search for: subverting

Hi all, (1) I wish to mount a SMB share onto my Linux filesystem. When I mount the share, it modifies the permissions on the "mounting directory" allowing other users to gain access to the share, masquerading as the mounting user. Lucky it doesn't give write access to anyone, but read access is bad enough. Can anyone explain this behaviour? (Example transcript provided below)

On Tue, Jan 21, 2020 at 11:08:51AM +1100, Damien Miller wrote: > So IMO disallowing session multiplexing is at most a speedbump that an > attacker will cross with relative ease. Speedbumps make sense sometimes, An attacker getting root on the jumphost gets immediate control of any _current_ persistent connections and new connections. Without ControlMaster it's a _lot_ harder to take

...t;jrd at gerdesas.com> wrote: > On Mon, Nov 24, 2014 at 12:04:30PM -0600, Les Mikesell wrote: >> >> Umm, yeah. Encrypted protocols would never be compromised.... > > Which do you think is more likely? Someone sniffing a cleartext > credential set on the wire or someone subverting an alleged "secure" > encrypted protocol? For things that matter, you should expect both. For things that don't matter, well they don't matter. -- Les Mikesell lesmikesell at gmail.com

Hi everyone, I have a separate internal system running on a different host that needs to put an administrative email into a user?s inbox. I?ve been playing around with the ?doveadm mailbox save? command via Doveadm?s HTTP API (https://doc.dovecot.org/admin_manual/doveadm_http_api/#doveadm-mailbox-save <https://doc.dovecot.org/admin_manual/doveadm_http_api/#doveadm-mailbox-save>). This

(I apologise if this has already been reported - the archive isn't very searchable.) At present the NOESCAPE keyword seems rather useless, because a boot prompt is offered whenever attempts to load a boot image is interrupted using <Ctrl>C. Intuitively, I would expect "NOESCAPE 1" to lock this down also, and that {sys,pxe,iso.ext}linux would simply fall through to the

I have the Official Samba 3 and Samba-3 by example books, although not the second edition copies. But I can't seem to find out how to push out patches and hotfixes with Samba. Is this not possible at this time? I don't have a lot of experience with Windows but I am going to have to deal with this issue soon. I think I understand that pushing out policies is possible. Is Microsoft

Hi, This question is raised from the following example: int foo (const int a[], int b[]) { ... b[i] = … … } Basically a[] is defined as read-only while b[] will be explicitly modified in the function. At the first glance, they can not be alias but it seems that we can not figure out the alias info between them now which prevent us from doing some optimizations. Here is the

...Urbanek <simon.urbanek at R-project.org> wrote: > > You are making a very strong assumption that finding an alternative chain of trust is safe. I'd argue it's not - it means that an adversary could manipulate the chain in a way to trust it instead of the declared chain and thus subverting it. In fact switching to OpenSSL would create a serious security hole here - in particular since it installs a separate trust store which it is far more easily attacked and subverted. By your argument we should disable all SSL checks as that produces error with incorrectly configured servers so not...

On 5 December 2014 at 06:49, Sean Silva <chisophugis at gmail.com> wrote: > > > On Wed, Dec 3, 2014 at 4:23 AM, Robert Lougher <rob.lougher at gmail.com> > wrote: >> >> Hi, >> >> In feedback from game studios a common issue is the replacement of >> loops with calls to memcpy/memset. These loops are often >> hand-optimised, and

> On Nov 7, 2019, at 5:54 PM, Daniel Sanders via llvm-dev <llvm-dev at lists.llvm.org> wrote: > > > -1 to "squash and merge" being the only option if rebase+push (--ff-only) is possible. I'd rather we use our judgement to decide what's appropriate for the pull request at hand rather than have a blanket rule. > > Personally, if I have multiple commits

Hello! I saw your post to the mailing list (http://www.dovecot.org/list/dovecot/2006-January/010968.html) where you write "A description for pine with imap acces without entering any password is also discussed.", but I didn't find such description in this post. Would you be so kind to point me to some source where it is explained - currently users have to insert the

I suspect rsync actually *cannot* be used as a change detection tool for security purposes, but I want some help with my reasoning. Imagine a backup system that uses rsync to move files from client to a trusted server. The backup system operates in "pull" mode, and the backup server uses rsync to pull files from the client. Rsync does its magic --link-dest thing, and we detect the

Maybe what Centos needs is a bridal registry. Here in the US, an engaged couple can tell their friends what they'd like to be given as wedding presents. They do this by listing items in a registry, in various stores around town. Anyway, the idea is, post stuff you need in a list on your site. Say you need 20 hard drives, or a particular power supply, or whatever items that get consumed in

On Mon, Nov 24, 2014 at 11:38 AM, Leon Fauster <leonfauster at googlemail.com> wrote: > Am 24.11.2014 um 18:11 schrieb Frank Cox <theatre at melvilletheatre.com>: >> On Mon, 24 Nov 2014 08:46:33 -0600 >> John R. Dennison wrote: >> >>> Why are you wanting to use telnet in the first place? >> >> I don't know what his use case is, but I

Has anyone else seen this in the wild? We just had an attempted attack yesterday from a live attacker on one of our machines using this vulnerability. It wasn't all that clever, and they're long gone, but I *did* manage to catch them in the act and grab a copy of the binary they tried to run from /tmp/, as well as the PHP injection code they used to subvert a virtual web site's

We had an incident recently where an openssh client and server were replaced with trojanned versions (it has SKYNET ASCII-art in the binary, if anyone's seen it. Anyone seen the source code ?). The trojan ssh & sshd both logged host/user/password, and probably had a login backdoor. Someone asked me what was their exposure if they used public/private keys instead of passwords. My

...ote: > > > > > > You are making a very strong assumption that finding an alternative > > chain of trust is safe. I'd argue it's not - it means that an adversary > > could manipulate the chain in a way to trust it instead of the declared > > chain and thus subverting it. In fact switching to OpenSSL would create a > > serious security hole here - in particular since it installs a separate > > trust store which it is far more easily attacked and subverted. By your > > argument we should disable all SSL checks as that produces error with > &g...

+cfe-dev as the discussion is now biased toward C standard. I'm not sure what problem you see here. In default mode, i.e. > when there is no "#pragma STDC FENV_ACCESS on" in effect, > then the compiler can always assume that the default rounding > mode is in effect. Well, if #pragma STDC FENV_ACCESS on is not in effect, that means > that the user has promised that at

...l ISSA meetings, Shmoocon, and the DC3 Conference, as well as numerous US government conferences. Jake is currently pursuing a PhD in Computer Science where he is researching new techniques for botnet detection. His research interests include protocol analysis, binary analysis, malware RE methods, subverting the security of cloud technologies, and methods for identifying malware Command and Control (C2) techniques.

You are making a very strong assumption that finding an alternative chain of trust is safe. I'd argue it's not - it means that an adversary could manipulate the chain in a way to trust it instead of the declared chain and thus subverting it. In fact switching to OpenSSL would create a serious security hole here - in particular since it installs a separate trust store which it is far more easily attacked and subverted. By your argument we should disable all SSL checks as that produces error with incorrectly configured servers so not...