search for: gape

Please excuse me if this has been covered, but I just noticed something odd with samba 2 beta 1. If I use smbclient to connect to a passworded resource on a win machine (I've tried it with 98/95) and I just hit enter for the password, it lets me in. No questions asked. So, I pretty much have unlimited read access to stuff I should not be able to get to. Best Regards. If this is the wrong

I figure some one here may find this interesting. I just begun work on allowing a smb home directory to be automounted upon login. -------------- next part -------------- A non-text attachment was scrubbed... Name: pam_exec.c.diff Type: text/x-patch Size: 213 bytes Desc: not available Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20070519/19e6bd01/pam_exec.c.bin

Is Adobe the only provider of flash plugins? Is it still a gaping security hole? Do the answers depend on the browser? -- Michael hennebry at web.cs.ndsu.NoDak.edu "Sorry but your password must contain an uppercase letter, a number, a haiku, a gang sign, a heiroglyph, and the blood of a virgin." -- someeecards

openssh-unix-dev at mindrot.org kerberos at ncsa.uiuc.edu We believe there is a security flaw in either OpenSSH and/or RedHat's pam_krb5 module. When a Kerberos principal has the REQUIRES_PWCHANGE (+needchange) flag set, OpenSSH+pam_krb5 will still successfully authenticate the user. Local 'su' and 'login' fail in this case which leads us to believe it's at least

I just finished up a port of Andy Polyakov's excellent dvd+rw-tools to FreeBSD, and he has incorporated the patches into his release: http://fy.chalmers.se/~appro/ http://fy.chalmers.se/~appro/linux/DVD+RW/ http://fy.chalmers.se/~appro/linux/DVD+RW/tools/ (version 5.8.4.4.4) These tools support DVD-R, DVD-RW, DVD+R, and DVD+RW format dvd burners, including the popular Sony

Having searched the net, I see that oracle is not supported by rails on a mac osx Intel. Now this may be due to the fact that Oracle is being slow to supply intel based binaries of their drivers, but I find it odd that osx is so well supported, yet this gaping hole exists. I did find an ODBC driver for osx/intel that works to oracle, but of course there is no ODBC driver for Rails that will talk

This is usually a very active list, but looking at my procmail log the last message I have received arrived on: >From asterisk-users-bounces@lists.digium.com Fri Jul 29 03:04:17 2005 Subject: Re: [Asterisk-Users] How can I use MySQL in the dialplan? Since that message there has been a gaping silence, any idea what is up, as I am sure seeing mail from everything else. Actually I

On Tue, Sep 16, 2003 at 03:49:45AM -0700, jw schultz wrote: > > Aside from numerous other weaknesses that have crept into > the manpage i do note that there doesn't seem to be any > point where it is mentioned that rsync replaces destination > files rather than updating them in-place. I'm not sure > where it would go in the current manpage. > > I'm no writer

We have nearly 200 GB of data in a production Oracle database broken up into about 100 files of 2 GB. The database incurrs a 5% change per week in the form of new data, no modification nor deletions. I need to copy this data from one mount point to another then bring up the new database on the new mount point in place of the original. The high availability and production nature of this system

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 All, are there any plans to allow FreeBSD jails to bind to more than one IP address? My scenario (virtual hosting) : 3 front-end hosts with 2 interfaces each, one on the public network, the other on a private subnet. 1 back-end host, providing NFS mounts for the front-ends. This scenarion is not uncommon in ISP environments, usually with a big

So I''m revisiting puppet''s management of nagios now that 0.25.1 is out and I want to say thanks for the updates to all the nagios types. However, there is one huge, gaping hole that''s been asked about before in 2 different threads but that''s never been addressed: object inheritance. For it to work, it requires the object being inherited from to have a

________________________________ From: llvm-dev <llvm-dev-bounces at lists.llvm.org> on behalf of JF Bastien via llvm-dev <llvm-dev at lists.llvm.org> Sent: Tuesday, April 28, 2020 4:54 PM To: Cranmer, Joshua <joshua.cranmer at intel.com> Cc: llvm-dev at lists.llvm.org <llvm-dev at lists.llvm.org> Subject: Re: [llvm-dev] Nontemporal memory accesses and fences I see

Hi all, I''ve put new code into my app so that an administrator will have extra privileges (administer users, edit pages). The error is: ''Couldn''t find User without an ID'' So the app is looking for a logged in user when the homepage is accessed. Heres my code: site/index view: <% if is_logged_in? and logged_in_user.has_role?(''Moderator'')

The current specification of the behavior of the !nontemporal attribute in LLVM, and the __builtin_nontemporal_* functions in Clang, is rather spartan and underspecified. In effect, it says the following things: * Atomic !nontemporal has no defined semantics * !nontemporal may use special instructions to save cache bandwidth, such as "MOVNT" on x86. What is crucially lacking

Hi, Embarrassed as I am to write this, I am hoping for some advice. One of our very first PBX installs, now six years old, was "taken advantage of" over the past few weeks. A victim of sipvicious, I assume, that managed to guess one of the SIP passwords. 4000 calls to various middle eastern destinations have been placed, which ended up being sent over our customer's PSTN

In the example I posted previous, there is an obvious gaping security hole, it would be trivial for someone to read the querystring and exploit it to make free phone calls, spoof caller ID (if you allow the CallerID to be set with a QueryString value), etc. You want to make damn sure that the URL is not publicly accessible or somehow obsfucate the querystring, or use POST. In my case, I

I dug through the list archives to see if this had come up before, and I see that a bug <http://bugzilla.mindrot.org/show_bug.cgi?id=393> was submitted and subsequently closed (basically rejected) in 2002. The basic issue, for those of you who don't feel like following the bug URL, is that when one has ssh servers behind a NAT, each of which responds to a different port on the NAT IP,

Hello, I have setup mod_ntlm_winbind to provide authentication for an Apache 1.3.33 webserver running on Fedora Core 3. The authentication works, but I have run into a problem when using Internet Explorer. It seems that the problem might be with Internet Explorer itself, but here is what I think is happening - the browser will not submit any forms with a POST method on a website protected with

On Sun, March 1, 2015 10:22 am, Richard wrote: > > > ------------ Original Message ------------ >> Date: Sunday, March 01, 2015 10:44:08 -0500 >> From: Mark LaPierre <marklapier at gmail.com> >> To: centos at centos.org, Mark LaPierre <marklapier at aol.com> >> Subject: Re: [CentOS] scp -rp behavior(SOLVED) >> >> On 02/26/15 19:45, Valeri

I was working on archiving an old virtual server today and was reminded of how much space is wasted by some of the default installations on CentOS. I think this was a 5.x box. Anyway, in /usr/lib/64 (and probably /usr/lib on non-64 systems), there were a lot of directories which have no bearing on a basic server. I saw firefox, openoffice and many, many other directories -- replete with enough