search for: lockdowns

Hi group As promised some months ago, I'm letting you know that lockdown is now ready for testing. Please don't study the code to much, I know it is a mess and therefore a rewrite is on it's way. But feel free to take a look at the features offered, how you use them and the default settings. When lockdown is ready for production usage, I'll release version 1.0. I guess that will

What: Lockdown <http://stonean.com/projects/show/lockdown> is an authorization/authentication gem for RubyOnRails 2.x This version bundles Classy Inheritance<http://stonean.com/projects/show/classy-inheritance>to simplify the management screens. There is also a lot of template cleanup in this release. *There were no changes to the security engine.* If you have questions, please

...ther solution :-) <scary_solution> I've thought of building a specially crafted .reg file (actually a set of them) which will be imported in each logon on the machine; that way, I can control the way the desktop acts for each user. I will have a "general.reg" file for common lockdowns, some specific "group-A.reg", "group-B.reg" files for each group and finally some "user-A.reg" with specific lockdowns (or not) for special users. </scary_solution> I know this isn't great security since any user would be able to craft a .reg file themselv...

Hi all, I am doing some tests with my CentOS7 desktop. I have configured a policy to lockdown Chrome/Chromium browsers and it works perfectly. And I am trying to the same for Firefox browsers but Firefox's docs are really "hard" to understand. I have the following stopper points: a/ what is the "real" system wide's config file: firefox.js, sysprefs.js or

Hi All, I''m having a bit of trouble wrapping my head around "nil_lockdown_values" in the Lockdown plugin. I''m unfamiliar with how exactly this works. I''m assuming it is a helper method of sorts, but I see no definition. Does Rails simply have the ability to nil_ [somerandomliborclass]_values? Would someone mind unconfusing me? Also, where would I find

Has anyone had any issues using Cucumber with Lockdown. in the following scenario, I am logged in as an admin and so should have :all access rights, however I get the following error. Authoriztion filed! prms: {"action"=>"index", "controller"=>"admin"} session: {:expiry_time=>Wed Oct 28 13:33:43 +0000 2009,

I only run one piece of software under wine but this app is still a great risk. The intentions and opportunity of software developers not using open source should not be underestimated. when i run env WINEPREFIX="/ubuntu/PC1/.wine" wine C:\\windows\\system32\\taskmgr.exe I am reminded again of all the security problems with windows. I was thinking that it ought to be easier to

Hello everybody, I'm a newbie in this list, so I don't know if it's the appropriate place for my question. Anyway, I'd be happy to find out the solution. Please, has anyone simple answer for: I'm looking for an exact list of files, which: 1. MUST have... 2. HAVE FROM BSD INSTALLATION... 3. DO NOT NEED... 4. NEVER MAY... ...the suid-bit set. Of course, it's no problem to

Hi all, I'm mounting a LTSP server whith CentOS 4.4. The default desktop will be Gnome. I'm looking for lockdown tool and I think Pessulus maybe a good option, but I don't found it with yum. ?Is Pessulus included in CentOS? ?Another lockdown tools as alternatives? Thanks in advance. -- Jordi Espasa Clofent PGP id 0xC5ABA76A #http://pgp.mit.edu/ FSF Associate Member id 4281

I'm seeing errors like this in my event viewer on win2k clients: Source MRx Smb "The master browser has received a server announcement that computer CONAN that believes it is the master browser for the domain ... The master brower is stoppong or an election is being forced." Event ID 8003 The other error that frequently occurs with this: Source: Netlogon "No Windows NT or

...l permissions and no SELinux you can still be blocked by > something called kernel_lockdown and it should appear in dmesg. > > Pavel > > [1] <https://gehrcke.de/2019/09/running-an-ebpf-program-may-require-lifting-the-kernel-lockdown/> Unfortunately, nothing related to kernel lockdowns. My kernel sysrq also doesn't seem to recognize x, and neither dmesg nor system journal indicate the system is even booted with lockdowns. I don't run Secure Boot, so that makes sense. I do get an audit message but that doesn't really enlighten me any further; there's only 4 message...

Hello, I need to reconfigure Gnome in CentOS for avoiding that a normal user could lock screen using task bar option and/or "Super L" key (Windows Key + L). How could I configure Gnome? I need to do that in several computers, so I can't do "login" in X environment of each computer, but I need to reconfigure executing from command line (multiple SSH connections).

Hi all, Recently I've suffered a problem with my SMTP service provider. It seems the SMTP server allows open relay, so my account is lockdown by CentOS list policy. Because of that I desubscribe my last account and re-subscribe in CentOS list with the present gmail account. I can send any messages in the list, but the curious problem is I don't see my own messages ???? I can see my

...n still be blocked by > > something called kernel_lockdown and it should appear in dmesg. > > > > Pavel > > > > [1] <https://gehrcke.de/2019/09/running-an-ebpf-program-may-require-lifting-the-kernel-lockdown/> > > Unfortunately, nothing related to kernel lockdowns. My kernel sysrq also > doesn't seem to recognize x, and neither dmesg nor system journal > indicate the system is even booted with lockdowns. I don't run > Secure Boot, so that makes sense. I do get an audit message but that > doesn't really enlighten me any further; there&...

Hi, Any advice/comments on the potential for hosting some personal Ruby applications from home? (i.e. for learning, sharing with friends etc) Would the basic concept be: * Need to buy a static IP address from you ISP * By a domain name and point it to the static IP address * Run Apache as the front end web server - Q: What basic lockdown/security steps should one take? * Perform a PORT

Fixes secure boot on my gp107. No idea why. Otherwise the GPU enters complete lockdown after starting the gpccs and fecs with the LS images loaded. Signed-off-by: Karol Herbst <kherbst at redhat.com> --- drm/nouveau/nvkm/engine/gr/gf100.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/drm/nouveau/nvkm/engine/gr/gf100.c b/drm/nouveau/nvkm/engine/gr/gf100.c index

Hi, in these dark days of COVID-19 lockdown I'm using linphone to connect to my office asterisk system for working from home. It's going pretty well but the presence/BLF functions don't appear to work. In the linphone logs and asterisk debug I find that asterisk is rejecting linphone's PUBLISH message: <--- SIP read from UDP:10.27.128.3:5060 ---> PUBLISH sip:john at

Hi all, I'm trying to use libspeex 1.1.10 on an ARM926EJ-Sid(wb) rev 3 (v5l). I executed the speexenc and speexdec test files and they can encode and decode. But I'm getting 95% of cpu utilization on the codification and 44% on the decodification. I saw in the post: http://lists.xiph.org/pipermail/speex-dev/2005-June/003485.html that this version of speex works fine on ARM

Hello All, I am new to Samba and having to learn it fast as I have taken over for someone who left staff. I have been asked if we can prevent users from removing directories and sub directories under a Samba share while still allowing them to read and write files to these directories. For instance we have a share defined as follows: [Baskets_Out] comment = NGP Test Baskets Out

I have openssh on my solaris servers, my question or concern I need to lockdown/jail the sftp users so they won't cd out of their home dir (setup of an anonymous ftp servers) and destroy or view other sftp users files. Is this doable with openssh??