According to Michael Stone:
Quoting Wichert Akkerman ([EMAIL PROTECTED]):
What perl-suid should do is check the mountoptions for the filesystem on
which the script resides and abort if that was mounted with nosuid.
Should be quite simple actually..
But that's still not general enough.
On Sun, January 31 1999, Wichert Akkerman [EMAIL PROTECTED] wrote:
|Previously Amos Shapira wrote:
| Can anyone send me a working configuration for non-us?
|
|deb http://non-us.debian.org/debian-non-US slink non-US
Thanks. This works.
The ftp method URL's someone sent me are not recognized by
Javier Fdz-Sanguino Pen~a [EMAIL PROTECTED] writes:
I choose freedom, it's one that summarises it all, and trying to
find an animal that, universally, would give the impression of freedom, I
limited the choice to two bird species:
- eagles,
- hawks
Freedom or death?
Quoting Chip Salzenberg ([EMAIL PROTECTED]):
According to Michael Stone:
Quoting Wichert Akkerman ([EMAIL PROTECTED]):
What perl-suid should do is check the mountoptions for the filesystem on
which the script resides and abort if that was mounted with nosuid.
Should be quite simple
On Sun, 31 Jan 1999, Chip Salzenberg wrote:
According to Michael Stone:
Quoting Wichert Akkerman ([EMAIL PROTECTED]):
What perl-suid should do is check the mountoptions for the filesystem on
which the script resides and abort if that was mounted with nosuid.
Should be quite simple
According to Michael Stone:
Quoting Chip Salzenberg ([EMAIL PROTECTED]):
According to Michael Stone:
Quoting Wichert Akkerman ([EMAIL PROTECTED]):
What perl-suid should do is check the mountoptions for the filesystem on
which the script resides and abort if that was mounted with
Javier Fdz-Sanguino Pen~a writes:
I choose freedom, it's one that summarises it all, and trying to find an
animal that, universally, would give the impression of freedom, I limited
the choice to two bird species:
- eagles,
Fish eaters. Also symbolic of the Roman Republic and the
On Sun, 31 Jan 1999, Chip Salzenberg wrote:
The code exists to check the mount options relevant to an open file.
It's just a Small Matter of Programming to integrate that into the
Perl source code, and disable emultation of setuid scripts when the
'nosuid' mount option is set.
But, then
Previously Brian White wrote:
You know, I don't see this as grave. It means that a user can
effectively export to the world any file readable by www-data. In
general, this means only things that can be read by public. So,
the user can't intentionally export anything that he/she couldn't
On Sun, Jan 31, 1999 at 01:50:28PM +0100, Wichert Akkerman wrote:
We could then have conversations like this with our users:
CART DRIVER: Bring out your dead!
LARGE MAN: Here's one!
CART DRIVER: Ninepence.
BODY:I'm not dead!
I'm waiting for someone not to know where that's
On Sun, Jan 31, 1999 at 03:42:06PM -0600, John Hasler wrote:
Power, speed, and freedom: a wild horse.
That's been taken...
--
I'm working in the dark here. Yeah well rumor has it you do your best
work in the dark.
-- Earth: Final Conflict
According to Jules Bean:
On Sun, 31 Jan 1999, Chip Salzenberg wrote:
The code exists to check the mount options relevant to an open file.
It's just a Small Matter of Programming to integrate that into the
Perl source code, and disable emultation of setuid scripts when the
'nosuid' mount
According to Jules Bean:
On Sun, 31 Jan 1999, Chip Salzenberg wrote:
Every OS has a different set of mount options that may or may not be
relevant to setuid security. I don't see what 'higher level' would be
useful.
The correct solution to this, surely, is for the mount nosuid to
JH == John Hasler [EMAIL PROTECTED] writes:
JH Power, speed, and freedom: a wild horse.
Yes! Lets make it a black horse on yellow background and a red
frame. Vrooom vroom. :-)
Ciao,
Martin
On Sun, 31 Jan 1999, Chip Salzenberg wrote:
According to Jules Bean:
On Sun, 31 Jan 1999, Chip Salzenberg wrote:
Every OS has a different set of mount options that may or may not be
relevant to setuid security. I don't see what 'higher level' would be
useful.
The correct
[EMAIL PROTECTED] (Santiago Vila) wrote on 17.12.98 in [EMAIL PROTECTED]:
On Wed, 16 Dec 1998, Juergen A. Erhard wrote:
Joey == Joey Hess [EMAIL PROTECTED] writes:
Joey A critical bug on an unimportant package is a sure bet to get
that package Joey pulled from the distirbution
[EMAIL PROTECTED] (Wichert Akkerman) wrote on 31.01.99 in [EMAIL PROTECTED]:
Previously Michael Stone wrote:
perl-suid 31904 [EMAIL PROTECTED]: Secuity hole with pe=
rl (suidperl) and nosuid mounts on Linux] [13] (Darren Stalder [EMAIL
PROTECTED]
.com )
=20
I'm not sure
[EMAIL PROTECTED] (Branden Robinson) wrote on 31.01.99 in [EMAIL PROTECTED]:
29360: point 1) is an issue for the release notes; I can't retroactively
patch an old prerm;
You could, but it would be fairly ugly, and I'm not sure it's worth it.
Startegy: pre-depend on a package that does the
[EMAIL PROTECTED] (Bdale Garbee) wrote on 26.01.99 in [EMAIL PROTECTED]:
In article [EMAIL PROTECTED] you wrote:
Hmmm. swinstall (HP-UX native I think) seems to support dependencies.
It's pretty ugly though and I don't know if there's a command line
version.
Yes, you can drive
Guy Maor [EMAIL PROTECTED] writes:
Adam Klein [EMAIL PROTECTED] writes:
Hmm, is it really a good thing to have dinstall announce the
uploads? I often depend on the announcements to alert me to new
versions in Incoming. In the new setup, the announcements won't
come until the package
According to Jules Bean:
On Sun, 31 Jan 1999, Chip Salzenberg wrote:
Consider that I may wish to mount a filesystem nosuid for the purpose
of making a tape backup. Would I want the suid bits turned off in the
backup image? I think not.
Why not just mount it somewhere only you can get
101 - 121 of 121 matches
Mail list logo
