Main Inclusion Report for libproxy


  1. Availability:; built everywhere except hppa (needs building) as of January 8th, 2009.

  2. Rationale:

    • Build dependency of libsoup, will be required for GNOME 2.26 (already blocking GNOME 2.25).
  3. Security:

    • CVE entries: No CVEs.

    • Secunia history: No Secunia matches.

    • No daemons. No suid/guid binaries. Everything running on userspace.
    • Network activity: doesn't open ports. It handles proxy configuration from many sources. Upstream 0.2.3 version has WPAD DNS devolution support. This is risky. Florian Weimer raised some concerns about this, addressed here. We will disable WPAD DNS lookup except for the given domain (which doesn't imply a security risk).

    • Does not handle binary data AFAIK.
    • Package reviewed by Sebastien Bacher and Martin Pitt before being accepted into universe (not sure if source was reviewed though).
  4. Quality assurance:

  5. UI standards:

    • Not relevant (no strings, no desktop files needed).
  6. Standards compliance:

  7. Dependencies:

    • Depends on libc6. Plugin dependencies are dlopened on runtime so that we don't need to depend on a ton of packages. If you use GNOME, the GNOME plugin will be used for you, if you use KDE the KDE plugin...
    • libc6 is in main, yes Smile :)

  8. Maintenance:

    • Shouldn't take a lot of time to maintain.
    • Emilio Pozuelo Monfort will maintain it, but any help is welcome!
  9. Background information:

    • This is and has always been libproxy.


MIR bug:

MIR written by Emilio Pozuelo Monfort.

MainInclusionReportLibProxy (last edited 2009-01-08 03:21:46 by 107)