search for: d3b0

...tunnel (using syslog-ng) however I'd like to prevent actual logins (hence 'tunnel-only'). Can this be done with OpenSSH? I'd like to try and stay away from the complexities of a chrooted-stunnel for now... cheers, M -- pgp: http://www.darklogik.org/pub/pgp/pgp.txt 0160 A46A 9A48 D3B0 C92F B690 17FB 4B72 0207 ED43 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 825 bytes Desc: not available Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20050922/6912e42c/attachment.bin

Hello, I've been playing a bit with the "noexec" flag for filesystems. It can represent a substantial obstacle against the exploitation of security holes. However, I think it's not perfect yet. First thing, an attempt to execute a program from a noexec-mounted filesystem should be logged. It is either a very significant security event, or it can drive nuts an

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I'm wondering if/where I can get the server side component for freebsd-update. Presumably such a component would build and sign the binary patches and prepare them to be served via HTTP to the freebsd-update client. I need a system for distributing binary updates to a collection of customized FreeBSD machines, jails, and embedded systems.

or "How do I know my copy of FreeBSD is the same as yours?" I have recently been meditating on the issue of validating X.509 root certificates. An obvious extension to that is validating FreeBSD itself. Under "The Cutting Edge", the handbook lists 3 methods of synchronising your personal copy of FreeBSD with the Project's copy: Anonymous CVS, CTM and CVSup. There are