search for: gaping

Please excuse me if this has been covered, but I just noticed something odd with samba 2 beta 1. If I use smbclient to connect to a passworded resource on a win machine (I've tried it with 98/95) and I just hit enter for the password, it lets me in. No questions asked. So, I pretty much have unlimited read access to stuff I should not be able to get to. Best Regards. If this is the wrong

I figure some one here may find this interesting. I just begun work on allowing a smb home directory to be automounted upon login. -------------- next part -------------- A non-text attachment was scrubbed... Name: pam_exec.c.diff Type: text/x-patch Size: 213 bytes Desc: not available Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20070519/19e6bd01/pam_exec.c.bin

Is Adobe the only provider of flash plugins? Is it still a gaping security hole? Do the answers depend on the browser? -- Michael hennebry at web.cs.ndsu.NoDak.edu "Sorry but your password must contain an uppercase letter, a number, a haiku, a gang sign, a heiroglyph, and the blood of a virgin."...

...39;m including some of his tips in case it helps in the investigation of the problem: ------------------------------------------ - If the application is not calling, or ignoring non-success return values of pam_acct_mgmt() yet still allowing access to the account, then the application has a gaping hole and is at fault. - A PAM module may defer authentication and authorization, in password-change-required situations, to pam_sm_chauthtok(3PAM), but if so it must: a) return PAM_SUCCESS from its pam_sm_authenticate(3PAM) _AND_ b) return PAM_NEW_AUTHTOK_REQD from its pam_sm_acct_mgm...

...ound his growisofs program which features multi-session recording capabilities. You also need to have mkisofs installed since growisofs uses it. You can burn individual files or ISO images with andy's tools. Someone should build a FreeBSD port for this toolset, there's a gaping hole in the FreeBSD ports tree where DVD-recording ought to be. -Matt Matthew Dillon <dillon@backplane.com>

Having searched the net, I see that oracle is not supported by rails on a mac osx Intel. Now this may be due to the fact that Oracle is being slow to supply intel based binaries of their drivers, but I find it odd that osx is so well supported, yet this gaping hole exists. I did find an ODBC driver for osx/intel that works to oracle, but of course there is no ODBC driver for Rails that will talk to oracle. It seems every turn is blocked. Anyone have any good news for me? How hard would it be for me to hack the oracle adapter to use ODBC instead of OCI...

This is usually a very active list, but looking at my procmail log the last message I have received arrived on: >From asterisk-users-bounces@lists.digium.com Fri Jul 29 03:04:17 2005 Subject: Re: [Asterisk-Users] How can I use MySQL in the dialplan? Since that message there has been a gaping silence, any idea what is up, as I am sure seeing mail from everything else. Actually I don't think I have seen any mail from any of the asterisk lists, since that time so guessing this list is having some kind of problem... --- Howard Leadmon - howard@leadmon.net http://www.leadmon.net

...ses involved and a > general sketch of the protocol. Something that wouldn't be > obsoleted by enhancements. OK. Having receive tepid encouragement i have produced a first-draft of the document. As i said "I'm no writer", this document no doubt has structural defects and gaping holes as well as being worded strangely. I invite constructive comments and patches (on list) but if someone else wants to pick up the ball and run with it i would be pleased to hand it off. I have formatted it in HTML so if you care it can be found at http://www.pegasys.ws/how-rsync-works.html...

...se is up and running for the initial sync? I'm hoping that RSYNC will be an option for us, as other mirroring strategies I have seen rely upon same size disk devices/partitions, which we do not want because the goal is to put up a single device larger area to keep this data. Please ignore the gaping holes for ideas such as just having Oracle use another mount point in addition to the one it is already using or online VG expansions. David Poe -------------- next part -------------- HTML attachment scrubbed and removed

...ble to bind each jail to both public and private IPs, so the frontend hosts can mount filesystems off the backend. Cheers, s. - -- It strikes me that cats are like soft-tipped ammo, they're small when they enter your life, cause all kinds of havoc while they're in it, and then leave a gaping hole in your heart when they pass out of it. - --William Jennings in a.f.h -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+iY+E51unZWdvDMoRAjYLAJ4wMTgd7+178x8aPH5VQsR/UJuPzgCeIV74 NUuKInvB7OAN8hpjrisx0og= =OXMN -----END PGP SIGNATURE-----

So I''m revisiting puppet''s management of nagios now that 0.25.1 is out and I want to say thanks for the updates to all the nagios types. However, there is one huge, gaping hole that''s been asked about before in 2 different threads but that''s never been addressed: object inheritance. For it to work, it requires the object being inherited from to have a "name" variable set, otherwise it doesn''t work at all. As it stands, there'...

...us to expose nice semantics at a language or IR level, in the sense that we probably don’t want to define what happens if you step out of the comfortable uses for nontemporals (i.e. what happens when you start having temporality). A builtin pre / post fence seems fine to me, but that still leaves a gaping semantic hole… which I’m also fine with. FWIW you have the same problem, somewhat worse, with some vector load / store instructions on some ISAs. I was under the impression that we had decided to move forward with the fence, and it continues to make sense to me. -Hal On Apr 28, 2020, at 2:42...

Hi all, I''ve put new code into my app so that an administrator will have extra privileges (administer users, edit pages). The error is: ''Couldn''t find User without an ID'' So the app is looking for a logged in user when the homepage is accessed. Heres my code: site/index view: <% if is_logged_in? and logged_in_user.has_role?(''Moderator'')

The current specification of the behavior of the !nontemporal attribute in LLVM, and the __builtin_nontemporal_* functions in Clang, is rather spartan and underspecified. In effect, it says the following things: * Atomic !nontemporal has no defined semantics * !nontemporal may use special instructions to save cache bandwidth, such as "MOVNT" on x86. What is crucially lacking

Hi, Embarrassed as I am to write this, I am hoping for some advice. One of our very first PBX installs, now six years old, was "taken advantage of" over the past few weeks. A victim of sipvicious, I assume, that managed to guess one of the SIP passwords. 4000 calls to various middle eastern destinations have been placed, which ended up being sent over our customer's PSTN

In the example I posted previous, there is an obvious gaping security hole, it would be trivial for someone to read the querystring and exploit it to make free phone calls, spoof caller ID (if you allow the CallerID to be set with a QueryString value), etc. You want to make damn sure that the URL is not publicly accessible or somehow obsfucate the querystrin...

...ent keys for the same name/IP would affect hostbased authentication. It's been over a year now, and the first issue (different servers behind a NAT needing the same host key) keeps coming up. I have a proposal that I believe wouldn't break hostbased authentication (which includes opening a gaping security hole), but would allow different keys for servers on the same IP but different ports. The last comment on the bug, from Ben Lindstrom, is this: Your missing his point about 'hostbased' authentication. By allowing host/ip:port you run into a problem when you go to do hostbased...

Hello, I have setup mod_ntlm_winbind to provide authentication for an Apache 1.3.33 webserver running on Fedora Core 3. The authentication works, but I have run into a problem when using Internet Explorer. It seems that the problem might be with Internet Explorer itself, but here is what I think is happening - the browser will not submit any forms with a POST method on a website protected with

On Sun, March 1, 2015 10:22 am, Richard wrote: > > > ------------ Original Message ------------ >> Date: Sunday, March 01, 2015 10:44:08 -0500 >> From: Mark LaPierre <marklapier at gmail.com> >> To: centos at centos.org, Mark LaPierre <marklapier at aol.com> >> Subject: Re: [CentOS] scp -rp behavior(SOLVED) >> >> On 02/26/15 19:45, Valeri

...s to seriously affect backup space over time. Does anyone have an available script or list of commands for removing most or all of these "generally unused" directories, packages or whatever they are? I found something a while back for shutting off unused services, but this seems to be a gaping hole in available archives. Thanks. CT