Yes.
At Sat, 12 Sep 2009 23:33:43 +0200,
Javier Serrano Polo wrote:
Dear Junichi,
In default environments, granting sudo pbuilder is the same as
granting a shell. I don't believe users are aware of this. Is it an
intended behaviour?
Thanks.
--
To UNSUBSCRIBE, email to
Hi,
Hi,
I am wondering what the security implications of having a LOAD_PATH
that includes '.' is.
Gerenally speaking, having . in any path is a bad idea. You are correct
to feel uneasy about it. Can . not be prepended to the path
specifically if desired (as in the shell
The following is a full posting I made to debian-security@lists.debian.org:
At Sat, 07 Jan 2006 21:44:24 +0900,
Junichi Uekawa wrote:
Hi,
Hi,
I am wondering what the security implications of having a LOAD_PATH
that includes '.' is.
Gerenally speaking, having . in any path
Hi,
I am wondering what the security implications of having a LOAD_PATH
that includes '.' is.
Debian includes software that is written in ruby, and is executed with
root privilege, such as apt-listbugs.
LOAD_PATH is the list of path that ruby library (MODULE.rb, MODULE.so)
is searched against.
dpkg?
dpkg -i filename.deb
Not even close. For instance:
You may want to look at anna and udpkg, maybe.
regards,
junichi
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
dpkg?
dpkg -i filename.deb
Not even close. For instance:
You may want to look at anna and udpkg, maybe.
regards,
junichi
Hi,
I'm not quite sure if I follow what is happening.
So, what is the problem ?
I presume you are installing debsig-verify
within chroot.
And is the problem that debsig-verify is being ran in an unpacked but not
yet configured state, or is it something else ?
Turns out I wasn't imagining
Hi,
I'm not quite sure if I follow what is happening.
So, what is the problem ?
I presume you are installing debsig-verify
within chroot.
And is the problem that debsig-verify is being ran in an unpacked but not
yet configured state, or is it something else ?
Turns out I wasn't imagining
Some mail I try to reply have latin-1
chars.
They will be translated to Japanese charset when I
reply to them, so people are conveniently
blocking some of my mail,
which is immensely annoying.
Does that happen when you are replying in English, or only for Japanese?
Japanese
Some mail I try to reply have latin-1
chars.
They will be translated to Japanese charset when I
reply to them, so people are conveniently
blocking some of my mail,
which is immensely annoying.
Does that happen when you are replying in English, or only for Japanese?
Japanese
I try to block on character sets: ie.,
^Content-Type.*charset.*[gG][bB]2312
This catches quite a few spams I can't read.
Some mail I try to reply have latin-1
chars.
They will be translated to Japanese charset when I
reply to them, so people are conveniently
blocking some of my
I try to block on character sets: ie.,
^Content-Type.*charset.*[gG][bB]2312
This catches quite a few spams I can't read.
Some mail I try to reply have latin-1
chars.
They will be translated to Japanese charset when I
reply to them, so people are conveniently
blocking some of my
Peter Lieven [EMAIL PROTECTED] cum veritate scripsit:
is the OpenSSH_3.0.2p1 version avaiable in the testing/unstable tree already
patched
against the March 7, 2002: Off-by-one error in the channel code security hole?
yes.
--
[EMAIL PROTECTED] : Junichi Uekawa http://www.netfort.gr.jp
Peter Lieven [EMAIL PROTECTED] cum veritate scripsit:
is the OpenSSH_3.0.2p1 version avaiable in the testing/unstable tree
already patched
against the March 7, 2002: Off-by-one error in the channel code security
hole?
yes.
--
[EMAIL PROTECTED] : Junichi Uekawa http
linux machine. You can
disable sftp ability by removing the sftp-server program but the scp
server part seems to be part of sshd.
I'd be interested to know how you give scp access without
giving shell access.
regards,
junichi
--
[EMAIL PROTECTED] : Junichi Uekawa http
those packages.
regards,
junichi
--
[EMAIL PROTECTED] : Junichi Uekawa http://www.netfort.gr.jp/~dancer
GPG Fingerprint : 17D6 120E 4455 1832 9423 7447 3059 BF92 CD37 56F4
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL
bugs against those packages.
regards,
junichi
--
[EMAIL PROTECTED] : Junichi Uekawa http://www.netfort.gr.jp/~dancer
GPG Fingerprint : 17D6 120E 4455 1832 9423 7447 3059 BF92 CD37 56F4
On Tue, 1 Jan 2002 02:26:58 -0800 (PST)
Nicole Zimmerman [EMAIL PROTECTED] wrote:
You should have a device /dev/cdrom that is a symbolic link to your real
CDROM device (/dev/hdc?). This link should be owned by root:cdrom.
Not the link, the real file.
/dev/hdc, or whatever it may be needs to
On Tue, 1 Jan 2002 02:26:58 -0800 (PST)
Nicole Zimmerman [EMAIL PROTECTED] wrote:
You should have a device /dev/cdrom that is a symbolic link to your real
CDROM device (/dev/hdc?). This link should be owned by root:cdrom.
Not the link, the real file.
/dev/hdc, or whatever it may be needs to
Wichert Akkerman [EMAIL PROTECTED] immo vero scripsit
That's because nessus only checks the version number, and since we
backported the patch we still have the old version number even though
we are safe.
CERT tells me Debian potato is vulnerable. We might want to correct them
if they are
Wichert Akkerman [EMAIL PROTECTED] immo vero scripsit
That's because nessus only checks the version number, and since we
backported the patch we still have the old version number even though
we are safe.
CERT tells me Debian potato is vulnerable. We might want to correct them
if they are
21 matches
Mail list logo