 22 |
> x-scheme-handler/http=$browser_name.desktop; |
| 23 |
> x-scheme-handler/https=$browser_name.desktop; |
| 24 |
> x-scheme-handler/mailto=$mailclient_name.desktop; |
| 25 |
> |
| 26 |
> Replace $browser_name.desktop and $mailclient_name.desktop with the |
| 27 |
> appropriate file from /usr/share/applications that can handle |
| 28 |
> http/https/mailto URIs. |
| 29 |
> |
| 30 |
> Please make sure that your browsers and mail clients have been upgraded |
| 31 |
> to the latest stable versions before doing all this. |
| 32 |
|
| 33 |
This is unclear. Should non-gnome users (I'm a kde user) set this to |
| 34 |
prepare for the upgrade, or as a workaround until one actually completes |
| 35 |
the upgrade? |
| 36 |
|
| 37 |
The question comes up, because I'm on 2.28.6, which should be above the |
| 38 |
threshold for the notice, and I have that file in my home dir, but do NOT |
| 39 |
have those entries in it, which the notice appears to imply I should. |
| 40 |
|
| 41 |
Second point: To clarify, you're asking presumably admin users to set |
| 42 |
this in their homedir config, right? There's absolutely nothing in the |
| 43 |
proposed news item (and no link with it as a further detail) explaining |
| 44 |
this rather unprecedented tampering with a user's private homedir config, |
| 45 |
nor anything explaining what happens if it isn't done. Should an admin by |
| 46 |
arbitrary fiat edit the entries for *ALL* users? Just his own? |
| 47 |
|
| 48 |
If this is intended to be a system level policy edit, why isn't it *AT* |
| 49 |
they system level? If there is indeed technical reason to go editing |
| 50 |
individual user's homedir configs, then PLEASE make it MUCH CLEARER just |
| 51 |
WHICH user configs need to be edited (presumably all of them), and provide |
| 52 |
some justification, technical or otherwise, why editing the user config is |
| 53 |
the chosen solution. |
| 54 |
|
| 55 |
Note that as I implied above, a further details link is very likely |
| 56 |
appropriate, since news items are normally quite brief, serving in many |
| 57 |
cases more as an alert to check the details elsewhere than a full |
| 58 |
explanation and instructions. |
| 59 |
|
| 60 |
-- |
| 61 |
Duncan - List replies preferred. No HTML msgs. |
| 62 |
"Every nonfree program has a lord, a master -- |
| 63 |
and if you use the program, he is your master." Richard Stallman |
Archives