similar to: Another Fedora decision

> On Feb 4, 2015, at 3:16 PM, Lamar Owen <lowen at pari.edu> wrote: > > On 02/04/2015 04:55 PM, Warren Young wrote: >> Unless you have misconfigured your system, anyone who can copy /etc/shadow already has root privileges. They don?t need to crack your passwords now. You?re already boned. > > Not exactly. > > There have been remotely exploitable vulnerabilities

I just had a peek at the anaconda source for Fedora 21. Apparently you can waive the password strength tests (and the non-ASCII tests) by simply clicking "Done" twice. def _checkPasswordASCII(self, inputcheck): """Set an error message if the password contains non-ASCII characters. Like the password strength check, this check can be bypassed by

On 02/04/2015 04:55 PM, Warren Young wrote: > Unless you have misconfigured your system, anyone who can copy > /etc/shadow already has root privileges. They don?t need to crack your > passwords now. You?re already boned. Not exactly. There have been remotely exploitable vulnerabilities where an arbitrary file could be read (not written), but otherwise root access wasn't given

> On Feb 4, 2015, at 12:16 PM, Lamar Owen <lowen at pari.edu> wrote: > > Again, the real bruteforce danger is when your /etc/shadow is exfiltrated by a security vulnerability Unless you have misconfigured your system, anyone who can copy /etc/shadow already has root privileges. They don?t need to crack your passwords now. You?re already boned.

On Thu, February 5, 2015 9:06 am, James B. Byrne wrote: > > On Wed, February 4, 2015 16:55, Warren Young wrote: >>> On Feb 4, 2015, at 12:16 PM, Lamar Owen <lowen at pari.edu> wrote: >>> >>> Again, the real bruteforce danger is when your /etc/shadow is >>> exfiltrated by a security vulnerability >> >> Unless you have misconfigured your

On Wed, February 4, 2015 16:55, Warren Young wrote: >> On Feb 4, 2015, at 12:16 PM, Lamar Owen <lowen at pari.edu> wrote: >> >> Again, the real bruteforce danger is when your /etc/shadow is >> exfiltrated by a security vulnerability > > Unless you have misconfigured your system, anyone who can copy > /etc/shadow already has root privileges. They do not need

On Wed, 2015-02-04 at 14:55 -0700, Warren Young wrote: > > On Feb 4, 2015, at 12:16 PM, Lamar Owen <lowen at pari.edu> wrote: > > > > Again, the real bruteforce danger is when your /etc/shadow is exfiltrated by a security vulnerability > > Unless you have misconfigured your system, anyone who can copy /etc/shadow already has root privileges. They don?t need to

Hi, I checked the sendmail and it is: [root at godslove root]# which sendmail /usr/sbin/sendmail Plesk uses sendmail and this is what is listed in my form that was working. I tried my form at 7:27 am this morning and this is the last listing in /var/log/messages Jul 3 07:05:42 godslove authpsa: IMAP connect from @ [67.138.221.157] There are no listings in /var/log/maillog. These are the

On Wed, Feb 4, 2015 at 4:55 PM, Warren Young <wyml at etr-usa.com> wrote: >>> >> There have been remotely exploitable vulnerabilities where an arbitrary file could be read > > CVEs, please? > > I?m aware of vulnerabilities that allow a remote read of arbitrary files that are readable by the exploited process?s user, but for such an exploit to work on /etc/shadow,

James B. Byrne wrote: > > On Mon, March 27, 2017 17:31, m.roth at 5-cent.us wrote: >> Mike wrote: >>> Nice catch, Mr. Schumacher ---> The following modules are included as standard with release 1.831 of Webmin. FirewallD firewalld.wbm.gz Configure a Linux firewall using FirewallD, by editing allowed services and ports. >>> >>> This is likely the right

On Mon, March 27, 2017 17:31, m.roth at 5-cent.us wrote: > Mike wrote: >> Nice catch, Mr. Schumacher ---> The following modules are included >> as >> standard with release 1.831 of Webmin. FirewallD firewalld.wbm.gz >> Configure a Linux firewall using FirewallD, by editing allowed >> services and ports. >> >> This is likely the right tool for the

On Mon, 15 Mar 2021 at 16:26, Lamar Owen <lowen at pari.edu> wrote: > On 3/15/21 8:51 AM, Stephen John Smoogen wrote: > > Exactly that. Upstream Fedora and RHEL went to require dual density > around > > Fedora 18, RHEL-7 because the amount of data was too much. > Well, what's odd is that the actual upstream RHEL 7.9 DVD WILL fit on a > single-layer DVD. Just

On Wed, Jan 25, 2017 at 8:20 PM, Lamar Owen <lowen at pari.edu> wrote: > On 01/24/2017 11:29 PM, Sandro Bonazzola wrote: > >> Hi, >> the latest qemu-kvm-ev has been tagged for testing. >> Please give it a run and provide feedback. >> If nothing against it shows up, we'll tag it for release on Friday. >> >> Is it considered normal for the test

On 8/1/20 11:02 AM, Lamar Owen wrote: > ... > [lowen at localhost ~]$ rpm -qa | grep ^kernel|grep 147 > kernel-devel-4.18.0-147.8.1.el8_1.x86_64 > kernel-4.18.0-147.8.1.el8_1.x86_64 > kernel-modules-4.18.0-147.8.1.el8_1.x86_64 > kernel-core-4.18.0-147.8.1.el8_1.x86_64 > [lowen at localhost ~]$ Well, I sure fat-fingered that command.... let's try it again: [lowen at

Hello, On Mon, 19 Dec 2016 11:04:28 -0500 Lamar Owen <lowen at pari.edu> wrote: > On 12/19/2016 08:44 AM, ken wrote: > > Last night installed the latest, firefox-45.6.0-1.el7.centos.x86_64. > Fired it up this morning and within the first hour it's crashed three > times. That comes to it being usable for about five minutes before it > crashes. > > > >

On Fri, Feb 13, 2015 at 7:12 AM, Lamar Owen <lowen at pari.edu> wrote: > On 02/13/2015 05:41 AM, James Hogarth wrote: > > This is also why the Orange Book and its Rainbow kin exist (Orange Book = > 5200.28-STD, aka DoD Trusted Computer System Evaluation Criteria). > Should anyone care to learn from the Rainbow Books, they are available from the United States of America (USA)

Am 28.01.2016 um 18:47 schrieb Lamar Owen <lowen at pari.edu>: > On 01/28/2016 12:18 PM, Michael Hennebry wrote: >> >> Not entirely useless. >> Not everyone has to deal with systemd yet. >> For such people, "How hard should I work to avoid it?" is an important issue. >> > Michael Corleone, the God Father Part I: "Keep your friends close,

I believe it's because I'm using the 32 bit flavor of centos. Of course I found a doc stating that right after I sent the email. Thanks, Jason On Feb 20, 2016 2:18 PM, "Lamar Owen" <lowen at pari.edu> wrote: > On 02/19/2016 08:55 PM, jason welsh wrote: > >> No package centos-release-SCL available. >> Error: Nothing to do >>

On Fri, Mar 03, 2017 at 12:03:52PM -0800, Akemi Yagi wrote: > On Fri, Mar 3, 2017 at 9:16 AM, Lamar Owen <lowen at pari.edu> wrote: > > All, > > > > This is just a heads-up that the new C7 update kernel breaks ABI > > compatibility, at least as far as using the ELrepo nVidia drivers is > > concerned. I have posted more details to the ELrepo list; but since

On Jan 16, 2020, at 12:06 PM, Lamar Owen <lowen at pari.edu> wrote: > > ...or maybe even 8.1.1911 (which is part of the name of the DVD ISO file), but officially it's CentOS 8 (1911). $ lsb_release -a LSB Version: :core-4.1-amd64:core-4.1-noarch Distributor ID: CentOS Description: CentOS Linux release 8.1.1911 (Core) Release: 8.1.1911 Codename: Core