search for: deustche

I made a list of /usr/bin scripts which allows /tmp races. Following ones creates /tmp/something.$$, then, with no permission/ownership checking, /tmp/something.$$.x (x may vary ;), or even performs suitable checks, but gives enough time to alter /tmp contents: glibcbug, bashbug, znew, mailstat, autoupdate, x11perfcomp, gccmakedep, pnmindex, xcopy, autoheader, cvsbug, rcs2log, updatedb, igawk,

Dear R-Users, I have a dataframe (''forexdata'') of daily returns from the foreign exchange market for three currencies - British Pound (bp), Canadian Dollar(cd), Deustche Mark (dm) vis-a-vis the US Dollar and the Date Of Trade(yymmdd). For some dates the returns are missing (recorded as zero) as there were no trades in that currency for that date. My task is to substitute the missing or zero values with the next non-zero value. To this end I created two lag variab...

The problem with vixie cron is wider (and more funny) than I expected. Here''s my proggy which allows hiding files of any kind and size into crontab entries (remember, quota is ignored ;-): -- cron_put -- #!/bin/bash echo "Vixie cron 3.0.1 file storage - put utlility" echo "by Michal Zalewski <lcamtuf@staszic.waw.pl>" echo if [ "$1" = "" ];

Typical "[symbolic|hard] link bug" is a vunerability, which allows user X to overwrite files owned by Y (with useless portion of junk) when Y launchs buggy program. But this trivial (and often ignored) attack method can be easily turned into a cute, powerful weapon. Here''s an example how to perform advanced exploitation of gcc symlink bug (I choosen that one, because this