Re: Debian vs Red Hat??? I need info.
On Sun, May 21, 2000 at 07:46:47PM -0800, Ethan Benson wrote: i think dlocate really takes care of the problem nicely, for things like status and file lists dlocate is quite fast. its unfortunate that it was removed from potato for a *ONE LINE BUG* with a fix in the bts... why oh why could there not have been an NMU?? i wasn't even aware that it was removed from potato until i tried to install dlocate on a potato system with apt-get a week or so ago. this is the second of my packages that have been removed for trivial reasons. i gave up on potato after the first one...at the time, i offered to upload a version which fixed a minor packaging error (i forgot to specify frozen as well as unstable) but i didn't get a reply until after the deadline and the answer was basically haha! too late! - this does not exactly inspire enthusiasm in me. for that reason (amongst others, like the fact that potato is already obsolete and will be even more obsolete by the time it gets released), i do not give a damn about potato. the bug isn't, IMO, even in dlocate. it is in the slocate package. slocate should NOT replace GNU locate if it is not 100% compatible with it. but, as i said, i don't care. i don't have the time or the energy to argue with a release manager whose goal seems to be to find excuses to remove packages from the distribution. IMO, the stable should be treated as a fork, anyway. craig -- craig sanders
finger
Dear friends, Can someone explain me why people are not set 4755 permission on a finger program? I see good reasons to do that: if a user does not allow to see his/her ~user tree, finger will display .plan, .project and maybe .pgp -- depends on finger version -- in any case. Maybe is there the special reasons do not do that? Security? Else? Thank you in advance, Rost
Re: finger
On Mon, May 22, 2000 at 07:01:00AM +, Rostislav Vorobyev wrote: Dear friends, Can someone explain me why people are not set 4755 permission on a finger program? I see good reasons to do that: if a user does not allow to see his/her ~user tree, finger will display .plan, .project and maybe .pgp -- depends on finger version -- in any case. Maybe is there the special reasons do not do that? Security? Else? gah, are you suggesting finger be suid root ??? that fingerd be run as root?? oh my! yes that is a huge security hole. back in the day they used to do exactly that, then users discovered they could symlink .plan to /etc/shadow or any other file they should not be allowed to see, finger themself and cha ching there is /etc/shadow! finger running as root is a very bad thing. if users want thier .plan to show they should chmod a+r on it and chmod a+x $HOME. that will allow finger to see the .plan but not anyone to ls the home directory. of course if they have an insane umask like 022, 002 or such then all there files will be readable to all, the obvious solution of couse is not to use such a horrible umask and use 027 or 007 instead. -- Ethan Benson http://www.alaska.net/~erbenson/ pgp8HUCxOn1RM.pgp Description: PGP signature
Re: finger
It's possible to make .plan or .project to be named pipes, which means that the act of reading them can cause code to be executed. If finger executes suid root, then said code can execute as root. The potential for mischief should be obvious. Thus spake Rostislav Vorobyev on Mon, May 22, 2000 at 02:01:00AM CDT Dear friends, Can someone explain me why people are not set 4755 permission on a finger program? I see good reasons to do that: if a user does not allow to see his/her ~user tree, finger will display .plan, .project and maybe .pgp -- depends on finger version -- in any case. Maybe is there the special reasons do not do that? Security? Else? Thank you in advance, Rost -- Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] /dev/null -- Lindsay Haisley | Everything works| PGP public key FMP Computer Services | if you let it | available at [EMAIL PROTECTED]|(The Roadie) | http://www.fmp.com/pubkeys http://www.fmp.com| |
Unidentified subject!
subscribe
Re: finger
It's possible to make .plan or .project to be named pipes, which means that the act of reading them can cause code to be executed. If finger executes suid root, then said code can execute as root. The potential for mischief should be obvious. could you explain this a bit? from my knowledge trying to read a pipe does not execute any process. if there is nothing on the other end then there is simply no data available. and i also cannot imagine, that finger executes the data read from the .plan and .project files - otherwise anybody could make his files trojan horses, which attack any user which fingers the evil user. did i miss something? just curious ... -- Hi! I'm a .signature virus! Copy me into your ~/.signature, please! -- If Windows is the answer, I want the problems back!
explicit path for IPv4 routing
Hi, Does any body know how to setup linux IPv4 stack to use the optional field (i belive this corresponds to 'srr' field in the 'ip_options' struct in 'include/linux/ip.h') that allows to specify an explicit path for some destinantion? Thanks.
Re: where to find web browser statistics information?
At 05:25 PM 5/19/00 +1000, Craig Sanders wrote: to yanks, socialism is an evil, dirty word - roughly equivalent to satanism. but we understand why you're like that...you've been brainwashed with anti-socialist bullshit since you were small children. Hahah, Satanism, that was a good one. :) But I still prefer individualism to socialism. the rest of the world knows it isn't anywhere near so bad. the rest of the world knows that democracy and socialism are not opposites, they are orthogonal - you can have a socialist democracy (like those in northern Whoa, orthoganol. :) while america pretends otherwise, the rest of the world knows that freedom is a lot more than just the freedom to choose between working for minimum wage and starving. Hmm, we have alots of good jobs. If a company is trying to hire somebody for min wage, good luck! Labor is so tight now even hamburger flippers make 6 bucks an hour. before you bother replying, go do some research on the subject matter. i'll just ignore anything which reeks of typical american ignorance. Research... I didn't pull this out of thin air you know. I was watching a program about Australia and it was describing some of their programs and I generally found it to be disturbing. Before that I kind of thought of Australia as a semi-idyllic place. Unlike here. This country is utterly screwed up and ass-backwards. And people wonder why the Roman Empire fell... +---+ |-=I T ' S P R I N C I P L E T H A T C O U N T S=- | |=- -=ALAN KEYES FOR PRESIDENT=- -=| | Balanced Budgets Personal Freedoms Morality Lower Tax | |=-- http://www.Keyes2000.com. --=| ++
