Displaying 5 results from an estimated 5 matches for "pcheck".
Did you mean:
check
2011 Jul 26
0
connect to DRb server from rails controller ?
...-
Client code in application controller:
require ''drb''
class ApplicationController < ActionController::Base
protect_from_forgery
def parser_svc
# svc = nil
svc = DRbObject.new nil, ''druby://:9000''
svc
end
end
main controller:
def pcheck
svc = parser_svc
res = svc.check
render :text => res
end
when called and server is running get this error:
DRb::DRbConnError (druby://:9000 - #<Errno::EADDRNOTAVAIL: The
requested address
is not valid in its context. - connect(2)>):
app/controllers/main_controller.rb:...
2017 Feb 09
4
Serious attack vector on pkcheck ignored by Red Hat
...see how a flaw in pkcheck gives you something here that
> you don?t already have.
On many systems local users cannot execute their own uploaded binaries
(noexec mounts). This would also be true for an adversary entering a
system with a remote "unprivileged" exploit. In that situation pcheck
gives them a "crow bar" they did not have before.
> A vulnerable library is a vulnerable library. Fix the library, don?t
> invent reasons to fix all the other programs on the system because the
> library is vulnerable.
I would say the modus operandi should be to eliminate all...
2017 Feb 09
4
Serious attack vector on pkcheck ignored by Red Hat
On Thu, 2017-02-02 at 13:40 -0800, Gordon Messmer wrote:
> Escalation *requires* attacking a program in a security context other
> than your own.
Not necessarily. Suppose the adversary is aware of a root
exploit/privilege escalation in a random library. Then the heap spraying
allows this attacker to easily trigger this exploit because he is able
to initialize the entire contents of the
2017 Feb 09
0
Serious attack vector on pkcheck ignored by Red Hat
...Give me a scenario where this attacker can execute *only* pkcheck
>
> On many systems local users cannot execute their own uploaded binaries
> (noexec mounts). This would also be true for an adversary entering a
> system with a remote "unprivileged" exploit. In that situation pcheck
> gives them a "crow bar" they did not have before.
So you?ve now sprayed the heap on this system, but you can?t upload anything else to it because noexec, so?now what? What has our nefarious attacker gained?
>> A vulnerable library is a vulnerable library. Fix the library, d...
2008 Feb 22
12
Yumrepo and managing the contents of /etc/yum.repos.d directory...
...ot;,
ensure => directory,
recurse => true,
purge => true
}
yumrepo { pkg_repo:
descr => "Packages Repository",
enabled => 1,
baseurl => "http://Some/path/",
gpgcheck => 0,
require => File[yum_repo_d]
}
Every time I run pcheck now, the file is deleted and recreated and pcheck
gripes about the file being there and needing to be deleted. The workaround,
of course, is to use templates but that''s broken.
verbose noop gives the following notice every time:
notice: //workstation/base/yum_base/File[/etc/yum.repos.d/...