similar to: about GNU tar

-----BEGIN PGP SIGNED MESSAGE----- $Id: lpr-vulnerability-0.6-linux,v 1.1 1996/11/22 21:42:46 alex Exp $ Linux Security FAQ Update lpr Vulnerability Thu Nov 21 22:24:12 EST 1996 Copyright (C) 1995,1996 Alexander O. Yuriev (alex@bach.cis.temple.edu) CIS Laboratories

Alexander O. Yuriev wrote: > > Your message dated: Wed, 20 Nov 1996 18:04:39 EST > > >has anyone played with the securelevel variable in the kernel and the > > >immutable flags in the ext2 file system? > > > > Yes, and its actualy quite nice. > > > > >The sysctrl code seems to allow the setting of the flag > > >only by init (PID=1)

-----BEGIN PGP SIGNED MESSAGE----- $Id: lpr-vulnerability-0.6-linux,v 1.2 1996/11/25 22:39:20 alex Exp $ Linux Security FAQ Update lpr Vulnerability Mon Nov 25 16:56:59 EST 1996 Copyright (C) 1995,1996 Alexander O. Yuriev (alex@bach.cis.temple.edu) CIS Laboratories

-----BEGIN PGP SIGNED MESSAGE----- Buffer overflow in the resource handling code of the libXt (X11R6) Thu May 29, 1997 Distribution of this document is unlimited Copyright (C) Alexander O. Yuriev (alex@yuriev.com) Net Access Abstract A buffer overflow was found in the resource handling

Hi, Recently once again an exploit for SuperProbe was posted to the bugtraq. That message was forwarded to linux-security and Rogier Wolff rejected it on the basis of the author of the SuperProbe (David Wexelblatt) comment that it was never intended to be suid. In general, there is absolutely no reason for programs that are supposed to be run only by root to be suid to root! If your

I reported the following vulnerability to AUSCERT, but they weren''t interested. People on this list might be, though! GNU tar is lazy about file creation modes and file owners when unpacking a tar file. Because GNU tar defaults to creating files owned by the userid running tar when the username is not found on your system, it can be possible to inadvertantly create setuid root

------- start of forwarded message (RFC 934 encapsulation) ------- From: Joe Zbiciak <im14u2c@cegt201.bradley.edu> Approved: alex@bach.cis.temple.edu Sender: Bugtraq List <BUGTRAQ@netspace.org> To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org> Subject: Buffer overflow in Linux''s login program Date: Sun, 22 Dec 1996 09:27:24 -0600 Reply-To: Joe Zbiciak

>>>>> Martin Maechler <maechler at stat.math.ethz.ch> >>>>> on Tue, 1 May 2018 16:14:43 +0200 writes: >>>>> G?bor Cs?rdi <csardi.gabor at gmail.com> >>>>> on Tue, 1 May 2018 12:05:32 +0000 writes: >> This is a not too old R-devel on Linux, it already fails >> in R 3.4.4, and on macOS as well.

-----BEGIN PGP SIGNED MESSAGE----- As I am sure you noticed from my messages to linux-{security|alert}, I have changed my primary email address from alex@bach.cis.temple.edu to alex@yuriev.com. Linux Security WWW will be moved from bach.cis.temple.edu in the nearest future and while I will continue to mirror pages to make them accessible at http://bach.cis.temple.edu/linux/linux-security/, please

This is a not too old R-devel on Linux, it already fails in R 3.4.4, and on macOS as well. The tar file seems valid, external tar can untar it, so maybe an untar() bug. setwd(tempdir()) dir.create("pkg") cat("foobar\n", file = file.path("pkg", "NAMESPACE")) cat("this: that\n", file = file.path("pkg", "DESCRIPTION"))

In Debian 1.1, the optional DOSEMU package installs /usr/sbin/dos setuid root. This is a serious security hole which can be exploited to gain access to any file on the system. Package: dosemu Version: 0.64.0.2-9 ------- start of cut text -------------- $ cat /etc/debian_version 1.1 $ id uid=xxxx(quinlan) gid=xxxx(quinlan) groups=xxxx(quinlan),20(dialout),24(cdrom) [quinlan:~]$ ls -al

E.g. I am seeing: dir <- file.path(tempdir(), "test-tar") dir.create(dir) setwd(dir) dir.create("foo", showWarnings = FALSE) file.create("foo/bar.R") tar("test.tar", files = "foo/bar.R") dir.create("untarred") untar("test.tar", exdir = "untarred")

HI All, I have a directory tree that when the user un-gzips/untars it does into /opt by default. The directory tree is like: ugui | |-- <misc files> |-- source |-----framework |------ <misc files> so when unzipped I want to end it with /opt/ugui and all the stuff below it. How do I do this? Can I also issue one command that will unzip and untar the archive at the same time?

Basic tar question: I have created a ar file with tar -prvf /tmp/ib_backup.tar /opt/interbase/data/* The file has been copied to another box and I want to untar the file into /opt/interbase/data/ I am not sure about the syntax; how to specify where I want the data to be placed. Here is my start of the command: tar -xvf /tmp/ib_backup.tar #The tar file is in /tmp Todd --

Is there a way to read the cpu temp from centos? I have odd things happening on my computer. I have had a couple kernel crashes.. today I was trying to untar a file and got a "Bus error" printed on screen. after a reboot the file untared just fine. very odd behavior. Without rebooting again I was wanting to check the health... I have an Intel motherboard, 2.4 P4, 2 GIG, 2 brand new

Hi, I am trying to install asterisk on Suse 9. I downloaded asterisk-1.2.1.tarand untar this package. I am following the README and the installation instruction to run "make" ans "make install". But I can not find any "make" or "make install" in the directory asterisk-1.2.1. Can any one please help me how can I install asterisk-1.2.1 on Suse? What am I

Hi? I have a host Redhat6.1 ?when i install os the libvirt0.8.7 were contained . Latter i installed libvirt0.9.3.tar.gz without uninstall the libvirt0.8.7, i just use the virsh functions. Now i want to install libvirt0.9.7.tar.gz , and i uninstall libvirt0.9.3 and uninstall libvirt0.8.7 with "rpm -e" , i also delete some files contains vesion number 0.8.7 or o.9.3. Today i install

Hi: I get a very strange problem when I installing libvirt0.8.7.tar.gz. Here is my infomaton: compute with RHELD6.0 systerm; the systerm comes with libvirt0.8.7,bu I uninstalled it and its dependencies . And then i download the libvirt0.8.7.tar.gz , untar it ,configure --with-esx,make,make install. But I got an error like "libvirtd: /usr/local/lib/libvirt.so.0: version

Hi, Already reported here: https://stat.ethz.ch/pipermail/r-devel/2010-September/058636.html but it doesn't seem to be related (at least not in an obvious way) to the problems described in that previous thread. So the problem is that, with recent versions of R 2.12 (i.e. current R-alpha but I've observed this with R-devel for at least 2-3 months now), 'R CMD build

Yodel! I'm trying to modify rsync so that it can read the source files from a tar archive instead of a file system. I want to use this so I can fetch whole filesystems from a fileserver with (i) a more efficient storage of the filesystem images on the server and above all (ii) the process fetching the filesystem image doesn't need any privileges on the fileserver (even if some of