similar to: GNU tar vulnerability

Hi Forgive my ignorance. I am selecting a column of a data.frame using the column name, and I want to know what the resulting column "is". My data frame is called "submin" and the column name is held in a variable called "display.gname" Eg: > is.data.frame(submin) [1] TRUE > is.data.frame(submin[,display.gname]) [1] FALSE >

Hi, After upgrading to b95 of OSOL/Indiana, and doing a ZFS upgrade to the newer revision, all arrays I have using ZFS mirroring are displaying errors. This started happening immediately after ZFS upgrades. Here is an example: ormandj at neutron.corenode.com:~$ zpool status pool: rpool state: DEGRADED status: One or more devices has experienced an unrecoverable error. An attempt was

I seem to have stumbled across another vulnerability in DIP. It appears to allow any user to gain control of arbitrary devices in /dev. For instance, I have successfully stolen keystrokes from a root login as follows... (I could also dump characters to the root console) $ whoami cesaro $ cat < /dev/tty1 <------ root login here bash: /dev/tty1: Permission denied

Hi, R-help, I have a group of data from RNA-seq want to be analyzed by Fisher's exact test in R. I want to compare the significant difference of about 30,0000 individuals in two different samples, and I have no idea how to use R, so could you please give me some suggestions or the scripts for Fisher's exact test? Thank you very much. Best, Guanfeng Wang [[alternative HTML version

All, Could someone explain the purpose of the uidswap functions with respect to ssh ( the client ). From what I gathered , ssh installs as setuid root and swaps ids when reading potential key files that may be read only by root. Also , I think when binding to a privileged port ssh swaps id. Is that so? What are the consequnences if you do not install ssh setuid root? ( As far I as know no uid

I'm running Debian/Squeeze on an AMD64 system. For some reason they have recently stopped shipping mount.cifs with the setuid bit set. Now it appears that they have changed the internal settings to prevent it from running setuid. This means that I can't define the share in fstab with "user" and connect from my Linux user account. Mounting smb/cifs shares seems to be blocked

just wondering about this. i noticed "make install" installs ssh-keyscan group-writable. is this intentional? openssh-2.5.2p2/Makefile.in, line 168: $(INSTALL) -m 0775 -s ssh-keyscan $(DESTDIR)$(bindir)/ssh-keyscan chris -- Christopher Linn, <celinn at mtu.edu> | By no means shall either the CEC Staff System Administrator | or MTU be held in any way liable

Hi -- I'm experiencing problems when using rsync between two different machines. Details follows: Both machines are running 2.4.23, rsync versions on both are identically configured versions of 2.5.7: rsync version 2.5.7 protocol version 26 Copyright (C) 1996-2002 by Andrew Tridgell and others <http://rsync.samba.org/> Capabilities: 64-bit files, socketpairs, hard links, symlinks,

We have a large (20Gb, 250000 files) tree which needs to replicate across our WAN on a regular basis. We have been using a wrapper script around rsync to do this; the wrapper script runs setuid-root on a Solaris 8 server. However, we have on-going problems with files whose permissions don't replicate correctly. These file permissions are the REAL problem; if the permissions aren't

Hi List, The Samba Howto Collection http://www.samba.org/samba/docs/man/Samba-HOWTO-Collection/AccessControls.html#id2611229 says: "When the set user or group ID bit (s) is set on a directory, then all files created within it will be owned by the user and/or group whose `set user or group' bit is set. " while i cannot repoduce this behavior the wikipedia says:

Hi, I believe having less root setuid binaries on system is The Way ... so: Why does RH6.2 ships with /sbin/dump & /sbin/restore root setuid? These are for sysadmins, not for regular users I hope. Is /sbin/unix_chkpwd really used and what is it used for? I haven't find anything about it in pam documentation. Is it really necessary to ship /usr/bin/gpasswd and /usr/bin/newgrp? Does

Hi, many people are having problems using SFTP with ChrootDirectory when the jail directory (or the path above) is not owned by root. The question is if chroot'ing to usual home directories can be allowed, even though they are owned by regular users. I know that this topic has been discussed on the list several times now, so I searched the list archives for posts that invalidate the

In running the various 1.0.n versions of Dovecot's LDA with the instructions in the wiki for using LDA with Postfix [on OS X 10.4] things went well using the instructions as-is (no setuid problems). This changed in moving over to the 1.1 beta. The LDA refused to work failing with the error "setgroups() failed: Operation not permitted" as I mentioned in a previous message.

Hi, When trying to connect the HyperVisor from a binary having setuid bit set , then I got following error: Unable to perform virConnectOpenReadOnly function error(internal error: libvirt.so is not safe to use from setuid programs) My test software config is the following : -rwsr-xr-x. 1 root root 3374956 Feb 4 13:45 test As this test software needs S bit to be able to access O.S.

On Sat, 11 Nov 2023, Bob Proulx wrote: > I am supporting a site that allows members to upload release files. I > have inherited this site which was previously existing. The goal is > to allow members to file transfer to and from their project area for > release distribution but not to allow general shell access and not to > allow access to other parts of the system. > >

I?m trying to configure dovecot lmtp in multi-user mode. My error logs are filled with messages saying that an imap process cannot do a setuid to another user: > May 21 22:28:46 imap(pid 17441 user myuser): Fatal: setuid(512(myuser) from userdb lookup) failed with euid=501(adminuser): Operation not permitted (This binary should probably be called with process user set to 512(myuser) instead of

Forwarding a message from Rogier Wolff: > > Nick Andrew wrote: > > Theo De Raadt pointed out (possibly not in this thread) that basing > > protection on euid is not workable. Although I like the concept of > > variable expansion in pathnames, I don''t see it as a security mechanism. > > Why not? Because programs that _were_ privileged but have set euid ==

Well, I had just finally gotten around to downloading a snapshot to test the latest on Tru64 a couple of days ago but hadn't had a chance to build it yet, and 3.7p1 has now been released. Sigh. The problem is that Tru64 setreuid() and setregid() are broken, so privsep doesn't work. This could also be a security problem for SIA authentication in general (any version of OpenSSH on Tru64,

Hello, We have just migrated a server from sun solaris 8 to sun solaris 10. In the old machine we had a Samba 3.0.20b and in the new one, we have samba 3.0.21, both compiled like this with no problems: env LD_FLAGS="-L/usr/local/lib" ./configure --with-ldapsam --without-pam --with-quotas --with-ldap --with-included-popt --with-acl-support --with-libsmbclient We share user's

Everyone, I am working on a Centos 5.9 system. I have an need to be able to activate a piece of software from /etc/smrsh that is activated when sendmail delivers the e-mail to this piece of software. I would like this piece of software to take on the user and group identities that are different than 'mail' which is what happens now. I want to use a user and group that is not root), so