Re: [ilugd] about device drivers
Hi! --- [EMAIL PROTECTED] wrote: hi, I want to know that how the device drivers built in linux.plz help me and suggest me some good books. thanks.. The one an only LDD(linux device drivers) by orielly. Search the net there is also an online version of this book bye vivek = When DESTINY has closed all the DOORS; Jump out of the WINDOW __ Do you Yahoo!? Find out what made the Top Yahoo! Searches of 2003 http://search.yahoo.com/top2003 ___ ilugd mailing list [EMAIL PROTECTED] http://frodo.hserus.net/mailman/listinfo/ilugd
Re: [ilugd] How to run a webserver
On Mon, 2004-01-05 at 08:28, Robins Tharakan wrote: hi, install apache (http://httpd.apache.org) place the files in the appropriate directories... Sorry some how the [SNIP] snipped more than I intended. If Abishek has installed RH9 complete then all he has to do is: chkconfig --level 35 htppd on Or achieve the same by marking setup serviceshttpd -- Sudev Barar Learning Linux ___ ilugd mailing list [EMAIL PROTECTED] http://frodo.hserus.net/mailman/listinfo/ilugd
Re: [ilugd] Is it possible to create users in bulk
Try the following for i in `cat /file with user list` do useradd $i done To change their password in bulk chpasswd filename Where filename is a file with user:password format You may want to use chpasswd -e filename, if the file has user:encrypted passwd format. regards, alok sinha s nagar wrote: hi everyone i need to ask you one thing that whether it is possible to create users in bulk rather than creating single user in case there are many users to be created and simultaneously giving them same password as their username. in case you have some solution then please do reply. Thanking you all Sandeep - Do you Yahoo!? Free Pop-Up Blocker - Get it now ___ ilugd mailing list [EMAIL PROTECTED] http://frodo.hserus.net/mailman/listinfo/ilugd ___ ilugd mailing list [EMAIL PROTECTED] http://frodo.hserus.net/mailman/listinfo/ilugd
Re: [ilugd] about device drivers
book by Rubini on linux device driver is there its a good book.. also available on net On Mon, 05 Jan 2004 [EMAIL PROTECTED] wrote : hi, I want to know that how the device drivers built in linux.plz help me and suggest me some good books. thanks.. -- sachin jain ___ ilugd mailing list [EMAIL PROTECTED] http://frodo.hserus.net/mailman/listinfo/ilugd ___ ilugd mailing list [EMAIL PROTECTED] http://frodo.hserus.net/mailman/listinfo/ilugd
Re: [ilugd] How to run a webserver
Hi Friends Its me again mine previous problem has been solved but I have a new one. I have a small website. Someone told me that you can check your CGI/PERL programmes on your computer before you publish via running a webserver. The address for accesing your website on your computer will be 127.0.0.1 .I know how to do that on Windows but can't do on Linux. I have Linux 9.0 running on mine PC. If any of you could help me I shall be very very grateful. Thanks Abhishek jain Well Apache seems the best choice .. , if your are looking for *much* simpler and smaller options ...try Abyss Web Server http://www.aprelium.com/abyssws/not GPL ...but *free*. Its available for Windows and Mac also . some IDE's also have a built in server that can be used to test cgi's ... regards Ankit . ___ ilugd mailing list [EMAIL PROTECTED] http://frodo.hserus.net/mailman/listinfo/ilugd
RE: [ilugd] delay in bootup process - RH 8.0
Must be due to Time Skew Error... Try #touch /etc/mail #touch /etc/mail/* And restart the Sendmail service... HTH... Regards, Gurpreet Singh Sachdeva -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of MALKIAT BENIPAL Sent: Tuesday, December 30, 2003 1:17 AM To: [EMAIL PROTECTED] Subject: [ilugd] delay in bootup process - RH 8.0 Hello guys, I have installed RH 8.0 on a HCL PC. While booting and coming at the stage of Starting mail it takes approx. 3-4 minutes and then proceeds ahead. Pl. guide where is the problem. I shall be thankful to you. Best Regards, MALKIAT [EMAIL PROTECTED] - Do you Yahoo!? Protect your identity with Yahoo! Mail AddressGuard ___ ilugd mailing list [EMAIL PROTECTED] http://frodo.hserus.net/mailman/listinfo/ilugd ___ ilugd mailing list [EMAIL PROTECTED] http://frodo.hserus.net/mailman/listinfo/ilugd
[ilugd] ILUG-D: about the website
Message from rakesh kumar: first thing i am not going to comment of suggest any thing about the website. i just want your help i have just developed a small site and now i want to publish it . i have the infrastructure i,e 1) i have a real ip and computer running apaache web server ( i think no need to mention it is running on linux 8.0) but as new to linux i am not getting proper support , can u guide me with best regards rakesh kumar -- This email is brought to you by http://www.linux-delhi.org/ ___ ilugd mailing list [EMAIL PROTECTED] http://frodo.hserus.net/mailman/listinfo/ilugd
[ilugd] (fwd) Linux kernel mremap vulnerability
[Your distribution vendor will be bringing out a new kernel soon. Please upgrade if you use kernel 2.2, 2.4 or 2.6 -- Raju] This is an RFC 1153 digest. (1 message) -- MIME-Version: 1.0 Message-ID: [EMAIL PROTECTED] From: Paul Starzetz [EMAIL PROTECTED] Sender: [EMAIL PROTECTED] To: [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: [Full-Disclosure] Linux kernel mremap vulnerability Date: Mon, 5 Jan 2004 13:30:32 +0100 (CET) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Synopsis: Linux kernel do_mremap local privilege escalation vulnerability Product: Linux kernel Version: 2.2, 2.4 and 2.6 series Vendor:http://www.kernel.org/ URL: http://isec.pl/vulnerabilities/isec-0012-mremap.txt CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0985 Author:Paul Starzetz [EMAIL PROTECTED], Wojciech Purczynski [EMAIL PROTECTED] Date: January 5, 2004 Issue: == A critical security vulnerability has been found in the Linux kernel memory management code in mremap(2) system call due to incorrect bound checks. Details: The mremap system call provides functionality of resizing (shrinking or growing) as well as moving across process's addressable space of exist ing virtual memory areas (VMAs) or any of its parts. A typical VMA covers at least one memory page (which is exactly 4kB on the i386 architecture). An incorrect bound check discovered inside the do_mremap() kernel code performing remapping of a virtual memory area may lead to creation of a virtual memory area of 0 bytes length. The problem bases on the general mremap flaw that remapping of 2 pages from inside a VMA creates a memory hole of only one page in length but an additional VMA of two pages. In the case of a zero sized remapping request no VMA hole is created but an additional VMA descriptor of 0 bytes in length is created. Such a malicious virtual memory area may disrupt the operation of other parts of the kernel memory management subroutines finally leading to un expected behavior. A typical process's memory layout showing invalid VMA created with mremap system call: 08048000-0804c000 r-xp 03:05 959142 /tmp/test 0804c000-0804d000 rw-p 3000 03:05 959142 /tmp/test 0804d000-0804e000 rwxp 00:00 0 4000-40014000 r-xp 03:05 1544523/lib/ld-2.3.2.so 40014000-40015000 rw-p 00013000 03:05 1544523/lib/ld-2.3.2.so 40015000-40016000 rw-p 00:00 0 4002c000-40158000 r-xp 03:05 1544529/lib/libc.so.6 40158000-4015d000 rw-p 0012b000 03:05 1544529/lib/libc.so.6 4015d000-4015f000 rw-p 00:00 0 [*] 6000-6000 rwxp 00:00 0 bfffe000-c000 rwxp f000 00:00 0 The broken VMA in the above example has been marked with a [*]. Impact: === Since no special privileges are required to use the mremap(2) system call any process may misuse its unexpected behavior to disrupt the ker nel memory management subsystem. Proper exploitation of this vulnerabil ity may lead to local privilege escalation including execution of arbi trary code with kernel level access. Proof-of-concept exploit code has been created and successfully tested giving UID 0 shell on vulnerable systems. The exploitability of the discovered vulnerability is possible, although not a trivial one. We have identified at least two different attack vec tors for the 2.4 kernel series. All users are encouraged to patch all vulnerable systems as soon as appropriate vendor patches are released. Credits: Paul Starzetz [EMAIL PROTECTED] has identified the vulnerability and performed further research. COPYING, DISTRIBUTION, AND MODIFICATION OF INFORMATION PRESENTED HERE IS ALLOWED ONLY WITH EXPRESS PERMISSION OF ONE OF THE AUTHORS. Disclaimer: === This document and all the information it contains are provided as is, for educational purposes only, without warranty of any kind, whether ex press or implied. The authors reserve the right not to be responsible for the topicality, correctness, completeness or quality of the information provided in this document. Liability claims regarding damage caused by the use of any information provided, including any kind of information which is in complete or incorrect, will therefore be rejected. - -- Paul Starzetz iSEC Security Research http://isec.pl/ -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE/+Vj2C+8U3Z5wpu4RApegAKCOkWCWg8Jy/y9S1WtEWxerkkQNbQCgk/X9 8aGjOA7fTT8EynIFw/sgoHU= =Aw61 -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html -- End of this Digest ** -- Raj Mathur[EMAIL PROTECTED]
[ilugd] Re: [LIH](fwd) Linux kernel mremap vulnerability
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rishabh == Rishabh Manocha [EMAIL PROTECTED] writes: Rishabh hello everyone, I am Rishabh...I am a 19 year old student Rishabh at the University of Texas at Austin.I am presently in Rishabh The hague in Holland where my parents live. I have been Rishabh using linux for the past year. now as you might assume i Rishabh do not have much of an idea of the kernel level Rishabh activities of a LINUX system. i have no idea what was Rishabh written in this message.anyone have the time to decode it Rishabh for me.also could you please tell me if there are patches Rishabh already avaliable for the vulnerability.I am running Rishabh kernel 2.4.23 on a debian system. thanks a lot. Rishabh Rishabh Manocha Well, actually that's why the short summary from me at the top of the message. If you don't understand the kernel (I don't!), just upgrade it as soon as your distribution vendor brings out a new kernel package - -- it's as easy as apt-get update ; apt-get upgrade (on Debian -- other distributions will have other ways of upgrading). In any case, upgrade your system(s) on a regular basis. It's best to keep on top of security vulnerabilities that may cause you to lose control over your own system, and, what is worse, become a menace to others on the Internet. Regards, - -- Raju Rishabh On Mon, 5 Jan 2004, Raj Mathur wrote: [Your distribution vendor will be bringing out a new kernel soon. Please upgrade if you use kernel 2.2, 2.4 or 2.6 -- Raju] [snip] Synopsis: Linux kernel do_mremap local privilege escalation vulnerability Product: Linux kernel Version: 2.2, 2.4 and 2.6 series Vendor: http://www.kernel.org/ URL: http://isec.pl/vulnerabilities/isec-0012-mremap.txt CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0985 Author: Paul Starzetz [EMAIL PROTECTED], Wojciech Purczynski [EMAIL PROTECTED] Date: January 5, 2004 [more snip] - -- Raj Mathur[EMAIL PROTECTED] http://kandalaya.org/ GPG: 78D4 FC67 367F 40E2 0DD5 0FEF C968 D0EF CC68 D17F It is the mind that moves -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.7 (GNU/Linux) Comment: Processed by Mailcrypt 3.5.6 and Gnu Privacy Guard http://www.gnupg.org/ iD8DBQE/+hbyyWjQ78xo0X8RAtvNAKCHFLO2tQQawM2U7cgKzCtH1i6HVACfSTPT BmbdgErSS3G/kv4+ZOnIKTk= =CcMk -END PGP SIGNATURE- ___ ilugd mailing list [EMAIL PROTECTED] http://frodo.hserus.net/mailman/listinfo/ilugd
Re: [ilugd] How to run a webserver
On Mon, 2004-01-05 at 08:28, Robins Tharakan wrote: hi, install apache (http://httpd.apache.org) place the files in the appropriate directories... If Abhishek has done a full RH9 install then apache is already there. All he has to do is give command setup and from the menu there go to service and tick httpd This should start the apache server. Another way to achieve the same is to give command chkconfig --level 35 httpd on HTH -- Sudev Barar [EMAIL PROTECTED] ___ ilugd mailing list [EMAIL PROTECTED] http://frodo.hserus.net/mailman/listinfo/ilugd
RE: [ilugd] delay in bootup process - RH 8.0
On Mon, 2004-01-05 at 20:59, Gurpreet Singh Sachdeva wrote: Must be due to Time Skew Error... Try #touch /etc/mail #touch /etc/mail/* And restart the Sendmail service... HTH... Regards, Gurpreet Singh Sachdeva -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of MALKIAT BENIPAL Sent: Tuesday, December 30, 2003 1:17 AM To: [EMAIL PROTECTED] Subject: [ilugd] delay in bootup process - RH 8.0 Hello guys, I have installed RH 8.0 on a HCL PC. While booting and coming at the stage of Starting mail it takes approx. 3-4 minutes and then proceeds ahead. Pl. guide where is the problem. I shall be thankful to you. Best Regards, MALKIAT [EMAIL PROTECTED] If you are referring to sendmail start errorI found that this always occurred when you installed any RH version. The error says your sendmail files have time stamp in future...some thing like that. Surprisingly the error will disappear next day. What I have inferred is that at the time of install the GMT (or probably EST USA) is stamped on some sendmail files and since we end up setting our system to IST the error remains till the local time in GMT is past the time stamp. HTH -- Sudev Barar Learning Linux ___ ilugd mailing list [EMAIL PROTECTED] http://frodo.hserus.net/mailman/listinfo/ilugd
[ilugd] Re: about device drivers
At 2004-01-06 09:19:56 +0530, [EMAIL PROTECTED] wrote: Due to some problem with GPL, the online version is un-available. Huh? Google for Linux Device Drivers. First link. -- ams ___ ilugd mailing list [EMAIL PROTECTED] http://frodo.hserus.net/mailman/listinfo/ilugd
[ilugd] T-Shirt,LOGO and a URL
http://www.isc.tamu.edu/~lewing/linux/ http://www.isc.tamu.edu/~lewing/linux/notes.html Interesting link on Linux 2.0 Penguins and how they were drawn. [Wait before you pounce on me. I did not suggest redrawing the Maharaja Tux yet] -Tarun ___ ilugd mailing list [EMAIL PROTECTED] http://frodo.hserus.net/mailman/listinfo/ilugd
[ilugd] how to un-block the mail server from blocked lists
Dear friends, Our qmail mail server was once gone into open relay mode by mistake and afterwards it was corrected. During that time our server was blocked by some block lists and after the relay was closed all of them were corrected except one list - Blars Block List. Due to this we are not able to send any mails to rediff accounts. When I tried to contact the web site of blars ie. http://block.blars.org/ i find that we have to pay some money to get the entry removed. When all others have removed the entry free of cost this site is asking for money. Has any body experienced this problem? What is the way out. Is it only by paying the amount ? Pl. let me know. -- seshagiri __ Do you Yahoo!? Yahoo! Hotjobs: Enter the Signing Bonus Sweepstakes http://hotjobs.sweepstakes.yahoo.com/signingbonus ___ ilugd mailing list [EMAIL PROTECTED] http://frodo.hserus.net/mailman/listinfo/ilugd
Re: [ilugd] Re: about device drivers
I am sorry, i mentioned wrongly, it's GNU Free Documentation License. Earlier, the requirements of the license were not fully complied so it was not available as such. Nice to see it available on net. Thanks for information. vikas - Original Message - From: Abhijit Menon-Sen [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, January 06, 2004 10:28 AM Subject: [ilugd] Re: about device drivers At 2004-01-06 09:19:56 +0530, [EMAIL PROTECTED] wrote: Due to some problem with GPL, the online version is un-available. Huh? Google for Linux Device Drivers. First link. -- ams ___ ilugd mailing list [EMAIL PROTECTED] http://frodo.hserus.net/mailman/listinfo/ilugd ___ ilugd mailing list [EMAIL PROTECTED] http://frodo.hserus.net/mailman/listinfo/ilugd
[ilugd] Re: about device drivers
At 2004-01-06 12:17:11 +0530, [EMAIL PROTECTED] wrote: Earlier, the requirements of the license were not fully complied so it was not available as such. Nice to see it available on net. It's been available from that site for two and a half years, since the second edition was published in June 2001. -- ams ___ ilugd mailing list [EMAIL PROTECTED] http://frodo.hserus.net/mailman/listinfo/ilugd
[ilugd] Re: [LIH](fwd) Linux kernel mremap vulnerability
hello everyone, I am Rishabh...I am a 19 year old student at the University of Texas at Austin.I am presently in The hague in Holland where my parents live. I have been using linux for the past year. now as you might assume i do not have much of an idea of the kernel level activities of a LINUX system. i have no idea what was written in this message.anyone have the time to decode it for me.also could you please tell me if there are patches already avaliable for the vulnerability.I am running kernel 2.4.23 on a debian system. thanks a lot. Rishabh Manocha On Mon, 5 Jan 2004, Raj Mathur wrote: [Your distribution vendor will be bringing out a new kernel soon. Please upgrade if you use kernel 2.2, 2.4 or 2.6 -- Raju] This is an RFC 1153 digest. (1 message) -- MIME-Version: 1.0 Message-ID: [EMAIL PROTECTED] From: Paul Starzetz [EMAIL PROTECTED] Sender: [EMAIL PROTECTED] To: [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: [Full-Disclosure] Linux kernel mremap vulnerability Date: Mon, 5 Jan 2004 13:30:32 +0100 (CET) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Synopsis: Linux kernel do_mremap local privilege escalation vulnerability Product: Linux kernel Version: 2.2, 2.4 and 2.6 series Vendor:http://www.kernel.org/ URL: http://isec.pl/vulnerabilities/isec-0012-mremap.txt CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0985 Author:Paul Starzetz [EMAIL PROTECTED], Wojciech Purczynski [EMAIL PROTECTED] Date: January 5, 2004 Issue: == A critical security vulnerability has been found in the Linux kernel memory management code in mremap(2) system call due to incorrect bound checks. Details: The mremap system call provides functionality of resizing (shrinking or growing) as well as moving across process's addressable space of exist ing virtual memory areas (VMAs) or any of its parts. A typical VMA covers at least one memory page (which is exactly 4kB on the i386 architecture). An incorrect bound check discovered inside the do_mremap() kernel code performing remapping of a virtual memory area may lead to creation of a virtual memory area of 0 bytes length. The problem bases on the general mremap flaw that remapping of 2 pages from inside a VMA creates a memory hole of only one page in length but an additional VMA of two pages. In the case of a zero sized remapping request no VMA hole is created but an additional VMA descriptor of 0 bytes in length is created. Such a malicious virtual memory area may disrupt the operation of other parts of the kernel memory management subroutines finally leading to un expected behavior. A typical process's memory layout showing invalid VMA created with mremap system call: 08048000-0804c000 r-xp 03:05 959142 /tmp/test 0804c000-0804d000 rw-p 3000 03:05 959142 /tmp/test 0804d000-0804e000 rwxp 00:00 0 4000-40014000 r-xp 03:05 1544523/lib/ld-2.3.2.so 40014000-40015000 rw-p 00013000 03:05 1544523/lib/ld-2.3.2.so 40015000-40016000 rw-p 00:00 0 4002c000-40158000 r-xp 03:05 1544529/lib/libc.so.6 40158000-4015d000 rw-p 0012b000 03:05 1544529/lib/libc.so.6 4015d000-4015f000 rw-p 00:00 0 [*] 6000-6000 rwxp 00:00 0 bfffe000-c000 rwxp f000 00:00 0 The broken VMA in the above example has been marked with a [*]. Impact: === Since no special privileges are required to use the mremap(2) system call any process may misuse its unexpected behavior to disrupt the ker nel memory management subsystem. Proper exploitation of this vulnerabil ity may lead to local privilege escalation including execution of arbi trary code with kernel level access. Proof-of-concept exploit code has been created and successfully tested giving UID 0 shell on vulnerable systems. The exploitability of the discovered vulnerability is possible, although not a trivial one. We have identified at least two different attack vec tors for the 2.4 kernel series. All users are encouraged to patch all vulnerable systems as soon as appropriate vendor patches are released. Credits: Paul Starzetz [EMAIL PROTECTED] has identified the vulnerability and performed further research. COPYING, DISTRIBUTION, AND MODIFICATION OF INFORMATION PRESENTED HERE IS ALLOWED ONLY WITH EXPRESS PERMISSION OF ONE OF THE AUTHORS. Disclaimer: === This document and all the information it contains are provided as is, for educational purposes only, without warranty of any kind, whether ex press or implied. The authors reserve the right not to be responsible for the topicality, correctness, completeness or quality of the information provided in this document. Liability
