From nobody@FreeBSD.org  Mon Nov  7 14:32:08 2005
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 9C81C16A41F
	for <freebsd-gnats-submit@FreeBSD.org>; Mon,  7 Nov 2005 14:32:08 +0000 (GMT)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [216.136.204.117])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 6D7C243D48
	for <freebsd-gnats-submit@FreeBSD.org>; Mon,  7 Nov 2005 14:32:08 +0000 (GMT)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.13.1/8.13.1) with ESMTP id jA7EW8kH029857
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 7 Nov 2005 14:32:08 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.13.1/8.13.1/Submit) id jA7EW8ue029856;
	Mon, 7 Nov 2005 14:32:08 GMT
	(envelope-from nobody)
Message-Id: <200511071432.jA7EW8ue029856@www.freebsd.org>
Date: Mon, 7 Nov 2005 14:32:08 GMT
From: aeonflux <aeonflux@aeonflux.no-ip.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: privoxy poor defaults
X-Send-Pr-Version: www-2.3

>Number:         88602
>Category:       ports
>Synopsis:       privoxy poor defaults
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    pav
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Nov 07 14:40:12 GMT 2005
>Closed-Date:    Mon Nov 14 08:37:43 GMT 2005
>Last-Modified:  Thu Nov 17 00:00:24 GMT 2005
>Originator:     aeonflux
>Release:        it's a port, but 5.4 and 6.0
>Organization:
private
>Environment:
The problem lays in the port of privoxy
>Description:
the privoxy port by default runs as root, when you run the
/usr/local/etc/rc.d/privoxy.sh script the daemon binds to the privoxy port and
listens as uid=0!

Seriously, it's a non priviledged port there's no reason to have this daemon
listenning to a network socket as root.
>How-To-Repeat:
run the rc.d script, look at what uid is running the daemon.
>Fix:
Small fix to the privoxy.sh script to allow it to run as a privoxy/squid/cache
user of some type.  Maybe fix some of the defaults to let it write to it's log
file.
>Release-Note:
>Audit-Trail:

From: Edwin Groothuis <edwin@FreeBSD.org>
To: john@essenz.com
Cc: bug-followup@FreeBSD.org
Subject: Re: ports/88602: www/privoxy poor defaults
Date: Mon, 7 Nov 2005 20:10:06 UT

 Maintainer of www/privoxy,
 
 Please note that PR ports/88602 just has been submitted.
 
 If it contains a patch for an upgrade, an enhancement or a bug fix
 you agree on, reply to this email stating that you approve the patch
 and a committer will take care of it.
 
 The full text of the PR can be found at:
     http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/88602
 
 -- 
 Edwin Groothuis
 edwin@FreeBSD.org

From: John Von Essen <john@essenz.com>
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/88602: privoxy poor defaults
Date: Mon, 7 Nov 2005 15:59:19 -0500 (EST)

 Edwin,
 
 I will test changes on my 5.4-RELEASE machine and post feedback. I'll try
 out the non-root user changes, as well as some basic logging defaults.
 
 Thanks
 John Von Essen
State-Changed-From-To: open->feedback 
State-Changed-By: pav 
State-Changed-When: Fri Nov 11 18:06:09 GMT 2005 
State-Changed-Why:  
Waiting for a patch to come 

http://www.freebsd.org/cgi/query-pr.cgi?pr=88602 

From: Pav Lucistnik <pav@FreeBSD.org>
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/88602: privoxy poor defaults
Date: Mon, 14 Nov 2005 00:03:03 +0100

 Here is the patch from the originator:
 
 --- privoxy/Makefile	Wed Mar  2 15:28:43 2005
 +++ privoxy/Makefile	Sun Nov 13 02:41:38 2005
 @@ -48,6 +48,8 @@
  pre-install:
  	@${SED} -e 's,%%PREFIX%%,${PREFIX},g' \
  		${PKGDIR}/pkg-message.in > ${PKGMESSAGE}
 +	@${SETENV} PKG_PREFIX=${PREFIX} ${SH} \
 +                ${PKGINSTALL} ${PKGNAME} PRE-INSTALL
  
  do-install:
  	@${MKDIR} ${PREFIX}/etc/privoxy/templates
 @@ -67,5 +69,11 @@
  post-install:
  	${INSTALL_SCRIPT} ${WRKSRC}/privoxy.sh ${PREFIX}/etc/rc.d/
  	@${CAT} ${PKGMESSAGE}
 +	${TOUCH} /var/log/privoxy
 +	${CHOWN} privoxy:privoxy /var/log/privoxy
 +	${CHMOD} 0640 /var/log/privoxy
 +	${TOUCH} /var/log/jarfile
 +       ${CHOWN} privoxy:privoxy /var/log/jarfile
 +       ${CHMOD} 0600 /var/log/jarfile
  
  .include <bsd.port.mk>
 --- privoxy/files/privoxy.sh.in	Thu Feb 17 12:43:02 2005
 +++ privoxy/files/privoxy.sh.in	Sun Nov 13 02:34:08 2005
 @@ -30,7 +30,7 @@
  		echo "${name} is already running"
  	else
  		echo "Starting ${name}."
 -        	${command} ${privoxy_flags} ${configfile} --pidfile ${pidfile} \
 +        	su -m privoxy -c '${command} ${privoxy_flags} ${configfile} --pidfile ${pidfile}' \
  		1>/dev/null 2>&1
  	fi
  }
 --- privoxy/pkg-install	Wed Dec 31 20:00:00 1969
 +++ privoxy/pkg-install	Sun Nov 13 02:36:35 2005
 @@ -0,0 +1,33 @@
 +#!/bin/sh
 +
 +if [ "$2" != "PRE-INSTALL" ]; then
 +    exit 0
 +fi
 +
 +PW=/usr/sbin/pw
 +ECHO=echo
 +USER=privoxy
 +GROUP=${USER}
 +UIDGID=201
 +
 +if ! ${PW} groupshow "${GROUP}" 2>/dev/null 1>&2; then
 +	if ${PW} groupadd ${GROUP} -g ${UIDGID}; then
 +		${ECHO} "Added group \"${GROUP}\"."
 +	else
 +                ${ECHO} "Adding group \"${GROUP}\" failed..."
 +                exit 1
 +        fi
 +fi
 +
 +if ! ${PW} usershow "${USER}" 2>/dev/null 1>&2; then
 +        if ${PW} useradd ${USER} -g ${GROUP} -h - \
 +                -s "/sbin/nologin" -d "/nonexistent" \
 +                -c "privoxy pseudo-user" -u ${UIDGID}; \
 +        then
 +                ${ECHO} "Added user \"${USER}\"."
 +        else
 +                ${ECHO} "Adding user \"${USER}\" failed..."
 +                exit 1
 +        fi
 +fi
 +exit 0
 
 -- 
 Pav Lucistnik <pav@oook.cz>
               <pav@FreeBSD.org>
 
 It's time for the penguin on top of your television set to explode.
State-Changed-From-To: feedback->open 
State-Changed-By: pav 
State-Changed-When: Mon Nov 14 00:03:54 GMT 2005 
State-Changed-Why:  
Patch came 

http://www.freebsd.org/cgi/query-pr.cgi?pr=88602 
State-Changed-From-To: open->feedback 
State-Changed-By: pav 
State-Changed-When: Mon Nov 14 00:05:04 GMT 2005 
State-Changed-Why:  
Ask maintainer for approval 


Responsible-Changed-From-To: freebsd-ports-bugs->pav 
Responsible-Changed-By: pav 
Responsible-Changed-When: Mon Nov 14 00:05:04 GMT 2005 
Responsible-Changed-Why:  
Poke 

http://www.freebsd.org/cgi/query-pr.cgi?pr=88602 

From: Pav Lucistnik <pav@FreeBSD.org>
To: bug-followup@FreeBSD.org, john@essenz.com
Cc:  
Subject: Re: ports/88602: privoxy poor defaults
Date: Mon, 14 Nov 2005 01:05:01 +0100

 Dear maintainer of FreeBSD port www/privoxy, please take a look at
 
 http://www.freebsd.org/cgi/query-pr.cgi?q=88602
 
 Do you approve this patch at the end of the audit trail?
 
 -- 
 Pav Lucistnik <pav@oook.cz>
               <pav@FreeBSD.org>
 
 Stupidity got us into this mess -- why can't it get us out?

From: John Von Essen <john@essenz.com>
To: pav@FreeBSD.org
Cc: bug-followup@FreeBSD.org
Subject: Re: ports/88602: privoxy poor defaults
Date: Sun, 13 Nov 2005 21:46:45 -0500

 Pav,
 
 Just got done testing this patch on 5.4 and 6.0 and everything looks 
 good. Please feel free to commit this. When your done, let me know, and 
 I'll test it again from updated ports tree.
 
 Thanks
 John Von Essen
 
 On Nov 13, 2005, at 7:05 PM, Pav Lucistnik wrote:
 
 > Dear maintainer of FreeBSD port www/privoxy, please take a look at
 >
 > http://www.freebsd.org/cgi/query-pr.cgi?q=88602
 >
 > Do you approve this patch at the end of the audit trail?
 >
 > -- 
 > Pav Lucistnik <pav@oook.cz>
 >               <pav@FreeBSD.org>
 >
 > Stupidity got us into this mess -- why can't it get us out?
 >
 
State-Changed-From-To: feedback->closed 
State-Changed-By: pav 
State-Changed-When: Mon Nov 14 08:37:09 GMT 2005 
State-Changed-Why:  
Committed, thanks! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=88602 

From: Adam McMaster <adam@moosoft.net>
To: bug-followup@FreeBSD.org, aeonflux@aeonflux.no-ip.com
Cc:  
Subject: Re: ports/88602: privoxy poor defaults
Date: Tue, 15 Nov 2005 18:39:39 +0000

 After updating Privoxy to the new version, it failed to start with the
 following errors:
 
 > root@phoenix:/usr/local/etc/rc.d$ ./privoxy.sh start
 > Starting privoxy.
 > su: --pidfile: command not found
 
 And then after I'd fixed that:
 
 > root@phoenix:/usr/local/etc/rc.d$ ./privoxy.sh start
 > Starting privoxy.
 > Nov 15 18:08:32 Privoxy(134750208) Info: can't open pidfile '/var/run/privoxy.pid': Permission denied
 > Nov 15 18:08:32 Privoxy(134750208) Info: loading configuration file '/usr/local/etc/privoxy/config':
 > Nov 15 18:08:32 Privoxy(134750208) Fatal error: init_error_log(): can't open logfile: /tmp/logfile
 > Nov 15 18:08:32 Privoxy(134750208) Fatal error: init_error_log(): can't open logfile: /tmp/logfile
 
 I had to make the following changes to get it running:
 
 In /usr/local/etc/rc.d/privoxy.sh:
 -	privoxy_pidfile=${privoxy_pidfile-"/var/run/privoxy.pid"}
 +	privoxy_pidfile=${privoxy_pidfile-"/var/run/privoxy/privoxy.pid"}
 
 -	su -m privoxy -c '${command} ${privoxy_flags} ${configfile} --pidfile
 ${pidfile}' \
 +	su -m privoxy -c "${command} ${privoxy_flags} ${configfile} --pidfile
 ${pidfile}" \
 
 In /usr/local/etc/privoxy/config:
 -	logdir /tmp
 +	logdir /var/log/privoxy
 
 The change of logdir is especially important, because using /tmp could
 pose a security risk (you know that when privoxy is started it will be
 writing to /tmp/logfile, which a malicious user could exploit).
 
 The directories /var/log/privoxy and /var/run/privoxy needed to be
 created and chown'd to privoxy.
 
 
 -- 
 Adam McMaster <adam@moosoft.net>
 

From: aeonflux <aeonflux@aeonflux.no-ip.com>
To: Adam McMaster <adam@moosoft.net>
Cc: bug-followup@freebsd.org
Subject: Re: ports/88602: privoxy poor defaults
Date: Tue, 15 Nov 2005 21:52:37 -0400

 --nextPart3891473.dnn1m0OokM
 Content-Type: text/plain;
   charset="iso-8859-1"
 Content-Transfer-Encoding: quoted-printable
 Content-Disposition: inline
 
 Wow, do I feel stupid.  I shoud have tested more thoroughly, my apologies.
 
 > The directories /var/log/privoxy and /var/run/privoxy needed to be
 > created and chown'd to privoxy.
 Yes absolutely the makefile post-install section will need to be updated.
 I'll attach a patch now that makes these following changes, thanks for the=
 =20
 feedback Adam.  I guess you caught me sleeping.
 
 i see a few of the changes have already been done.  However
 
 =2D-- Makefile        Tue Nov 15 21:49:41 2005
 +++ Makefile    Tue Nov 15 21:51:17 2005
 @@ -60,15 +60,15 @@
  .endif
 
  post-install:
 =2D       ${TOUCH} /var/log/privoxy
 +       ${MKDIR} /var/log/privoxy
         ${CHOWN} privoxy:privoxy /var/log/privoxy
 =2D       ${CHMOD} 0640 /var/log/privoxy
 +       ${CHMOD} 0750 /var/log/privoxy
         ${TOUCH} /var/log/jarfile
         ${CHOWN} privoxy:privoxy /var/log/jarfile
         ${CHMOD} 0600 /var/log/jarfile
 =2D       ${TOUCH} /var/run/privoxy
 +       ${MKDIR} /var/run/privoxy
         ${CHOWN} privoxy:privoxy /var/run/privoxy
 =2D       ${CHMOD} 0600 /var/run/privoxy
 +       ${CHMOD} 0750 /var/run/privoxy
         @${CAT} ${PKGMESSAGE}
 
  .include <bsd.port.mk>
 
 Might be a good idea too if you want this to work.  as /var/log/privoxy=20
 and /var/run/privoxy are directories!
 
 --nextPart3891473.dnn1m0OokM
 Content-Type: application/pgp-signature
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.2 (GNU/Linux)
 
 iD8DBQBDepDo1mDajpZ9rHwRAvLHAKCBoklJfUlFRu0zurcLVrhrUsWHmQCgtqg4
 TkP7jzauDn5U5Ams4ZSXlKo=
 =sT47
 -----END PGP SIGNATURE-----
 
 --nextPart3891473.dnn1m0OokM--

From: aeonflux <aeonflux@aeonflux.no-ip.com>
To: Adam McMaster <adam@moosoft.net>
Cc: bug-followup@freebsd.org
Subject: Re: ports/88602: privoxy poor defaults
Date: Tue, 15 Nov 2005 23:22:50 -0400

 --nextPart3395204.BdaLFdVuQt
 Content-Type: text/plain;
   charset="iso-8859-1"
 Content-Transfer-Encoding: quoted-printable
 Content-Disposition: inline
 
 On November 15, 2005 02:39 pm, Adam McMaster wrote:
 > In /usr/local/etc/privoxy/config:
 > -	logdir /tmp
 > +	logdir /var/log/privoxy
 >
 > The change of logdir is especially important, because using /tmp could
 > pose a security risk (you know that when privoxy is started it will be
 > writing to /tmp/logfile, which a malicious user could exploit).
 It's worth mentioning, that race condition pre-existed my patch to privoxy.=
  =20
 In fact it was introduced in 2002 by nork.  I do hope at this point however=
 =20
 people are mounting /tmp with nosymfollow if they care about security.
 
 Obviously I should have done better patch validation before firing off a qu=
 ick=20
 off the cuff patch.
 
 --nextPart3395204.BdaLFdVuQt
 Content-Type: application/pgp-signature
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.2 (GNU/Linux)
 
 iD8DBQBDeqYK1mDajpZ9rHwRAiWiAKDnOhndjvmVuTxN5wEQxXujpkoMVgCeNquk
 STaD23cGbzJXEmYGlCW49NU=
 =ZcDb
 -----END PGP SIGNATURE-----
 
 --nextPart3395204.BdaLFdVuQt--

From: Pav Lucistnik <pav@FreeBSD.org>
To: aeonflux <aeonflux@aeonflux.no-ip.com>, adam@moosoft.net
Cc: bug-followup@FreeBSD.org
Subject: Re: ports/88602: privoxy poor defaults
Date: Wed, 16 Nov 2005 09:55:55 +0100

 --=-pyI0ZN5HAPWEHtRIlfqw
 Content-Type: text/plain; charset=ISO8859-2
 Content-Transfer-Encoding: quoted-printable
 
 aeonflux p=ED=B9e v st 16. 11. 2005 v 02:00 +0000:
 
 >  Wow, do I feel stupid.  I shoud have tested more thoroughly, my apologie=
 s.
 > =20
 >  i see a few of the changes have already been done.  However
 > =20
 >  =3D2D-- Makefile        Tue Nov 15 21:49:41 2005
 >  +++ Makefile    Tue Nov 15 21:51:17 2005
 >  @@ -60,15 +60,15 @@
 >   .endif
 > =20
 >   post-install:
 >  =3D2D       ${TOUCH} /var/log/privoxy
 >  +       ${MKDIR} /var/log/privoxy
 >          ${CHOWN} privoxy:privoxy /var/log/privoxy
 >  =3D2D       ${CHMOD} 0640 /var/log/privoxy
 >  +       ${CHMOD} 0750 /var/log/privoxy
 >          ${TOUCH} /var/log/jarfile
 >          ${CHOWN} privoxy:privoxy /var/log/jarfile
 >          ${CHMOD} 0600 /var/log/jarfile
 >  =3D2D       ${TOUCH} /var/run/privoxy
 >  +       ${MKDIR} /var/run/privoxy
 >          ${CHOWN} privoxy:privoxy /var/run/privoxy
 >  =3D2D       ${CHMOD} 0600 /var/run/privoxy
 >  +       ${CHMOD} 0750 /var/run/privoxy
 >          @${CAT} ${PKGMESSAGE}
 
 Yech! Fixed..
 
 --=20
 Pav Lucistnik <pav@oook.cz>
               <pav@FreeBSD.org>
 
 One Unix to rule them all, One Resolver to find them,
 One IP to bring them all and in the zone to bind them.
 
 --=-pyI0ZN5HAPWEHtRIlfqw
 Content-Type: application/pgp-signature; name=signature.asc
 Content-Description: Toto je =?iso-8859-2?Q?digit=E1ln=EC?=
 	=?ISO-8859-1?Q?_podepsan=E1?= =?iso-8859-2?Q?_=E8=E1st?=
 	=?ISO-8859-1?Q?_zpr=E1vy?=
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.2 (FreeBSD)
 
 iD8DBQBDevQbntdYP8FOsoIRAnToAJ40RMvq8qcc6j5PjVqzyN3IzC/S4ACeKjFi
 DZ+ddNOA1UYZD9t/Q6XMozA=
 =8WcW
 -----END PGP SIGNATURE-----
 
 --=-pyI0ZN5HAPWEHtRIlfqw--

From: aeonflux <aeonflux@aeonflux.no-ip.com>
To: pav@freebsd.org
Cc: adam@moosoft.net,
 bug-followup@freebsd.org
Subject: Re: ports/88602: privoxy poor defaults
Date: Wed, 16 Nov 2005 19:47:06 -0400

 --nextPart1271555.i9T1GjVnGU
 Content-Type: text/plain;
   charset="utf-8"
 Content-Transfer-Encoding: quoted-printable
 Content-Disposition: inline
 
 =2D        ${TOUCH} /var/log/jarfile
 =2D        ${CHOWN} privoxy:privoxy /var/log/jarfile
 =2D        ${CHMOD} 0600 /var/log/jarfile
 
 On the makefile would probably be smart too, since jar will written to insi=
 de=20
 of /var/log/privoxy rather then in /var/log  Not that this breaks the port =
 in=20
 any way, it just creates an unnecessary and unused file.
 
 On November 16, 2005 04:55 am, Pav Lucistnik wrote:
 > aeonflux p=C3=AD=C5=A1e v st 16. 11. 2005 v 02:00 +0000:
 > >  Wow, do I feel stupid.  I shoud have tested more thoroughly, my
 > > apologies.
 > >
 > >  i see a few of the changes have already been done.  However
 > >
 > >  =3D2D-- Makefile        Tue Nov 15 21:49:41 2005
 > >  +++ Makefile    Tue Nov 15 21:51:17 2005
 > >  @@ -60,15 +60,15 @@
 > >   .endif
 > >
 > >   post-install:
 > >  =3D2D       ${TOUCH} /var/log/privoxy
 > >  +       ${MKDIR} /var/log/privoxy
 > >          ${CHOWN} privoxy:privoxy /var/log/privoxy
 > >  =3D2D       ${CHMOD} 0640 /var/log/privoxy
 > >  +       ${CHMOD} 0750 /var/log/privoxy
 > >          ${TOUCH} /var/log/jarfile
 > >          ${CHOWN} privoxy:privoxy /var/log/jarfile
 > >          ${CHMOD} 0600 /var/log/jarfile
 > >  =3D2D       ${TOUCH} /var/run/privoxy
 > >  +       ${MKDIR} /var/run/privoxy
 > >          ${CHOWN} privoxy:privoxy /var/run/privoxy
 > >  =3D2D       ${CHMOD} 0600 /var/run/privoxy
 > >  +       ${CHMOD} 0750 /var/run/privoxy
 > >          @${CAT} ${PKGMESSAGE}
 >
 > Yech! Fixed..
 
 --nextPart1271555.i9T1GjVnGU
 Content-Type: application/pgp-signature
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.2 (GNU/Linux)
 
 iD8DBQBDe8T61mDajpZ9rHwRAkVcAJ9lWVvvf4Y9elKVQjP+B2PWRXdu+gCeIdus
 k0RblaVjihZoCSaN1gRBf6M=
 =F764
 -----END PGP SIGNATURE-----
 
 --nextPart1271555.i9T1GjVnGU--

From: Pav Lucistnik <pav@FreeBSD.org>
To: aeonflux <aeonflux@aeonflux.no-ip.com>
Cc: adam@moosoft.net, bug-followup@FreeBSD.org
Subject: Re: ports/88602: privoxy poor defaults
Date: Thu, 17 Nov 2005 00:53:03 +0100

 --=-bQm2HNU2NLKiluz7AI0Y
 Content-Type: text/plain; charset=ISO-8859-2
 Content-Transfer-Encoding: quoted-printable
 
 aeonflux p=ED=B9e v st 16. 11. 2005 v 19:47 -0400:
 
 > -        ${TOUCH} /var/log/jarfile
 > -        ${CHOWN} privoxy:privoxy /var/log/jarfile
 > -        ${CHMOD} 0600 /var/log/jarfile
 >=20
 > On the makefile would probably be smart too, since jar will written to in=
 side=20
 > of /var/log/privoxy rather then in /var/log  Not that this breaks the por=
 t in=20
 > any way, it just creates an unnecessary and unused file.
 
 Okay, changed.
 
 --=20
 Pav Lucistnik <pav@oook.cz>
               <pav@FreeBSD.org>
 
 Alignment: Neutral Greedy
 
 --=-bQm2HNU2NLKiluz7AI0Y
 Content-Type: application/pgp-signature; name=signature.asc
 Content-Description: Toto je =?iso-8859-2?Q?digit=E1ln=EC?=
 	=?ISO-8859-1?Q?_podepsan=E1?= =?iso-8859-2?Q?_=E8=E1st?=
 	=?ISO-8859-1?Q?_zpr=E1vy?=
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.2 (FreeBSD)
 
 iD8DBQBDe8ZfntdYP8FOsoIRAjWrAJ9vJFQizR1gkvcFC+bxAatXSP2dyACcDPXg
 FpQIi5qev9RE4DAUr6hN8Ko=
 =EGWV
 -----END PGP SIGNATURE-----
 
 --=-bQm2HNU2NLKiluz7AI0Y--
>Unformatted:
