search for: weakens

Displaying 20 results from an estimated 163 matches for "weakens".

Did you mean: weaken
2009 Sep 16
3
[LLVMdev] Type strengthening and type weakening
Has anyone done any experiments with regards to type strengthening or weakening in the context of LLVM? For example, the GWT compiler does type strengthening - that is, if you are calling a method on an interface or abstract type, and the compiler determines through live variable analysis what the concrete type is, then it goes ahead and re-writes the type information to be the stronger
2009 Sep 16
0
[LLVMdev] Type strengthening and type weakening
Talin wrote: > For example, the GWT compiler does type strengthening - that is, if you > are calling a method on an interface or abstract type, and the compiler > determines through live variable analysis what the concrete type is, > then it goes ahead and re-writes the type information to be the stronger > type. The advantage is that it may then be able to do additional >
2017 Dec 31
2
Legacy option for key length?
Hello, On Sat, Dec 30, 2017 at 12:16 AM, Daniel Kahn Gillmor <dkg at fifthhorseman.net > wrote: > On Thu 2017-12-28 21:31:28 -0800, Dan Mahoney (Gushi) wrote: > > > > Perhaps if you're dead-set on this being so dangerous, > > It's not the developers who are dead-set on weak-keyed RSA being > insecure, it's the cryptanalysts who have shown that to be the
2014 Nov 15
2
[Bug 2317] New: sshd_config man page not clear on PermitUserEnvironment
...t and environment= options in ~/.ssh/authorized_keys are processed by sshd(8). The default is ?no?. Enabling environment pro?cessing may enable users to bypass access restrictions in some configurations using mechanisms such as LD_PRELOAD. What that sounds to me like is that enabling that option weakens the security in general. But after some googling I came across this discussion: http://serverfault.com/questions/527638/security-risks-of-permituserenvironment-in-ssh According to the answer, PermitUserEnvironment only weakens security for restricted accounts, such as scp-only, etc., but has no...
2016 Aug 05
3
Encrypt /decrypta file with ssh keys.
> On 5 Aug 2016, at 18:09, James Murphy <james.murphy.debian at gmail.com> wrote: > > The more mainstream thing to do is just use gpg, which has this > functionality already built in. Is this not suitable for your use case? The advantage of Colin's approach is that gpg requires out of band exchange of gpg keys separately from ssh keys. If you already have ssh keys
2008 Jun 24
3
SME on CentOS, telnet and MySQL
After failing to install on two different machines that were running Windows, I realized that one machine had a bad hard-drive, and the other bad memory. So I've collected the good parts into one machine and installed CentOS with SME. This was the fastest install of Linux I have every seen, 15 minutes done, configured, and running, web and email server. It is a very secure config, no GUI
2014 Aug 27
2
[LLVMdev] Bug 16257 - fmul of undef ConstantExpr not folded to undef
> On Aug 27, 2014, at 6:34 AM, Duncan Sands <duncan.sands at deepbluecap.com> wrote: > > I think you should try to get LLVM floating point experts involved, to find out their opinion about whether LLVM should really assume that snans always trap. > > If they think it is fine to assume trapping, then you can fold any floating point operation with an "undef" operand
2012 Oct 05
0
[LLVMdev] LLVM Loop Vectorizer
> Regarding TLI. So, DAGCombine, CodeGenPrepare, LoopReduce all use the TLI > interface which can answer questions such as "is this operation supported ?" > or "is this type legal". This is a subset of what we need in a vectorized. > We can discuss other requirements that the vectorizer may have after we > finish with the first phase. I suspect that we may
2015 Mar 26
2
FYI: SSH1 now disabled at compile-time by default
My two-cents removing v1 from the server - excellent. removing it from the client - admirable, but there are many potential operational concerns as mentioned above. I'll chat a bit about personal experience with removal of something as being "more secure" when it's effect is actually lessen "security" Possible solution - even for beyond ? Create a new client that
2014 May 23
2
[LLVMdev] RFC: Indexing of structs vs arrays in getelementpointer
...t sub-struct to use for > interpreting the next index in the event of heterogeneity. Without > this, we can't do anything, and so we definitionally preclude the > transform. > > > While clearly we can make this transform safely for homogenous > structs, doing so seriously weakens the IR's guarantees. I'd not > like to see us go that direction. To what guarantees are you referring? Thanks again, Hal > > > Instead, if this transformation is indeed important (and it sounds > like it is), I have a somewhat crazier idea: fold homogeneous struct > t...
2016 Apr 04
1
VPN suggestions centos 6, 7
On 04/04/2016 12:11 PM, Jussi Hirvi wrote: > This made me google around a little, and I found some good info here. > They, too, kind of recommend openvpn. > http://www.howtogeek.com/211329/which-is-the-best-vpn-protocol-pptp-vs.-openvpn-vs.-l2tpipsec-vs.-sstp/ > This is not good information. In brief: "There are some concerns that the NSA could have weakened the standard,
2018 Mar 21
0
Proposal to reduce check times by skipping GitHub pulls and issues URL checks
When a package is submitted to CRAN, part of the quality control process is to ensure any URLs in the package point are valid. While this requirement is sound, it can add considerably to check times since each URL takes around a second to check. There are around 70,000 URLs on CRAN that are checked currently, of which around 12,000 have a github.com domain (by far the most common domain, the next
2011 Jun 16
1
Privilege Separation Design Question
Hello all, I have a question about the design of the privilege separation aspect of openSSH. From what I understand, the interface between the privileged process and the unprivileged one is implemented as a set of well-defined operations with only a small subset of these operations enabled at any given time. These operations are enabled and disabled depending on the task at hand. What I am
2013 Sep 14
0
ECDSA curve used in new protocol has suspicious seed value
Hi there, As I'm sure you are aware, there are suspicions (as usual) against the NSA potentially weakening crypto around the globe. This time it is about a cipher that is/will be used in the new tinc protocol: ECDSA According to https://github.com/gsliepen/tinc/blob/1.1/src/openssl/ecdsagen.c you use the secp521r1 curve, which is derived (according to
2014 Jan 22
3
[LLVMdev] Why should we have the LoopPass and LoopPassManager? Can we get rid of this complexity?
On Wed, Jan 22, 2014 at 1:01 AM, Andrew Trick <atrick at apple.com> wrote: > On Jan 22, 2014, at 12:44 AM, Chandler Carruth <chandlerc at gmail.com> > wrote: > > > On Wed, Jan 22, 2014 at 12:33 AM, Andrew Trick <atrick at apple.com> wrote: > >> > There appear to be two chunks of "functionality" provided by loop >> passes: >> >
2005 Mar 10
7
Problem with apache in CentOS 4.0 (final)
Hi everyone! In my new CentOS 4.0 (final ;-) I installed apache and activates SELinux, When I tried to enter a page of some user (localhost/~user) said to me that she did not have permissions to see it, and this was incorrect, because the permissions was 755 (/home/user/html). After awhile it was happened to me to deactivate selinux and I reinitiated the machine and I work! Somebody knows why
2017 May 24
1
reg-tests-1d.R fails in r72721
On 2017-05-24, Duncan Murdoch wrote: [...] > Okay, how about if we weaken the test? [...] > try > > stopifnot(path.expand(paste0("~/", filename)) == > paste0(path.expand("~/"), filename)) > Nope: > ## path.expand shouldn't translate to local encoding PR#17120 > filename <- "\U9b3c.R" > >
2004 Feb 17
1
LDAP configuration
Hello, I've just installed dovecot to replace courier-imap and I've found out it didn't support some of the typical LDAP userPassword schemes, so I've written some based on OpenSSL API. Furthermore I noticed that the MD5 one seems broken. If it isn't a requirement to ship its own implementation of a crypto algorithm, I would send in a patch to replace schema checks with
2015 May 09
1
Q: respecting .ssh/id_rsa
...les it will create. > grep ssh /var/log/audit/audit.log| audit2allow -M ssh > # Creates the modules > > semodule -I ssh.pp > > sshd is the server; ssh is the client. > > <cleveland>No no no no nooooo </Cleveland> Blindly running audit2allow and creating modules weakens your security not enhances it. If you have not messed up your labeling then SSH will have no problem reading keys - SSH keys are fully supported under the policy shipped with CentOS. If you are mounting your home elsewhere do: semanage fcontext -a -e /home /mynewspecialhome restorecon -Rv /myn...
2015 Aug 19
1
[PATCH v2 2/2] virtio-net: add default_mtu configuration field
On Mon, Aug 17, 2015 at 11:07:15AM +0800, Jason Wang wrote: > > > On 08/16/2015 09:42 PM, Victor Kaplansky wrote: > > @@ -3128,6 +3134,7 @@ struct virtio_net_config { > > u8 mac[6]; > > le16 status; > > le16 max_virtqueue_pairs; > > + le16 default_mtu; > > Looks like "mtu" is ok, consider we use