similar to: Re: RedHat5.1 security flaws.

On Tue, 2 Jun 1998, Mike Johnson wrote: > At 03:04 PM 6/2/98 +0100, you wrote: > > >Are there any other people out there interested in a concerted linux > >source security auditing process? > > Yes, yes, and yes. Did I mention, yes? OK. I''ve got a _lot_ of positive response about starting some form of co-ordinated effort to audit core linux

Hi, I am bemused. After some security auditing on RH5.0, I was curious as to what new suid binaries and daemons shipped with RH5.1. The first one I noticed was "xosview". God knows why it needs to be SUID; it probably doesn''t but the makefile just makes the binary suid by default. Linux has /proc which has enough information that ferreting around in /dev/kmem using root privs

A file creation and corruption bug in XConsole included in procps-X11 versions 1.2.6 and earlier has been found. To fix it, you can either remove the XConsole program or upgrade to procps-1.2.7, available from ftp://tsx-11.mit.edu/pub/linux/sources/usr.bin/procps-1.2.7.tar.gz Thanks to Alan Iwi for finding the bug. A few other bugs have been fixed in this version. Read the NEWS file if you

hi have problems to get an samba server up that offers shares for all without a password heres my smb.conf file located under /usr/local/samba/lib/smb.conf [global] netbios name = DEATHB server string = Samba %v on (%L) workgroup = LANSTRIKE encrypt passwords = yes security = share [homes] browseable = no [mp3] comment = lmh path = /var/glftpd/site/mp3/lame.r3mix/ browseable = yes read only =

In Debian 1.1, the optional DOSEMU package installs /usr/sbin/dos setuid root. This is a serious security hole which can be exploited to gain access to any file on the system. Package: dosemu Version: 0.64.0.2-9 ------- start of cut text -------------- $ cat /etc/debian_version 1.1 $ id uid=xxxx(quinlan) gid=xxxx(quinlan) groups=xxxx(quinlan),20(dialout),24(cdrom) [quinlan:~]$ ls -al

I needed to be able to update stub pointers for hot functions that get recompiled in a lazy JIT that uses CompileOnDemandLayer. In order to do this I added a method that allows pointers to be updated but does not expose any of the other internals of the COD layer. Does anyone have a cleaner way to do this? Has something to facilitate this already been added? Would it be possible to merge this

+Lang Hames <lhames at gmail.com>, Master Regent of the Three <No, Two sir> JITs On Thu, Jul 28, 2016 at 12:31 PM Sean Ogden via llvm-dev < llvm-dev at lists.llvm.org> wrote: > I needed to be able to update stub pointers for hot functions that get > recompiled in a lazy JIT that uses CompileOnDemandLayer. In order to do > this I added a method that allows pointers to

Hi! I encountered some things trying to build own packages under Windows 2000 for which i found no answer in the documentation. First. 1. I do not found the rcmd.exe in the bin directory of R_HOME. I installed R using the setup.exe 2. I updated the R intatllation with one of the zip files. (rw1041sp.zip) now i had the rcmd.exe in the bin. 3. I do not found any hint in the docu that perl is

Hi, did a search in the archives for "opie" and this is the most recent message on the topic I see: http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=98536878202858&w=2 Nigel, would you mind sending me the source for the module you've extracted from that other distribution? Also, if anyone is interested in looking at other OPIE PAM modules, here are two more: Andy

Hello all, Has anyone gotten to compile SAMBA alpha15 in UnixWare 2.1.3? I have tried with GCC 2.7.2 and also with UnixWare's native C compiler with no success. I get the following error when using GCC 2.7.2: 273 /home/SOURCE/WinServer/samba/source: gmake all Using FLAGS = -g -O2 -Iinclude -I./include -I./ubiqx -I./smbwrapper -DSMBLOGFILE ="/usr/local/samba/var/log.smb"

Hi Are there any known security holes or necessary precautions in using port forwarding with ipportfw? I'm planning on forwarding ports from an outer firewall/router (connected to the Internet) to a host in the DMZ, then on from the DMZ host to the inner firewall, and finally from the inner firewall to some host on the inside. Thanks, Jens jph@strengur.is From mail@mail.redhat.com Wed

Hi Sean, This is great, but it couples LogicalDylib too tightly to CompileOnDemandLayer. Does this alternative implementation of getLogicalModuleResourcesForSymbol work for you (unfortunately I don't have a local test case for this yet): LogicalModuleResources* getLogicalModuleResourcesForSymbol(const std::string &Name, bool

It does work. I just tested it on my JIT. Thanks! As for the part that couples them too tightly, would you recommend I just keep my own specialized version of CompileOnDemandLayer.h that includes this functionality, or do you have any ideas for a cleaner way to do this? I've noticed a couple of people asking for support for updating stub pointers for functions that are optimized at runtime,

Hello Altaf, You can now pull swdepot of Samba 2.2.3a WITH winbind from the samba ftp site - this is swinstallable and so you will not need to compile - it already has winbind built. You can get it from: http://us1.samba.org/samba/ftp/bin-pkgs/hp/samba2.2.3a/ named samba_2.2.3a_HPUX_withwinbind.depot hope this helps, Don -----Original Message----- From: Muhammad Altaf Bashir

Am getting Compiling passdb/passdb.c gcc: Internal compiler error: program cc1 got fatal signal 6 make: *** [passdb/passdb.o] Error 1 while attempting to make from samba-2.0.3 on Linux 2.0.30 kernel. I have successfully used the same tar to install on a linux Slackware 2.0.34 kernel machine, no problems at all. The same error occurs on two different servers, both made from the same Slackware

Greets, We're using Dovecot 1.0.7 (which comes with CentOS 5.x). I have successfully configured dovecot to change a username from abc at 123.com to realname1_abc for a machine which only has a single domain (using auth_username_format=realname1_%Ln). However, I'm pulling my hair out trying to get dovecot to handle multiple domains (the machine has existing /etc/passwd /etc/shadow and

Hi Sean, As for the part that couples them too tightly, would you recommend I just > keep my own specialized version of CompileOnDemandLayer.h that includes > this functionality, or do you have any ideas for a cleaner way to do this? My apologies - I wasn't very clear in my description of the issue. The only sense in which your original patch was tightly coupled was that it had

https://bugzilla.mindrot.org/show_bug.cgi?id=2524 Bug ID: 2524 Summary: config file option to limit the lifetime of added keys Product: Portable OpenSSH Version: 7.1p1 Hardware: 68k OS: Mac OS X Status: NEW Severity: enhancement Priority: P5 Component: ssh-agent Assignee:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ Caldera Systems, Inc. Security Advisory Subject: flaws in the SSL transaction handling of Netscape Advisory number: CSSA-2000-017.0 Issue date: 2000 June, 09 Cross reference:

There's an article on News.com about the problems with the H.323 protocol on Cisco and Microsoft platforms: http://news.com.com/2100-1002_3-5140284.html?tag=nefd_lede I imagine that Asterisk is not affected by this. MATT---