Joe wrote:
> Is there any reason that this hasn't been added to dpkg's code?
You might want to use suidmanager for that. Many packages containing
suid binaries use it.
On Wed, 26 Apr 2000, Ivan J. Varzinczak wrote:
>
> Hello, everybody!
>
> I'm translating a set of firewall rules from a BSD-Unix that
> uses ipfw to ipchains in linux 2.2.14.
> I have a rule that states the following:
>
> /sbin/ipfw add 1051 pass tcp from any to any establishe
Oh gosh, I made a rime! :-)
Sergio
I think it is a good idea. I have that problem all the times, and
verifying by hand takes time, especially if you happen to update 150
packages at the time...
Sergio
Hello all,
When installing programs with dpkg (and it's various frontends) you get no
warning when a setuid or setgid file is installed. I would consider it
desirable behaviour of dpkg to alert the user who's installing the package
that it contains a setuid or setgid binary, the path of that bina
* Alexander Hvostov
| Tollef,
|
| NFS requires an RPC portmapper, so things get a bit complicated...
You can do a "mass port forward", I think it might work, but I don't
know NFS that well.
| What's SFS?
Self-Certifying File System
SFS is a secure, global file system with completely dece
Tim Haynes wrote:
> Yup, that's the bunny. New incoming connections are characterised exactly by
> having the SYN flag set, continuations of already-established connections
> don't have it, so something like
> ipchains -I input -p tcp ! -y -j ACCEPT
> should do the trick. You might feel ha
Peter Cordes wrote:
> that has the same hash as the file you're trying to spoof. (you don't get
> the advantage of the "birthday paradox" (29 people in a room -> 50% chance
> at least one pair has the same birthday) because the other member of the
> pair is already picked: it is the md5 hash of t
On Thu, Apr 27, 2000 at 01:36:23PM +0200, Tollef Fog Heen wrote:
> * Ethan Benson
>
> | one neat way would be a CD-RW, have both an ordinary CDROM and a
> | CD-RW drive, when you upgrade or install something move the
> | checksums cd-rw to the RW drive, update it then take it out and put
> | it b
Tollef,
NFS requires an RPC portmapper, so things get a bit complicated...
SMB over SSH could work though, since it's just a TCP connection to port
139. Simple enough.
What's SFS?
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK COD
* Alexander Hvostov
| How do you do NFS over SSH? I'm interested.
I don't, but since you can do NFS over TCP, i guessed that you can
do NFS over SSH as well. Or, you can do samba over SSH. Or just
SFS.
--
Tollef Fog Heen
Unix _IS_ user friendly... It's just selective about who its fri
Tollef,
How do you do NFS over SSH? I'm interested.
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GCM d- s:+ a--- C UL P L+++ E W++ N o-- K- w
O--- M- V- PS+ PE- Y PGP t+ 5 X- R tv+ b DI--- D+
* Ethan Benson
| one neat way would be a CD-RW, have both an ordinary CDROM and a
| CD-RW drive, when you upgrade or install something move the
| checksums cd-rw to the RW drive, update it then take it out and put
| it back in the CDROM drive. theres no modifying a CD-r[w] from a
| CDROM drive.
Ethan,
The securelevel is obsolete, which is probably why it doesn't seem to be
there anymore. Check out the 'lcap' package: once you remove one of the
capabilities in that list, it cannot be restored until the machine is
rebooted, and you'd probably have to boot into single user mode in order
for
On Thu, Apr 27, 2000 at 10:58:54AM +0200, L. Besselink wrote:
>
>
> On Wed, 26 Apr 2000, Ethan Benson wrote:
>
> >
> > so why don't we use sha1 or rmd160 or all three like OpenBSD ;-)
> >
> > lets see you break those ;-)
> >
> > --
> > Ethan Benson
> > http://www.alaska.net/~erbenson/
> >
>
On Wed, 26 Apr 2000, Ethan Benson wrote:
>
> so why don't we use sha1 or rmd160 or all three like OpenBSD ;-)
>
> lets see you break those ;-)
>
> --
> Ethan Benson
> http://www.alaska.net/~erbenson/
>
I think the system OpenBSD uses is great, I think we should combine:
dpkg, apt and aide
On Wed, Apr 26, 2000 at 07:05:18PM -, [EMAIL PROTECTED] wrote:
>
> Hi!
>
> 26 Apr 00 12:45, Alexander Hvostov wrote to UUCP:
>
> AH> Yeah, yeah, you just try and break an MD5 checksum anytime this
> AH> year. *cough*
> It'll take some time, but it's possible. A simple brute-force attack wi
On Wed, Apr 26, 2000 at 10:14:25AM +0200, Ingemar Fällman wrote:
> But tripwire does not save the checksums on a "safe place" by default...
> And it does not update the checksums when a package is updated, and
> when the debian packages has checksums.. why don't use them to get
> some better secur
On Wed, Apr 26, 2000 at 07:05:18PM -, [EMAIL PROTECTED] wrote:
>
> Hi!
>
> 26 Apr 00 12:45, Alexander Hvostov wrote to UUCP:
>
> AH> Yeah, yeah, you just try and break an MD5 checksum anytime this
> AH> year. *cough*
> It'll take some time, but it's possible. A simple brute-force attack wi
19 matches
Mail list logo
