similar to: open and euid security flaw in 5.0-Current?

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:09.htt Security Advisory The FreeBSD Project Topic: information disclosure when using HTT Category: core Module: sys Announced:

Hello, Possibly some of you will have read the news about "Hijacking a Macbook in 60 Seconds or Less"[1]. At this time I was searching a wireless card for my server and I wonder how this can affect to the combination FreeBSD+ath(4). The ath_hal page states that FreeBSD use a binary driver and I think it is located in this file[2]. Unlike OpenBSD which affirms that they have

We have a number of Soekris devices that we will be deploying remotely in semi- hostile physical environments. The remote links are dialup so I dont have a lot of bandwidth available. I want to do integrity checks of the images so that I can detect any tampering of the flash image. If I upload a static sha256 binary to /tmp on the remote box (which is a RAM disk) and then do something

I've included all posts till now. Can I ask anyone with older proliant multi-cpu hardware using the smart2 controllers to get in touch with me? I am curious to know if this works for anyone... -D Quoting Danny Carroll <fbsd@dannysplace.net>: > Still more info... > It does not work on 5_0-RELEASE either. > > -D > ----- Original Message ----- > From: "Danny

Howdy! I'm not sure if this is actually an issue, feature or a bug, but I have found that inside a jail, the jailed root user is able to sniff traffic (and enable promiscuous mode) on at least the interface of the IP address the jail is attached to. I have not found any documentation explaining if this should occur or not, but I feel it is something that should at least be known to those

Hi, I'm pondering building my own SSL accelerator out of a multi-CPU FreeBSD system and a crypto accelerator. What's the recommended hardware crypto accelerator card these days? Thanks, ==ml -- Michael Lucas mwlucas@FreeBSD.org, mwlucas@BlackHelicopters.org Today's chance of throwing it all away to start a goat farm: 49.1% http://www.BlackHelicopters.org/~mwlucas/

Although RAW sockets can be used when specifying the source address of packets (defeating one of the aspects of the jail) some people may find it usefull to use utilities like ping(8) or traceroute(8) from inside jails. Enclosed is a patch I have written which gives you the option of allowing prison-root to create raw sockets inside the prison, so

I had originally mentioned this only to 2 people, which was Jordan K. Hubbard and Paul Henning-Kemp, but since I have received a lot of queries on this, I thought I might as well post it on the FreeBSD announce groups. Included below is a posting done on the Linux-atm mailing group, by Pragnesh Sampat. I have just adapted for FreeBSD. RV -------------------------- Announcement

In message <20050731135919.GA43753@afields.ca>, Allan Fields writes: >Yes, this is all very nice, but when is someone actually going to >commit it? ;) I'm (as always) short of time, and GBDE is not the top priority for me for the time being. So I am more than happy to see people band together and improve gbde. The main work necessary is to polish the userland program and that

Hello, I think there was already a thread on this. I just want to raise the question again if anyone has successfully booted an gdbe-encrypted filesystem (everything encrypted except the bootloader). The passphrase is entered at the bootloader prompt or embedded in the bootloader. I appreciate any tips. Thanks, - ronnel

I have a grown list of IPs that I am "deny ip from ###.### to any". Infected machines, hackers, etc.. Is there a way to have this list outside of rc.firewall and just read it in?

Hello. I can''t start Virtual Machine, have the message: Waiting for root file system ... done. Gave up waiting for root device. Common problems ..... ALERT! /dev/xvda2 does not exist. Dropping to a shell! I have installed Xen 4 in a debian squeeze: # uname -a 2.6.32-5-xen-amd64 #1 SMP Wed Jan 12 05:46:49 UTC 2011 x86_64 GNU/Linux xen-hypervisor-4.0-amd64 4.0.1-2

Dear colleagues, in the process of upgrading my home router I'm trying to utilise Intel D2500CC mini-ITX motherboard[1]. Both stable/9 and head suffer from no scrolling issue: from the beginning of booting the kernel, all output overrides the last line on the screen, while others keep the loader phase. Provided the board has multiple serial ports and the final target (headless

shell# /sbin/devfs rule -s 2 delset shell# /sbin/devfs rule -s 2 add hide shell# /sbin/devfs rule -s 2 add path random unhide shell# /sbin/devfs rule -s 2 add path urandom unhide shell# /sbin/devfs rule -s 2 add path zero unhide shell# /sbin/devfs rule -s 2 add path pty\* unhide shell# /sbin/devfs rule -s 2 add path pty\* unhide shell# /sbin/devfs rule -s 2 add path tty\* unhide shell#

Hi folks, OS - Ubuntu 10.04 On R I create a datafile named "data". I can evoke it on R with; > data On R Commander Data -> Active data set -> Select active data set -> (data) OK only one data set there "data" -> View data set I can read it -> Edit data set showing 25 rows of data. Clicking the box shows a thick border around it. But I couldn't

Hi, My samba is 3.0.13 version. I got a funny problem. UserA logs on to a shared (all users can read/write/execute rights) drive and opens an excel file. UserA closes the file or modifies it. When UserA reopens the file in 5 secs or less, the file seems to be lock by the computer that UserA is on! When UserA had closed the file, UserB on another computer tries to open the file and it says

Hi, I'm getting errors with my IMAP setup. Basically, everything seems to work. Mail is delivered nicely from Postfix to Dovecot via LMTP. Dovecot does the authentication to LDAP (also for Postfix). Users are able to send mail via authenticated submission (Postfix) and login into IMAP and POP. However, IMAP connections are dropped frequently with an "ERROR: Connection dropped by IMAP

Hi. I've been playing a bit with "use sound card as an entropy source" idea. This simple program does what I wanted: http://people.freebsd.org/~pjd/misc/sndrand.tbz The program is very simple, it should be run with two arguments: % sndtest /dev/dspW 1048576 > rand.data This command will generate 1MB of random data. With my sound card: pcm0: <Intel ICH3 (82801CA)>

Hi all, Has anyone encountered this: On ServerA, I make this directory: /var/ftp/pub/userA with ownership root.root It gets rsynced to serverB with this command: rsync -avzgorp --delete -e ssh /var/ftp/pub/ root at serverB:/var/ftp/pub/ However, when I change the ownership of /var/ftp/pub/userA to userA.userA, this change is not rsync-ed to serverB. Is there any option to achieve this? Thank

Hi How can we use NIS to control a user in different servers? eg: serverA /home/userA/javaapplication serverB /export/home/userA/javaapplication serverC /vol/home/javaapplication Thank you