Displaying 20 results from an estimated 1000 matches similar to: "[Bug 301] New: In openssh 3.3 and 3.4 pam session seems be called from non-root"
2001 Feb 08
0
openssh2.3.0p1 and /etc/limits
Hi!
I wrote a small patch to enable /etc/limits support in openssh. nice
thing when you don't have PAM installed..
It is based on Ultor's openssh 1.x patch
(http://marc.theaimsgroup.com/?l=secure-shell&m=96427677022741&w=2)
Works fine on slackware7.1. define USE_ETC_LIMITS in config.h , and
compile as usual.
Sagi
-------------- next part --------------
diff -N -u
2012 Jul 02
1
rlimit sandbox on cygwin
Hi all.
I have an old windows VM with an oldish cygwin that I use for the
regression tests. Investigating one of the test failures, I see that
it's for UsePrivilegeSeparation=sandbox, and it seems to be because
setrlimit(RLIMIT_FSIZE, ...) is not supported.
IMO, this isn't a big loss, since the most useful thing in the rlimit
"sandbox" is the descriptor limits. Can anyone see
2015 May 26
0
[PATCH] lib: Limit space and time used by 'qemu-img info' subprocess.
After fuzzing 'qemu-img info' I found that certain files can cause the
command to use lots of memory and time. Modify the command
mini-library to allow us to place resource limits on subprocesses, and
use these to limit the amount of space and time used by 'qemu-img info'.
---
configure.ac | 3 +++
src/command.c | 53
2008 Aug 24
2
Unusual bug in glusterfsd
Hi,
I'm rather new to this project, having stumbled across it earlier this
afternoon, so forgive me if I'm still trying to find my way around. I
was in the need of an alternative to NFS that would let me spread the
task of sharing my downloaded source code files across a couple of
boxes, and GlusterFS looked like a great candidate, having had no luck
with Coda or OpenAFS.
I also want
1998 Feb 22
0
resource starvation against passwd(1)
Standard apology if old...
This demonstrates a resource starvation attack on the
setuid root passwd(1) program. In the case I tested it was the
Red Hat Linux passwd-0.50-7 program without shadowing.
#include <stdio.h>
#include <sys/time.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/resource.h>
main ()
{
struct rlimit rl, *rlp;
rlp=&rl;
2004 Nov 19
0
/usr/local/bin/wine-kthread: could not open
Hy all.. i've just subscribed to the list thow i've been using wine for
a while now.
I 've emeregd (I have Gentoo) the latest wine and ,
Here-s what i get:
mihaiv bin # wine
/usr/local/bin/wine-kthread: could not open
mihaiv bin # /usr/local/bin/wine-kthread
Wine 20041019
Usage: wine PROGRAM [ARGUMENTS...] Run the specified program
wine --help Display this help and exit
wine
2011 Jun 22
3
sandbox pre-auth privsep child
Hi,
This patch (relative to -HEAD) defines an API to allow sandboxing of the
pre-auth privsep child and a couple of sandbox implementations.
The idea here is to heavily restrict what the network-face pre-auth
process can do. This was the original intent behind dropping to a
dedicated uid and chrooting to an empty directory, but even this still
allows a compromised slave process to make new
2002 Dec 27
1
RLIMIT_AS patch for FreeBSD
Hey,
I've just updated the FreeBSD dovecot port to the 0.99.4 beta release,
the following patch was needed as FreeBSD has setrlimit(2) but does not
define RLIMIT_AS (I believe). I switched the code the require both,
alternatively find a parallel option in the FreeBSD setrlimit(2) manual
page. ( http://www.freebsd.org/cgi/man.cgi?setrlimit )
You may be interested in integrating this patch.
2004 Nov 26
0
Dovecot 1.0-test52 and LDAP authentication
Hi all!
I have upgraded Dovecot 0.99.11 installation that's worked with LDAP to
Dovecot 1.0-test52 and I can't get LDAP to work. I noticed the
/etc/dovecot.conf is slightly different, so I have adjusted changes. If I
use the standard auth (passw & pam) everything works fine, however when I
user ldap for auth Dovecot starts but then dies:
dovecot: Nov 26 14:14:36 Error: Auth process
2008 Feb 29
1
cram-md5 crashes passdb
Hi all,
When setting auth mechanisms: plain login cram-md5 and only having pam
passdb and passwd userdb. dovecot nevers starts and crashes reporting:
Feb 29 10:19:41 pitux-clust-op1 dovecot: Dovecot v1.0.10 starting up
Feb 29 10:19:41 pitux-clust-op1 dovecot: auth(default): CRAM-MD5
mechanism can't be supported with given passdbs
Feb 29 10:19:41 pitux-clust-op1 dovecot: Auth process died
2008 Jan 17
1
convert plugin fails - drops root privileges then tries to create file in /
Hi
I just tried to run the convert plugin as described at
http://wiki.dovecot.org/Plugins/Convert
(except with mail_location = maildir:~/Mail)
It fails with an error message:
Eopen(/.temp.falcon.endbracket.net.18618.8d5e0a038da6cf06) failed:
Permission denied
Error: imap dump-capability process returned 89
It looks like Dovecot execs /usr/libexec/dovecot/imap, which drops root
privileges
1999 Aug 26
0
smbsh always segfaults
Version 2.0.5a (same prob w/2.0.4b, though). smbsh segfaults after I
enter my password. As root, it just seg faults. As my login user, it
dumps core.
Attached is a script of an strace of it.
Running RH 6.0, kernel 2.2.10, AMD K6-2/350, 64M RAM. Configure options
were:
CFLAGS="$RPM_OPT_FLAGS" ./configure --prefix=%{pref} --libdir=/etc \
--with-lockdir=/var/lock/samba
2002 May 14
1
AIX capabilities not set
Hi,
we're in the process of setting up large-page support on IBM regattas,
but for large-page support the users have to have a set of extra
capabilities (CAP_BYPASS_RAC_VMM,CAP_PROPAGATE). This are configured
on a per user basis by listing which capability each user have in
/etc/security/user.
Unfortunately they don't get set when the users log in via OpenSSH
(3.1p1). Does anybody know
2007 Jun 04
1
[LLVMdev] Patch to build on NetBSD
This trivial patch enables LLVM to build on NetBSD.
Neil.
Index: Program.inc
===================================================================
RCS file: /var/cvs/llvm/llvm/lib/System/Unix/Program.inc,v
retrieving revision 1.24
diff -u -p -r1.24 Program.inc
--- Program.inc 23 Apr 2007 07:22:51 -0000 1.24
+++ Program.inc 4 Jun 2007 13:05:22 -0000
@@ -125,11 +125,13 @@ static void SetMemoryLimits
2003 Mar 27
2
Samba and CCC
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
When are you all going to make Samba compatible with CCC (Compaq
Compiler)? I would really like to be able to compile it using CCC but
I keep getting the errors listed below. I was wondering, could please
point me in the right direction for a solution to this dilemma?
==================== ERROR MESSAGE ====================
Using FLAGS
= -O -fast
2015 Jan 22
2
[PATCH] increase fd_limit to max_client_limit automatically
Hi, with a low soft limit on file descriptors, dovecot 2.2.15 warns on
startup:
Warning: fd limit (ulimit -n) is lower than required under max. load
(256 < 1000), because of default_client_limit
It could try increasing the limit first, and only report the warning if that
fails. I'm attaching a patch that does just this.
Without the patch, the soft fd limit is kept at whatever it
1999 Sep 15
0
FreeBSD Security Advisory: FreeBSD-SA-99:04.core
-----BEGIN PGP SIGNED MESSAGE-----
=============================================================================
FreeBSD-SA-99:04 Security Advisory
FreeBSD, Inc.
Topic: Coredumps and symbolic links
Category: core
Module: kernel
Announced: 1999-09-15
Affects:
2000 Jun 13
2
2.2.1p1 / AIX 4.2.1.0.06 login nits
Hi.
New (2.1.1p1) login code is nicer on AIX (4.2.1.0.06). Thanks.
A couple of issues, though, which I haven't really dug into yet. I'm
wondering if anyone else has seen them? If not, I'll investigate &
report.
1. If I set "UseLogin" to "yes", everything seems fine except that
the authentication agent forwarding doesn't work. The "SSH"
2007 Jul 03
0
[LLVMdev] Solaris 9 compilation
Hi all!
I gave a shot at compiling core llvm with a Solaris 9 machine.
The compiler is FSF gcc 3.4.6. I am building trunk in the release version.
So far I did not run tests (no dejagnu installed).
Here are my findings:
0) Configuring. I had to suppress the solaris tools by:
env AR=/opt/gnu/bin/ar NM=/opt/gnu/bin/nm RANLIB=/opt/gnu/bin/ranlib STRIP=/opt/gnu/bin/strip ../llvm/configure
2013 Feb 23
2
Bug#701445: xcp-vncterm: ftbfs with eglibc-2.17
Package: src:xcp-vncterm
Version: 0.1-2
Severity: important
Tags: sid jessie
User: debian-glibc at lists.debian.org
Usertags: ftbfs-glibc-2.17
The package fails to build in a test rebuild on at least amd64 with
eglibc-2.17, but succeeds to build with eglibc-2.13. The
severity of this report may be raised before the jessie release.
The test rebuild was done together with GCC-4.8, so some issues