Displaying 20 results from an estimated 20000 matches similar to: "Apology. PGP sig mangling."
1996 Nov 21
2
Re: BOUNCE: Re: Chattr +i and securelevel
Alexander O. Yuriev wrote:
>
> Your message dated: Wed, 20 Nov 1996 18:04:39 EST
> > >has anyone played with the securelevel variable in the kernel and the
> > >immutable flags in the ext2 file system?
> >
> > Yes, and its actualy quite nice.
> >
> > >The sysctrl code seems to allow the setting of the flag
> > >only by init (PID=1)
1996 Nov 14
0
setgid binaries
Hi,
I''ve been thinking about group membership and the corresponding (weak)
restrictions to system resources. Consider the following:
% cat > gsh.c
main()
{
system("/bin/sh");
}
% cc -o gsh gsh.c
% id
uid=100(joe) gid=500(users) groups=14(floppy),15(sound)
% chgrp sound gsh
% chmod g+s gsh
% mail abuser
Subject: You owe me $5...
2020 Oct 09
11
Feature request.
Hi,
I get my Email from my own SMTP server on the internet using
"fetchmail". Some time ago I did the smart thing and configured
dovecot to use SSL and the letsencrypt certificate that automatically
renews.
Welllll..... a few days ago my certificate expired and the fetchmail
deamon running in the background had nowhere to complain. So I didn't
notice.
It turns out that dovecot
1997 Jan 22
1
program xxx is not vulnerable.
Sometimes linux-security gets a message stating that program xxx might
be vulnerable to an yyy-attack (*). Sometimes people follow up stating
that they couldn''t find an exploit.
If I ask the test-squad to test some know-to-work exploit, I get about
a 50/50 response. Half couldn''t get the published exploit to work.
I''ve learned to interpret "nope it doesn''t
1998 Sep 01
5
/bin/login problem
I would be surprised if someone hasn''t encountered this already, but I
haven''t found any discussion of the nature of this problem. I run RehHat
5.0. If a user makes a mistake in the login process such as the
following:
login: mistake
password: xxx
Login incorrect!
login: username
password xxxx
bash$
a ps will show, among other things,
2333 /bin/login --mistake.
Since
1998 Jun 25
1
Re: syslogd communication
Hi,
There have been several replies on the syslogd question. All 2 to 4
lines long. I therefore gathered them here.
Roger.
-----------------------------------------------------------------
From: Paul Kenyon <pkenyon@loctech.com>
Date: Wed, 24 Jun 1998 11:37:01 -0500
I believe it is possible to pipe anything through SSH. I''ll find the URL to
the info and post it. I
1996 Nov 14
1
Security hole in Debian 1.1 dosemu package
In Debian 1.1, the optional DOSEMU package installs /usr/sbin/dos
setuid root. This is a serious security hole which can be exploited
to gain access to any file on the system.
Package: dosemu
Version: 0.64.0.2-9
------- start of cut text --------------
$ cat /etc/debian_version
1.1
$ id
uid=xxxx(quinlan) gid=xxxx(quinlan) groups=xxxx(quinlan),20(dialout),24(cdrom)
[quinlan:~]$ ls -al
2003 Jun 18
1
Oops more testing was required....
Oops. Missed one line in the last patch....
Roger.
--
** R.E.Wolff@BitWizard.nl ** http://www.BitWizard.nl/ ** +31-15-2600998 **
*-- BitWizard writes Linux device drivers for any device you may have! --*
* The Worlds Ecosystem is a stable system. Stable systems may experience *
* excursions from the stable situation. We are currently in such an *
* excursion: The stable situation does
1999 May 07
3
php3 module and security
Hi,
When php3 module is compiled in apache, files in any directory will
be interpreted by the parser and executed. This is a security breach.
There is a way to correct this? Any comments?
Thanks,
lacj
---
<levy@null.net>
Levy Carneiro Jr.
Linux & Network Admin
From mail@mail.redhat.com Sat May 8 02:32:02 1999
Received: (qmail 28372 invoked from network); 8 May 1999 07:05:57
2020 Oct 09
0
Feature request.
Automatic renewal
The Ubuntu package for certbot comes pre-configured with systemd timer that will automatically renew existing certificates. What it does not handle however is reloading postfix/dovecot so that they will begin using the new certificates. For that, we need to implement a hook.
Certbot has both pre and post hooks that you can use to execute a script prior to and after the renewal
1997 Mar 31
5
UK Encryption ban legislation {from: [comp.risks] RISKS DIGEST 18.95}
I think this is an issue of serious interest to many of the subscribers
of these lists; it would effectively ban a lot of security-related tools
that many of use now find indispensable, e.g. ssh, pgp.
------- Start of forwarded message -------
Date: 21 Mar 1997 10:11:57 GMT
From: rja14@cl.cam.ac.uk (Ross Anderson)
Approved: R.E.Wolff@BitWizard.nl
Subject: DTI proposals on key escrow
The British
1999 May 07
1
Re: Redhat Linux 6.0 Problem
On Fri, 7 May 1999 jlewis@lewis.org wrote:
> # ldd ./ls
> /lib/libNoVersion.so.1 => /lib/libNoVersion.so.1 (0x40014000)
> libc.so.6 => /lib/libc.so.6 (0x4001c000)
> /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)
>
> I''ve never heard of libNoVersion. All the /home/ftp/bin stuff in 6.0 uses
> it...but it doesn''t exist.
2004 May 26
1
apology
I apologise, I asked about exporting graphs and said I could not find it.
Well I did, saveplot.
my apologies.
>From Alberto Nettel's Desk
University of Calgary
Math & Stats Department.
Room 346, ext 7199
E-mail: nettel at math.ucalgary.ca
2008 Aug 31
5
DO NOT REPLY [Bug 5727] New: rsync crashes while copying large directory.
https://bugzilla.samba.org/show_bug.cgi?id=5727
Summary: rsync crashes while copying large directory.
Product: rsync
Version: 2.6.9
Platform: Other
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P3
Component: core
AssignedTo: wayned@samba.org
ReportedBy: r.e.wolff@bitwizard.nl
1998 Mar 09
2
Towards a solution of tmp-file problems.
Introduction.
------------
Every now and then a new "exploit" turns up of some program that uses
tmp files. The first solution was "sticky bits", but since links exist
(that''s a LONG time), that solution is inadequate.
Discussion.
----------
The problem is that you put an object (link/pipe) in the place where
you expect a program to put its tempfile, and wait for
2003 Aug 26
1
Long pause.
Hi everyone,
I'm trying to rsync a large directory. After pondering on the
list-of-files, it's now more or less doing nothing. It's
running for over 4 hours now, not doing anything except
eating CPUtime on the destination for over half an hour. I don't
know what it was doing before that.
The stdout of the rsync reported:
4675350 files to consider
(which is about right)
1998 Dec 03
2
interactions between OPIE-ftpd and RH5.2
Ran into a weird problem, and this seemed a good forum to toss it out into
-- if I've gaffed, please let me know.
Just upgraded my RH5.0 box to RH5.2. Went well, worked nearly seamlessly.
When running 5.0, though, I'd installed the opie-fied ftpd that comes with
the most recent opie package (ftp://ftp.inner.net/pub/opie/opie-2.32.tar.gz)
and had it work without a hitch. I'd also
2003 Jun 17
1
efficiency issue with rsync.....
Hi rsync team,
I thought that rsync would try to overlap computing and IO on both
machines.
I'm rsyncing a large tree (18G) and am keeping an eye on that.
Suddenly my side completely stopped. No IO visible, no CPU
time spent. The otherside was doing 100% CPU. Then the other
side started to do disk IO. Then suddenly the activities moved
over to my side, and I saw things moving again in the
1999 Dec 03
0
Re: Programming ...
Hi,
While looking for holes in the utility script, that Glynn Clements sent, I
have realized that using "~/" may be dangerous. The original script:
On Wed, 1 Dec 1999, Glynn Clements wrote:
[---cut---]
> cp ~/static-rm ~/rm # installing the "rm" binary needs to be
> mv -f ~/rm /tmp/rm # safe against symlink games
> cd /tmp
> chroot /tmp
1999 Dec 01
0
Security Patches for Slackware 7.0 Available (fwd)
---------- Forwarded message ----------
Date: Tue, 30 Nov 1999 12:14:09 -0800 (PST)
From: David Cantrell <david@slackware.com>
To: slackware-security@slackware.com
Subject: Security Patches for Slackware 7.0 Available
There are several security updates available for Slackware 7.0. We will
always post bug fixes and security fixes to the /patches subdirectory on
the ftp site: