Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Problem with images in the sigs
View unanswered posts
View posts from last 24 hours

Goto page 1, 2, 3  Next  
This topic is locked: you cannot edit posts or make replies.    Gentoo Forums Forum Index Gentoo Forums Feedback
View previous topic :: View next topic  
Author Message
pilla
Bodhisattva
Bodhisattva


Joined: 07 Aug 2002
Posts: 7730
Location: Underworld

PostPosted: Fri Dec 26, 2003 2:46 pm    Post subject: Problem with images in the sigs Reply with quote

The sigs that have images are presenting strange numbers after the "img" tags, like this:

Code:

[img:cbeaad30c4]http://antipersonnel.org/media/images/sigpic/free.gif[/img:cbeaad30c4]


Mine is presenting too, but I don't know why.
_________________
"I'm just very selective about the reality I choose to accept." -- Calvin
Back to top
View user's profile Send private message
krusty_ar
Guru
Guru


Joined: 03 Oct 2002
Posts: 560
Location: Rosario, Argentina

PostPosted: Fri Dec 26, 2003 3:48 pm    Post subject: Reply with quote

I seems some kind of style or something, maybe phpbbuses this to adjust the presentation of the img, and there's some bug...
_________________
I am Beta, don't expect correct behaviour from me.
Take part of the adopt an unaswered post initiative
Back to top
View user's profile Send private message
klieber
Bodhisattva
Bodhisattva


Joined: 17 Apr 2002
Posts: 3657
Location: San Francisco, CA

PostPosted: Fri Dec 26, 2003 3:50 pm    Post subject: Reply with quote

we have temporarily disabled the use of [img] on our board. More details will be released at a later time.

--kurt
_________________
The problem with political jokes is that they get elected
Back to top
View user's profile Send private message
pilla
Bodhisattva
Bodhisattva


Joined: 07 Aug 2002
Posts: 7730
Location: Underworld

PostPosted: Fri Dec 26, 2003 3:58 pm    Post subject: Reply with quote

klieber wrote:
we have temporarily disabled the use of [img] on our board. More details will be released at a later time.

--kurt


Roger :)
_________________
"I'm just very selective about the reality I choose to accept." -- Calvin
Back to top
View user's profile Send private message
Squinky86
Retired Dev
Retired Dev


Joined: 25 Mar 2003
Posts: 309
Location: Alabama, USA

PostPosted: Fri Dec 26, 2003 6:52 pm    Post subject: Reply with quote

Does this have anything to do with hotlinking image avatars? I just noticed that seems to also have been disabled :'(.
_________________
Me
Back to top
View user's profile Send private message
adammc
Apprentice
Apprentice


Joined: 07 Oct 2003
Posts: 230
Location: Europe

PostPosted: Fri Dec 26, 2003 7:07 pm    Post subject: Reply with quote

I didn't realise you could do that without modding the vanilla phpBB code :P
_________________
There'd better be fudge when I get home...
Back to top
View user's profile Send private message
airflow
Apprentice
Apprentice


Joined: 14 Dec 2003
Posts: 173
Location: Vienna, Austria

PostPosted: Fri Dec 26, 2003 8:07 pm    Post subject: Reply with quote

Squinky86 wrote:
Does this have anything to do with hotlinking image avatars? I just noticed that seems to also have been disabled :'(.


I noticed this too when I visited the forum today... My image had disappeared and it took me a while to find out the real reason, as I suspected it to be the webserver first. I just wanted to start a new thread because of this, but I see that someone else has already mentioned it... Any comments from the Admins yet?

regards,
airflow
Back to top
View user's profile Send private message
klieber
Bodhisattva
Bodhisattva


Joined: 17 Apr 2002
Posts: 3657
Location: San Francisco, CA

PostPosted: Fri Dec 26, 2003 10:22 pm    Post subject: Reply with quote

airflow wrote:
Any comments from the Admins yet?


klieber is pretty sure that, just a few hours earlier, he wrote:
we have temporarily disabled the use of [img] on our board. More details will be released at a later time.


--kurt
_________________
The problem with political jokes is that they get elected
Back to top
View user's profile Send private message
Squinky86
Retired Dev
Retired Dev


Joined: 25 Mar 2003
Posts: 309
Location: Alabama, USA

PostPosted: Fri Dec 26, 2003 11:52 pm    Post subject: Reply with quote

hehe, he meant for the hotlinking of avatars, not for the IMG tags, which I thought may be inter-related, so I added them to this thread instead of making a new one. Sorry for not making a seperate thread :oops:
Edit: Unless my slow mind didn't pick up that the hotlinking of avatars was only disabled temporarily, also?
airflow wrote:
I suspected it to be the webserver first.

Same here. I think we just need to wait and they'll give us details later.
_________________
Me
Back to top
View user's profile Send private message
viperlin
Veteran
Veteran


Joined: 15 Apr 2003
Posts: 1319
Location: UK

PostPosted: Sun Dec 28, 2003 11:33 pm    Post subject: Reply with quote

well i've started getting complaints about it in my sig so i think we would like those details ASAP :-)
Back to top
View user's profile Send private message
klieber
Bodhisattva
Bodhisattva


Joined: 17 Apr 2002
Posts: 3657
Location: San Francisco, CA

PostPosted: Mon Dec 29, 2003 1:06 pm    Post subject: Reply with quote

viperlin wrote:
well i've started getting complaints about it in my sig so i think we would like those details ASAP :-)

Chances are, we will not be releasing details in the near future (next 2 weeks or so). I suggest you change your sig for now.

--kurt
_________________
The problem with political jokes is that they get elected
Back to top
View user's profile Send private message
Oopsz
Guru
Guru


Joined: 08 Oct 2002
Posts: 340

PostPosted: Tue Dec 30, 2003 3:37 am    Post subject: Reply with quote

:(
_________________
Pop-before-SMTP with the Gentoo Virtual Mailhosting Guide
Back to top
View user's profile Send private message
aridhol
Guru
Guru


Joined: 20 Jan 2003
Posts: 509
Location: Stockholm, Sweden

PostPosted: Tue Dec 30, 2003 3:13 pm    Post subject: Reply with quote

Some non-details then?

They have been disbled because of abuse?
Instabillity?
Rudeness, BandWidth, Estetic feeling, powertrip, flamewars, principle?

But to limit something like this (not really important) and not give any info seems kind of... uh.. silly to me. If there was any discussion that led to disabling them just post a link.

I can accept pretty much any explanation... except no explanation. 2 weeks to explain? Too long unless you give us a statement at least.

And how long is temporarily? As long as For the time being? Or half of eternity?

Oh... I'm nagging. Sorry, I'll leave for now ;)
_________________
72 of Pitcairn Islands 49 inhabitants use Seti@Home
"If you buy a DVD you have a copy. If you want a backup copy you buy another one."
"Anyone who is capable of getting themselves made President should on no account be allowed to do the job."
Back to top
View user's profile Send private message
airflow
Apprentice
Apprentice


Joined: 14 Dec 2003
Posts: 173
Location: Vienna, Austria

PostPosted: Tue Dec 30, 2003 4:56 pm    Post subject: Reply with quote

aridhol wrote:
But to limit something like this (not really important) and not give any info seems kind of... uh.. silly to me. If there was any discussion that led to disabling them just post a link.

I call this behaviour "childish". But "silly" fits well, too.

regards,
airflow
Back to top
View user's profile Send private message
pilla
Bodhisattva
Bodhisattva


Joined: 07 Aug 2002
Posts: 7730
Location: Underworld

PostPosted: Tue Dec 30, 2003 5:04 pm    Post subject: Reply with quote

If it is a security vulnerability, it makes sense not to release any further information until the bugfixes are available. But it is up to the sysadmins to do whatever they think it's the best in this situation. From what I know of them, they wouldn't keep it undisclosed unless there was a very good reason for it.

BTW, all I know about the issue I have learned from this thread.

Maybe we should just ban images from the sigs, then we wouldn't have people complaining about the lack of information on the issue.
_________________
"I'm just very selective about the reality I choose to accept." -- Calvin
Back to top
View user's profile Send private message
Squinky86
Retired Dev
Retired Dev


Joined: 25 Mar 2003
Posts: 309
Location: Alabama, USA

PostPosted: Tue Dec 30, 2003 5:09 pm    Post subject: Reply with quote

pilla wrote:
Maybe we should just ban images from the sigs, then we wouldn't have people complaining about the lack of information on the issue.

I was trying to stay out of this since I felt like things could get a little rude in here, but I was just trying to point out that the avatar hotlinking was offline, too. I really didn't mean to start anything.

Gentoo has some of the best admins in the world. I trust them to do the right thing. They'll tell us what we want to know when it's time for us to know it. Just be patient, guys (and maybe a girl or two, if we're lucky)!

Pilla: There are plenty of members of the Gentoo community willing to help should you ask, but if you or any of the other admins don't want any information public, that's understandable, too.
_________________
Me
Back to top
View user's profile Send private message
pilla
Bodhisattva
Bodhisattva


Joined: 07 Aug 2002
Posts: 7730
Location: Underworld

PostPosted: Tue Dec 30, 2003 5:47 pm    Post subject: Reply with quote

I am just a moderator -- I can move, erase, edit threads, but only using the phpBB moderator interface. I have no access to the inner workings of the system. This is exclusivity of our sysadmins, like rac, pjp, klieber and masseya.

And as I stated before, I don't know why the images were disabled in the sig.
_________________
"I'm just very selective about the reality I choose to accept." -- Calvin
Back to top
View user's profile Send private message
astika
Tux's lil' helper
Tux's lil' helper


Joined: 31 Oct 2003
Posts: 131
Location: /usr/local/src

PostPosted: Wed Dec 31, 2003 3:56 am    Post subject: Reply with quote

most often, it is a bandwidth issue, or off-linking images from other sites, and
those sites might complain.

just have a text sig, works for me :)
_________________
even now in heaven, there were angels carrying savage weapons
Back to top
View user's profile Send private message
stonent
Veteran
Veteran


Joined: 07 Aug 2003
Posts: 1139
Location: Texas

PostPosted: Wed Dec 31, 2003 6:43 am    Post subject: Reply with quote

You should have seen the Dell forums in the glory days. People had large java applets in their sigs. If you entered a large thread on an old computer, you'd lock up. Finally dell killed about 99% of the allowed html tags. Some were fun, like iframe, embed, or if you wanted to really screw up a thread, throw a bunch of /td's and /tr's

When I ran a phpBB2 forum, I removed all html restrictions so that the disappointed Dell forum users could still use their java applets and other fun stuff.

Occasionally I had to warn users for forgetting to close their tags and causing the posts to move all over the place.
_________________
Inspiron 4100 & Sun UltraAXe
Portage on Solaris|Dell Laptop Hacks
The way you feel about organized religion is the same way I feel about organized socialism.
Back to top
View user's profile Send private message
Cerement
Guru
Guru


Joined: 14 Jun 2003
Posts: 404

PostPosted: Wed Dec 31, 2003 9:52 am    Post subject: Reply with quote

another fun one was </script> :twisted:
Back to top
View user's profile Send private message
aridhol
Guru
Guru


Joined: 20 Jan 2003
Posts: 509
Location: Stockholm, Sweden

PostPosted: Wed Dec 31, 2003 11:09 am    Post subject: Reply with quote

pilla wrote:
If it is a security vulnerability, it makes sense not to release any further information until the bugfixes are available.


They don't have to release information about how it was done, just that it was a security vulnerability.

And it's not just in sigs, it's anywere the [img]-tag can be used.
_________________
72 of Pitcairn Islands 49 inhabitants use Seti@Home
"If you buy a DVD you have a copy. If you want a backup copy you buy another one."
"Anyone who is capable of getting themselves made President should on no account be allowed to do the job."
Back to top
View user's profile Send private message
meowsqueak
Veteran
Veteran


Joined: 26 Aug 2003
Posts: 1549
Location: New Zealand

PostPosted: Thu Jan 15, 2004 12:18 am    Post subject: Reply with quote

Could it be related to this, or is this a tad too old? What version of phpBB is forums.gentoo.org using?

http://www.securityfocus.com/bid/4379/info/

Edit: I think I just discovered it was 2.0.4 as of last January, so I guess it's definitely phpBB2 then? A related problem perhaps?
Back to top
View user's profile Send private message
viperlin
Veteran
Veteran


Joined: 15 Apr 2003
Posts: 1319
Location: UK

PostPosted: Thu Jan 15, 2004 12:21 am    Post subject: Reply with quote

meowsqueak wrote:
Could it be related to this, or is this a tad too old? What version of phpBB is forums.gentoo.org using?

http://www.securityfocus.com/bid/4379/info/

Edit: I think I just discovered it was 2.0.4 as of last January, so I guess it's definitely phpBB2 then? A related problem perhaps?


it says at the bottom of the page, version 2.0.6, so yes thats a little over a "tad" old :-)
Back to top
View user's profile Send private message
meowsqueak
Veteran
Veteran


Joined: 26 Aug 2003
Posts: 1549
Location: New Zealand

PostPosted: Thu Jan 15, 2004 12:26 am    Post subject: Reply with quote

Yes, but the problem could be similar. Maybe a way of embedding malicious code in an image has been found, that can work its way around the prevention schemes in phpBB2? I'm just speculating really.
Back to top
View user's profile Send private message
Anior
Guru
Guru


Joined: 17 Apr 2003
Posts: 317
Location: European Union (Stockholm / Sweden)

PostPosted: Tue Jan 20, 2004 12:04 am    Post subject: Reply with quote

Am I the only one here who 's actually /happy/ that they are disabled?
Large bloated sigs all come from satan and are the harbringers of Gehenna *sage nod*

Atleast they make you look like you're just in from the counterstrike forums... :-P
Back to top
View user's profile Send private message
Display posts from previous:   
This topic is locked: you cannot edit posts or make replies.    Gentoo Forums Forum Index Gentoo Forums Feedback All times are GMT
Goto page 1, 2, 3  Next
Page 1 of 3

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum