Re: Debian Stable server hacked
On Fri, Aug 22, 2003 at 06:35:37PM -0400, Phillip Hofmeister wrote: On Fri, 22 Aug 2003 at 10:32:27AM -0400, Matt Zimmerman wrote: It is often the case that the attacker doesn't know the exact location of structures in memory; there are techniques for finding out. I'm sure that the authors of PaX do not misrepresent it as complete protection. It's pointless to argue about it; it's clear that PaX provides some value in protection against security vulnerabilities, and I think it's also clear that because it will break many existing applications, it is not suitable for use by default. But there is no reason why a PaX-enabled kernel could not be provided as an option. All it needs is someone willing to do the work (hint, hint). I would be willing to maintain a grsec kernel image with PaX and temp. file symlink blocking if someone would be willing to sponsor it (hint, hint) I really do not have the time to sponsor you, but would like to see this happen. If you put together reasonable packages and ask on the mailing lists, I don't think you'd have a problem finding a sponsor. There are a number developers who are interested in this. -- - mdz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: The possibility of malicious code in the Debian unstablelibtool-1.5 package
On 26 Aug 2003, Scott James Remnant wrote: My tracking of the libtool 1.5 branch of CVS predates the compromise, trust me, there's no naughty code in there. Thanks for that strong public reassurance and the useful discussion that preceded it. Alan __ Alan W. Irwin email: [EMAIL PROTECTED] phone: 250-727-2902 Astronomical research affiliation with Department of Physics and Astronomy, University of Victoria (astrowww.phys.uvic.ca). Programming affiliations with the PLplot scientific plotting software package (plplot.org), the Yorick front-end to PLplot (yplot.sf.net), the Loads of Linux Links project (loll.sf.net), and the Linux Brochure Project (lbproject.sf.net). __ Linux-powered Science __ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Fw: Debian-security copy any DVD to a standart CD at home OZKrmIV
Title: vGbpJdd Hello, Debian-security! abTwaTv WATCH CNN Ka Ajw ANALYSIS NYTimes AFcBV 'Don't listen to' gossip MF
Re[0]:
Title: t7JImaDD where were? Debian-security bfl Welcome! xwYTw ZRav Yes, of course. I Debian-security And if you mMtzz
Re: Eric Allman has changed jobs
On Wed, Aug 27, 2003 at 03:46:22PM -0700, Eric Allman's vacation droid wrote: I have left the University. Your mail is being forwarded to me. [blah blah blah] Am I the only one that finds the author of Sendmail spamming a mailing list with a vacation program amusing? [1] Ha ha. What do you do for an encore? PS I'll go check the qmail list and see what happens there, maybe he's a lurker... that'd sure create some stir and derision. [1] Is that RFC compliant? Even *if* you wrote it? -- Ted Deppner http://www.deppner.us/
Re: Eric Allman has changed jobs
On Wed, Aug 27, 2003 at 06:29:23PM -0700, Ted Deppner wrote: On Wed, Aug 27, 2003 at 03:46:22PM -0700, Eric Allman's vacation droid wrote: I have left the University. Your mail is being forwarded to me. [blah blah blah] Am I the only one that finds the author of Sendmail spamming a mailing list with a vacation program amusing? [1] Probably. It shows your idiocy. His autoresponder was replying to a forged message. Not a thing he could do about it. noah pgpUBpcfukw6E.pgp Description: PGP signature