similar to: use PT_DENY_ATTACH on Mac OS X

Hi, OpenSSH 5.3 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This release contains some substantial new features and a number of bugfixes. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is

OpenSSH 7.3 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. OpenSSH also includes transitional support for the legacy SSH 1.3 and 1.5 protocols that may be enabled at compile-time. Once again, we would like to thank the OpenSSH community

With these patches, a majority of tests pass. The notable things which are still broken: - Because FreeBSD links /home -> /usr/home, $(pwd) gives a different result from realpath(2). Therefore some tests which implicitly rely on (eg) a plugin which calls nbdkit_realpath internally and then checking that path against $(pwd) fail. - Shebangs (#!) don't seem to work the same way

Hi, OpenSSH 7.4 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This release contains some substantial new features and a number of bugfixes. Snapshot releases for portable OpenSSH are available from http://www.mindrot.org/openssh_snap/ The OpenBSD version is available in CVS HEAD: http://www.openbsd.org/anoncvs.html Portable OpenSSH is

OpenSSH 7.4 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. OpenSSH also includes transitional support for the legacy SSH 1.3 and 1.5 protocols that may be enabled at compile-time. Once again, we would like to thank the OpenSSH community

OpenSSH 7.4 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. OpenSSH also includes transitional support for the legacy SSH 1.3 and 1.5 protocols that may be enabled at compile-time. Once again, we would like to thank the OpenSSH community

On 3/15/23 18:25, Eric Blake wrote: > On Wed, Mar 15, 2023 at 12:01:57PM +0100, Laszlo Ersek wrote: >> Don't try to test async-signal-safety, only that >> NBD_INTERNAL_FORK_SAFE_ASSERT() works similarly to assert(): >> >> - it prints diagnostics to stderr, >> >> - it calls abort(). >> >> Some unfortunate gymnastics are necessary to avoid

On Thu, Mar 16, 2023 at 10:50:06AM +0100, Laszlo Ersek wrote: > On 3/15/23 18:25, Eric Blake wrote: > > On Wed, Mar 15, 2023 at 12:01:57PM +0100, Laszlo Ersek wrote: > >> Don't try to test async-signal-safety, only that > >> NBD_INTERNAL_FORK_SAFE_ASSERT() works similarly to assert(): > >> > >> - it prints diagnostics to stderr, > >> >

I was wondering if it might be possible for an rsync developer to look over the attached patch (tested on Linux 2.4.24 against the rsync-2.6.0 release), and offer suggestions on how I could improve it. Basically I want to use Linux finer grained capabilities to retain only CAP_SYS_CHROOT & CAP_DAC_READ_SEARCH when rsync drops root privs. That way I can take whole system backups as a (mostly)

Dear developers, OpenSSH 4.3 (both p1 and p2) has a number of issues on IRIX 5.3 which were not present with 4.2p1: configure thinks that a number of header files are unusable. This is because in order to use them other headers such as sys/types.h must be included as well, and configure's test code does not do so. checking ia.h usability... no checking ia.h presence... yes configure:

I'm running R2.0.1 under Solaris 2.9 on a SunBlade 100. When I installed it, I set things up to use the Sun compilers cc, CC, f95 with the options recommended in the installation and administration guide. Until today, no worries. With all this discussion about R GUIs I thought I'd give R Commander a go. The web page said to install a bunch of packages first, so I did >

Hello, I'm working on implementing hwasan instrumentation in GCC, and have just started discussing my current work-in-progress on the gcc-patches mailing list. (https://gcc.gnu.org/ml/gcc-patches/2019-09/msg00387.html -- the email that Kostya saw and added people to). I've gotten about as basic a user-space implementation as possible (using the interceptor ABI) up and running, and would

At the risk of beating a dead horse, I'd like to see the chroot security checks relaxed a bit. On newer Linux kernels, there's a prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) that prevents privilege elevation (via setuid binaries, etc) for the caller and all of its descendants. That means that chroot(untrusted directory), prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0), setreuid(uid, uid), execve(a

Hello all, I am attempting to cross-compile Samba 3.0.24 for the ARM platform using on an Ubuntu Dapper box using arm-linux-gcc 3.4.0. I am using the following script to call configure: #!/bin/bash ac_cv_func_prctl=no linux_getgrouplist_ok=no ./configure --without-krb5 --without-ldap --without-ads --disable-cups --without-swat --prefix=/home/tropem/samba-build --host=arm-linux

Hi, I have shorewall version 1.4.10g on Redhat 9 Local clients are on eth1 in subnet 192.168.3.0/24. eth0 is for the outside (over xdsl with includes a ppp0 interface). Nessus (nessusd) is installed *on the firewall* and managed trough nessus (the client or frontend) running on one of the internal machines. When I was running a scan against 194.152.181.36 I observed several entries like

https://bugzilla.mindrot.org/show_bug.cgi?id=3639 Bug ID: 3639 Summary: server thread aborts during client login after receiving SSH2_MSG_KEXINIT Product: Portable OpenSSH Version: 9.2p1 Hardware: ARM OS: Linux Status: NEW Severity: critical Priority: P5 Component:

I know it is just after a release, but I'm trying to see how the regression tests look on Tru64. I hadn't had a chance to really look at them before because I didn't have sudo installed on Tru64 (now I do). Anyway, for the 3.9p1 release, all of them run except for a couple of problems: - agent-ptrace fails; it looks like setgid isn't enough to kill tracing under Tru64, and I

This patch adds the ability to kinit to allow the dropping of POSIX capabilities. kinit is modified by this change, such that it understands the new kernel command line "drop_capabilities=" that specifies a comma separated list of capability names that should be dropped before switching over to the next init in the boot strap (typically on the root disk). When processing capabilities

Am 31. J?nner 2017 16:36:35 MEZ schrieb Kristian Pedersen <kp at asom-net.dk>: >Hi list, > >We still did not manage to get quota-status working. >We're hoping someone can provide some feedback/ideas on how we may >investigate this issue further? >Is it likely to be a bug fixed in a newer version? > >Regards, > >Kristian > > [...] >> >>

Hi, All, Currently we are using Samba 2.2 and planning to update to samba 3. However, I encountered the following error when I try to compile the samba-3.0.21c: ------------------------ ... Checking for creat64...yes Checking for prctl...yes Configure: error: cannot run test program while cross compiling See 'config.log' for more details. ------------------------ Would