search for: ptacek

...& FWRITE) == 0 && (prot & PROT_WRITE) != 0) + return (EACCES); + else maxprot |= VM_PROT_WRITE; handle = (caddr_t) vp; } VI. Thanks This advisory is based on the OpenBSD Security Advisory, dated February 20 2, 1998. Thanks to "Thomas H. Ptacek" <tqbf@enteract.com> for allowing this. Thanks to "Cy Schubert" <cschuber@uumail.gov.bc.ca> for porting the OpenBSD patch to FreeBSD. ============================================================================= FreeBSD, Inc. Web Site:...

...rators reconfigure their firewall to disable OUTBOUND connections to port 888, the cddbd server port. I would also strongly recommend that all servers running cddbd remove it from their machines until a comprehensive examination of its buffer handling can take place. I would like to thank Thomas Ptacek for his assistance in examining these vulnerabilities and for his examination of cddbd for buffer overflows. --------------------------------+--------------------- David J. Meltzer | Email: davem@iss.net Systems Engineer | Web: www.iss.net Internet Security System...

-----BEGIN PGP SIGNED MESSAGE----- > Date: Fri, 2 May 1997 12:33:00 -0500 > From: "Thomas H. Ptacek" <tqbf@ENTERACT.COM> > On almost all Unix operating systems, having superuser access in a > chroot() jail is still dangerous. In some recent revisions of 4.4BSD > operating systems, root can trivially escape chroot(), as well. I was thinking about possible attacks of this natu...

Francis, I read in the list archives back that a future EventMachine release will support epoll on Linux (i.e., it''s in the trunk). Better still, is there a possibility that EM will rely on libevent so that it will be architecture independent (i.e. epoll on Linux, kqueue on FreeBSD/Mac OS X, /dev/poll on Solaris)? This is how memcached is implemented, and it would be helpful to be able

...rators reconfigure their firewall to disable OUTBOUND connections to port 888, the cddbd server port. I would also strongly recommend that all servers running cddbd remove it from their machines until a comprehensive examination of its buffer handling can take place. I would like to thank Thomas Ptacek for his assistance in examining these vulnerabilities and for his examination of cddbd for buffer overflows. --------------------------------+--------------------- David J. Meltzer | Email: davem@iss.net Systems Engineer | Web: www.iss.net Internet Security Syst...

Hello, I have been looking at the Ruby/EventMachine. First let me say it look very good. Reactor model with no threads makes for fast reliable server, and I have read about marvelous Twisted framework for Python and am glad to see something similar for Ruby. I am writing network app with Ruby threads now and it very slow, and I try new Ruby 1.9 with native threads that make it much slower.