similar to: Apology. PGP sig mangling.

Alexander O. Yuriev wrote: > > Your message dated: Wed, 20 Nov 1996 18:04:39 EST > > >has anyone played with the securelevel variable in the kernel and the > > >immutable flags in the ext2 file system? > > > > Yes, and its actualy quite nice. > > > > >The sysctrl code seems to allow the setting of the flag > > >only by init (PID=1)

Hi, I''ve been thinking about group membership and the corresponding (weak) restrictions to system resources. Consider the following: % cat > gsh.c main() { system("/bin/sh"); } % cc -o gsh gsh.c % id uid=100(joe) gid=500(users) groups=14(floppy),15(sound) % chgrp sound gsh % chmod g+s gsh % mail abuser Subject: You owe me $5...

Hi, I get my Email from my own SMTP server on the internet using "fetchmail". Some time ago I did the smart thing and configured dovecot to use SSL and the letsencrypt certificate that automatically renews. Welllll..... a few days ago my certificate expired and the fetchmail deamon running in the background had nowhere to complain. So I didn't notice. It turns out that dovecot

Sometimes linux-security gets a message stating that program xxx might be vulnerable to an yyy-attack (*). Sometimes people follow up stating that they couldn''t find an exploit. If I ask the test-squad to test some know-to-work exploit, I get about a 50/50 response. Half couldn''t get the published exploit to work. I''ve learned to interpret "nope it doesn''t

I would be surprised if someone hasn''t encountered this already, but I haven''t found any discussion of the nature of this problem. I run RehHat 5.0. If a user makes a mistake in the login process such as the following: login: mistake password: xxx Login incorrect! login: username password xxxx bash$ a ps will show, among other things, 2333 /bin/login --mistake. Since

Hi, There have been several replies on the syslogd question. All 2 to 4 lines long. I therefore gathered them here. Roger. ----------------------------------------------------------------- From: Paul Kenyon <pkenyon@loctech.com> Date: Wed, 24 Jun 1998 11:37:01 -0500 I believe it is possible to pipe anything through SSH. I''ll find the URL to the info and post it. I

In Debian 1.1, the optional DOSEMU package installs /usr/sbin/dos setuid root. This is a serious security hole which can be exploited to gain access to any file on the system. Package: dosemu Version: 0.64.0.2-9 ------- start of cut text -------------- $ cat /etc/debian_version 1.1 $ id uid=xxxx(quinlan) gid=xxxx(quinlan) groups=xxxx(quinlan),20(dialout),24(cdrom) [quinlan:~]$ ls -al

Oops. Missed one line in the last patch.... Roger. -- ** R.E.Wolff@BitWizard.nl ** http://www.BitWizard.nl/ ** +31-15-2600998 ** *-- BitWizard writes Linux device drivers for any device you may have! --* * The Worlds Ecosystem is a stable system. Stable systems may experience * * excursions from the stable situation. We are currently in such an * * excursion: The stable situation does

Hi, When php3 module is compiled in apache, files in any directory will be interpreted by the parser and executed. This is a security breach. There is a way to correct this? Any comments? Thanks, lacj --- <levy@null.net> Levy Carneiro Jr. Linux & Network Admin From mail@mail.redhat.com Sat May 8 02:32:02 1999 Received: (qmail 28372 invoked from network); 8 May 1999 07:05:57

Automatic renewal The Ubuntu package for certbot comes pre-configured with systemd timer that will automatically renew existing certificates. What it does not handle however is reloading postfix/dovecot so that they will begin using the new certificates. For that, we need to implement a hook. Certbot has both pre and post hooks that you can use to execute a script prior to and after the renewal

I think this is an issue of serious interest to many of the subscribers of these lists; it would effectively ban a lot of security-related tools that many of use now find indispensable, e.g. ssh, pgp. ------- Start of forwarded message ------- Date: 21 Mar 1997 10:11:57 GMT From: rja14@cl.cam.ac.uk (Ross Anderson) Approved: R.E.Wolff@BitWizard.nl Subject: DTI proposals on key escrow The British

On Fri, 7 May 1999 jlewis@lewis.org wrote: > # ldd ./ls > /lib/libNoVersion.so.1 => /lib/libNoVersion.so.1 (0x40014000) > libc.so.6 => /lib/libc.so.6 (0x4001c000) > /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000) > > I''ve never heard of libNoVersion. All the /home/ftp/bin stuff in 6.0 uses > it...but it doesn''t exist.

I apologise, I asked about exporting graphs and said I could not find it. Well I did, saveplot. my apologies. >From Alberto Nettel's Desk University of Calgary Math & Stats Department. Room 346, ext 7199 E-mail: nettel at math.ucalgary.ca

https://bugzilla.samba.org/show_bug.cgi?id=5727 Summary: rsync crashes while copying large directory. Product: rsync Version: 2.6.9 Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P3 Component: core AssignedTo: wayned@samba.org ReportedBy: r.e.wolff@bitwizard.nl

Introduction. ------------ Every now and then a new "exploit" turns up of some program that uses tmp files. The first solution was "sticky bits", but since links exist (that''s a LONG time), that solution is inadequate. Discussion. ---------- The problem is that you put an object (link/pipe) in the place where you expect a program to put its tempfile, and wait for

Hi everyone, I'm trying to rsync a large directory. After pondering on the list-of-files, it's now more or less doing nothing. It's running for over 4 hours now, not doing anything except eating CPUtime on the destination for over half an hour. I don't know what it was doing before that. The stdout of the rsync reported: 4675350 files to consider (which is about right)

Ran into a weird problem, and this seemed a good forum to toss it out into -- if I've gaffed, please let me know. Just upgraded my RH5.0 box to RH5.2. Went well, worked nearly seamlessly. When running 5.0, though, I'd installed the opie-fied ftpd that comes with the most recent opie package (ftp://ftp.inner.net/pub/opie/opie-2.32.tar.gz) and had it work without a hitch. I'd also

Hi rsync team, I thought that rsync would try to overlap computing and IO on both machines. I'm rsyncing a large tree (18G) and am keeping an eye on that. Suddenly my side completely stopped. No IO visible, no CPU time spent. The otherside was doing 100% CPU. Then the other side started to do disk IO. Then suddenly the activities moved over to my side, and I saw things moving again in the

Hi, While looking for holes in the utility script, that Glynn Clements sent, I have realized that using "~/" may be dangerous. The original script: On Wed, 1 Dec 1999, Glynn Clements wrote: [---cut---] > cp ~/static-rm ~/rm # installing the "rm" binary needs to be > mv -f ~/rm /tmp/rm # safe against symlink games > cd /tmp > chroot /tmp

---------- Forwarded message ---------- Date: Tue, 30 Nov 1999 12:14:09 -0800 (PST) From: David Cantrell <david@slackware.com> To: slackware-security@slackware.com Subject: Security Patches for Slackware 7.0 Available There are several security updates available for Slackware 7.0. We will always post bug fixes and security fixes to the /patches subdirectory on the ftp site: