similar to: Request for a Lockdown option

Manon, On Thu, 4 Jul 2024 at 05:00, Manon Goo <manon.goo at dg-i.net> wrote: > My Idea would be to have a shared secret option that the client and server would have to proof to know when initiating the Handshake. The Server or client could terminate the connection immediately when the peer does not know the secret. So in case of a security Problem the administrator could set an

Dear Christian, >How is this different to configuring /etc/securetty and tunnelling >Telnet over SSH Port Forwarding which I don't recommend BTW? In case your SSH is remotely attackable for instance - because your LDAP is configured wrongly, - your run into some problem like CVE-2008-0166 - some users private keys are lost And you want to lock down the sshd and investigate and

Hi, I have not found any way to use a Certificate with ssh-agent when my Key is stored on a pkcs11 device. I can add my key with ssh-add -s /usr/local/lib/opensc-pkcs11.so but ssh-add -s /usr/local/lib/opensc-pkcs11.so ~/.ssh/mykey-cert.pub does not add the certificate to my agent. As far as I undestand, in ssh-add.c line 580 if (pkcs11provider != NULL) { if (update_card(agent_fd,

On 04.07.24 01:41, Manon Goo wrote: > - some users private keys are lost Then you go and remove the corresponding pubkeys from wherever they're configured. Seriously, even if you do not scan which pubkey is configured where *now* (as is part of our usual monitoring), it'll be your "number <3" task *then* to go hunt it down. > And you want to lock down the sshd

Hi all, Looking at the body for the function rnorm, I see that the body of the function is: .Call(C_rnorm, n, mean, sd) I want to implement functions that generate normal (and other) random variables. Now, I understand that I can perfectly well just call the R wrapper for these functions and that will be almost indistinguishable for most purposes, but for whatever reason I wanted to try and

Gabriel, Thanks for that! I guess I really should have figured that one out sooner, huh? I understand why that wouldn't be CRAN-compliant. But then, what *is* the proper way to do it? Is there any way I can call unexported functions from another package and have it accepted by CRAN? Also, if I instead re-write the random variable generating functions, do you have any idea of where the

Hey guys, i know this post is old, but i'm also having the same problem. I'm trying to compile MASM 6.1.5 programs in wine, and using ml.exe compiles and links everything perfectly and outputs a .exe file with no complaints. Then, when i try and run the program it give me an error like Code: fixme:module:__wine_load_dos_exe DOS executables not supported on this platform winevdm:

Well, For this particular use case why not just transform the parameters at the R level and then call the existing function? Is there not a closed form mapping? ~G On Jul 1, 2016 2:50 PM, "Joshua Ulrich" <josh.m.ulrich at gmail.com> wrote: > On Fri, Jul 1, 2016 at 6:13 AM, Luis Usier > <luis.henrique.usier at gmail.com> wrote: > > Gabriel, > > > >

Hi group As promised some months ago, I'm letting you know that lockdown is now ready for testing. Please don't study the code to much, I know it is a mess and therefore a rewrite is on it's way. But feel free to take a look at the features offered, how you use them and the default settings. When lockdown is ready for production usage, I'll release version 1.0. I guess that will

I hear you - but it seems that the choice is between (a) limiting "scp" functionality to address the security vulnerability, and (b) killing "scp" altogether. I'd much prefer (a), even if it means I lose "scp remotehost:foo\* .". Especially, since (almost always) I have equal privileges on both local and remote hosts, so in that case I just originate that

Hi all, I am doing some tests with my CentOS7 desktop. I have configured a policy to lockdown Chrome/Chromium browsers and it works perfectly. And I am trying to the same for Firefox browsers but Firefox's docs are really "hard" to understand. I have the following stopper points: a/ what is the "real" system wide's config file: firefox.js, sysprefs.js or

I only run one piece of software under wine but this app is still a great risk. The intentions and opportunity of software developers not using open source should not be underestimated. when i run env WINEPREFIX="/ubuntu/PC1/.wine" wine C:\\windows\\system32\\taskmgr.exe I am reminded again of all the security problems with windows. I was thinking that it ought to be easier to

This adds support for whitelisting the acceptable options in the "refuse options" setting in rsyncd.conf. It introduces "!" as a special option string that refuses most options and interprets any following strings as patterns of options to allow. For example, to allow only verbose and archive: refuse options = ! verbose archive The "!" does't refuse no-iconv,

Luis, C_rnorm is a symbol but it's not exported. This means that you *can* do this by using stats:::C_rnorm. That said, it's not exported, which means that it's not supported to do this. So your package likely would not be allowed on CRAN, for example. Best, ~G On Jun 30, 2016 2:08 PM, "Luis Usier" <luis.henrique.usier at gmail.com> wrote: > Hi all, > >

What: Lockdown <http://stonean.com/projects/show/lockdown> is an authorization/authentication gem for RubyOnRails 2.x This version bundles Classy Inheritance<http://stonean.com/projects/show/classy-inheritance>to simplify the management screens. There is also a lot of template cleanup in this release. *There were no changes to the security engine.* If you have questions, please

Hi guys, I'm just about to shoot on my foot so I wanted to check if there is something else to blow my full leg actually ;-)) I have setup a working Samba 3 PDC controller with user authentication and roaming profiles. I want to lock down [*] the desktop on client machines (win xp) as I did with poledit (NTConfig.POL) on Win9x/WinNT4 machines. [*] Lock downs suck as : disabling msn

Has anyone had any issues using Cucumber with Lockdown. in the following scenario, I am logged in as an admin and so should have :all access rights, however I get the following error. Authoriztion filed! prms: {"action"=>"index", "controller"=>"admin"} session: {:expiry_time=>Wed Oct 28 13:33:43 +0000 2009,

Hi All, I''m having a bit of trouble wrapping my head around "nil_lockdown_values" in the Lockdown plugin. I''m unfamiliar with how exactly this works. I''m assuming it is a helper method of sorts, but I see no definition. Does Rails simply have the ability to nil_ [somerandomliborclass]_values? Would someone mind unconfusing me? Also, where would I find

I'm seeing errors like this in my event viewer on win2k clients: Source MRx Smb "The master browser has received a server announcement that computer CONAN that believes it is the master browser for the domain ... The master brower is stoppong or an election is being forced." Event ID 8003 The other error that frequently occurs with this: Source: Netlogon "No Windows NT or

Steffen Nurpmeso wrote in <20240714024434.vvSRh10_ at steffen%sdaoden.eu>: ... |[.]do not |know about the AI_V4MAPPED flag[.] I have read https://datatracker.ietf.org/doc/html/draft-cmetz-v6ops-v4mapped-api-harmful-01 but as an application developer i find it ugly not to be able to "simply do it", and get back a mapped address. --steffen | |Der Kragenbaer,