[lsb-discuss] Unofficial LSB conference call minutes (2012-04-11, 11am ET)

R P Herrold herrold at owlriver.com
Wed Apr 11 17:12:08 UTC 2012


LSB teleconference

Wednesday, 11 Apr 2012 @11:00 to noon, US ET

Where:
 	(605) 715-4920 Access Code: 512468

Gobby:
 	gobby -j lsb-temp.pmman.net:6522 with passwd: LSB

IRC channels are:
 	#lsb-meeting at freenode.net during meetings
 	#lsb at freenode.net most other times

prior meetbot minutes:
(none -- Collab Summit)

THIS meeting's meetbot minutes:
no substantive content
http://stewbenedict.org/lsb/irc/meetbot/lsb-meeting/2012/lsb-meeting.2012-04-11-15.01.html


Attendees:
in the form : name (organization)  [irc_nick]
===========================================
Jeff Licquia (LF)  licquia
Russ Herrold (Owl River)  orc_emac
Glen Petrie (Epson)
Robert Schweikert (SuSE)  robjo
Mats Wichmann (Intel)  mwichmann via Gobby

potentials:
Stew Benedict (LF)  stewb
Alan Clark (SuSE)  AlanClark
Darren Davis (SuSE)
Jiri Dluhos (SUSE)  jdluhos
Kay Tate (SuSE)  ktate
Alexey Khoroshilov (ISP RAS)  Alexey

Apologies:
==========
Denis Silakov (ROSA Labs)  denis_silakov


Posted Agenda: -or -
Posted Agenda (modified):
=================
  - Recap of the Collab Summit: results of LSB meeting, other 
activities.

  - Next steps: where do we go from here?  LSB 5.0, other 
updates.

New business:
=============

Meeting opens at 11:00 with:

Introductory remarks about the Collab Summit last week; more 
aggressive about rolling out updates in the 4 series; initial 
plan for 5 seems in place

A Thursday Collab Summit talk covered a 'relaunch' of glibc 
and its consuming community and the eglibc fork (Debian / 
Ubuntu bolting caught the mainline glibc's attention).  Prior 
examples include emacs, gcc, ...

So Jeff approached Carlos O'Donnell (functional 'lead log' on 
the re-launched glibc effort)[1] [2]; encouraging noises were 
made, but we will see if this bears fruit going forward. 
glibc is interested in expanding test coverage, and so there 
seems to be a good fit to LSB's present practice

Takeaway: at least for the present, it may well be possible to 
get some long-standing LSB desired interfaces addressed, and a 
re-examination of previously rejected matters may not be 
attainable

LSB navigator seems to have XSS holes; there is a bug filed 
[3], but as a result the navigator is offline atm.  A Spanish 
language demonstration Proof of Concept screenshot was 
provided, but in out of band contact, Jeff noted that the 
reporter of the bug was not interested in providing the 
exploit scanner for testing.  The web team are pretty sure 
that other holes exist however and an audit is in process

This brings up a need to do an audit / re-examination of the 
Navigator code, esp as to getting sanitization code run 
earlier rather than the current model of passing a user 
provided input around 'un-escaped' until use

Administrative interface may also need audit and attention. 
It is not used much, and so is not heavily tested; adding 
better ACLs comes to mind as well.  The admin interface is not 
customarily left enabled and when it is, it has been used 
'locally'

Jeff is 'on point' on that audit


On to substantive matters, Jeff and Robert discuss task 
decomposition process

Robert will scope out dbus, and test modularization
Glen will touch the SANE related matter

There is an old email thread estimating work on library 
uplifts from Denis last year to consulted as well, with some 
numbers; checking my archive I do not readily find it

Jeff will use some automation to emit 'order of magnitude' 
number of tasks over the next week; this may be overly 
ambitious ... we will see; Robert particularly expects that 
the Gtk changes will be profuse ... as a hypothetical, finding 
that 30k possible interfaces would not be useful, and suggests 
that choosing one task at a time may be more productive

IBM has responded as to Power system access, so contact has 
been made, and is advancing

Call ends at local Noon


Weekly Bug triage:
==================
irc-only #lsb-meeting at freenode.net
Thurs at 10:00 Eastern
Bugzilla stats as of 11 Apr 2012: 496 open (491 assigned, 3 
new, 1 needinfo). 496 open last week.
New last 90 days: 164, last 30: 35; closed last 90: 104, last 
30: 48
Changed this week: 7, last week: 13.

Bugs that are assigned but have no milestone: 273
Rollup bugs: 23
No-milestone bugs will be the focus of the next few meetings
there was no meeting last week

Reviewboard:
============
http://reviews.lsbtest.net/dashboard/

Next meeting:
=============
18 Apr 2012 11:00 to noon, US ET

gobby unofficial minutes are open for edit for at least 15 min 
after each call, and then issued into the mailing list

[1] http://comments.gmane.org/gmane.comp.lib.glibc.alpha/19121
[2] https://events.linuxfoundation.org/events/collaboration-summit/odonell
Linux Foundation Collaboration Summit 2012 | Presentations
The Future of the GNU C Library

The GNU C Library (GLIBC) is a part of almost all Linux 
systems deployed today. Along with GCC the library is part of 
the framework that implements the userspace requirements for 
several standards including ISO C and POSIX. While standards 
conformance provides a stable base upon which many users can 
design, test, and implement quality software, the 
responsibilities of the library do not end there. Given the 
complexity of Linux-based solutions GLIBC is unique positioned 
to provide: userspace thread profiling information, optimized 
function selection based on local cpu type, size and feature 
customizability based on POSIX profiles. This talk examines 
the current state of the GLIBC community and the steps being 
taken to make this core component relevant to more users and 
the problems they seek to solve using Linux.

Carlos O'Donell, Mentor Graphics

Carlos O'Donell works for Mentor Graphics in the Embedded 
Systems Division where he works on Sourcery CodeBench a full 
C/C++ development environment built on top of open-source 
components. Carlos is an active GLIBC maintainer and has been 
working on the project for over 10+ years since he started as 
the HPPA ports maintainer. Just last year Carlos started 
representing Canada as part of ISO/IEC JTC1/SC22 with 
particular interest in WG14/C, POSIX and LSB.

[3] https://lsbbugs.linuxfoundation.org/show_bug.cgi?id=3487

=======================================
This document: LSB minutes 20120411.txt


More information about the lsb-discuss mailing list