Re: safety of encrypted filesystems

2005-06-20 Thread Max Vozeler
On Fri, Jun 17, 2005 at 12:59:14PM -0700, Ben Pfaff wrote: > martin f krafft <[EMAIL PROTECTED]> writes: > > > However, doesn't CBC or EBC make sure that every block is > > chained to its predecessor, making even the very last block of > > a file dependent on the bits of the very first block? > >

Re: Loop-AES help

2005-01-22 Thread Max Vozeler
Hi Bradley, Bradley Alexander <[EMAIL PROTECTED]> wrote: > I'm posting here in the in the hope that someone can help and because > there does not seem to be a loop-AES mailing list, and the sourceforge > postings are closed within minutes with no response. I tried posting > to debian-user, but got

Re: [SECURITY] [DSA 557-1] New rp-pppoe packages fix potential root compromise

2004-10-14 Thread Max Vozeler
On Mon, Oct 11, 2004 at 03:57:16PM -0400, Greg Folkert wrote: > On Mon, 2004-10-11 at 21:13 +0200, Nils Rennebarth wrote: > > Martin Schulze wrote: > > > For the unstable distribution (sid) this problem has been fixed in > > > version 3.5-4. > > > > Is there an estimation when the 3.5-4 Version for

Re: DSA 557-1 and CAN-2004-0564

2004-10-06 Thread Max Vozeler
On Wed, Oct 06, 2004 at 02:11:32PM +0200, Marco d'Itri wrote: > On Oct 06, Max Vozeler <[EMAIL PROTECTED]> wrote: > > > It would make it possible for /usr/sbin/pppoe to get rid of setuid root > > and still work for unprivileged users. Marco, how does this look t

Re: DSA 557-1 and CAN-2004-0564

2004-10-06 Thread Max Vozeler
On Mon, Oct 04, 2004 at 12:14:56PM -0400, Christian Hudon wrote: > Max Vozeler wrote: > > >The pppd in Debian appears to change privileges back to those of the > >invoking user before calling the program specified in the pty option, > >preventing normal users from contr

Re: DSA 557-1 and CAN-2004-0564

2004-10-04 Thread Max Vozeler
Hi David, On Mon, Oct 04, 2004 at 10:27:28AM -0400, David F. Skoll wrote: > On Mon, 4 Oct 2004, Martin Schulze wrote: > > > There are reasons users install it setuid / setgid, and these installations > > are vulnerable. > > I disagree. There is absolutely *no* reason to install rp-pppoe > setui

Re: Squid Proxy NTLM Authentication Buffer Overflow Vulnerability

2004-07-01 Thread Max Vozeler
On Thu, Jul 01, 2004 at 11:52:30AM +0100, Eduardo Costa wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > http://www.securityfocus.com/bid/10500 > > Why, in Debian 3.0, the updates for this vulnerability, they did not > to leave? Woody is apparently not affected. See for example http

Announcing 'cryptofs' Alioth project for encrypted file systems

2004-01-27 Thread Max Vozeler
ill join and contribute too. Cheers Max -- Max Vozeler <[EMAIL PROTECTED]> http://hinterhof.net/~max GnuPG B7CDA2DC : 308E 81E7 B979 63BC A0E6 ED88 9D5B D511 B7CD A2DC

Announcing 'cryptofs' Alioth project for encrypted file systems

2004-01-27 Thread Max Vozeler
ill join and contribute too. Cheers Max -- Max Vozeler <[EMAIL PROTECTED]> http://hinterhof.net/~max GnuPG B7CDA2DC : 308E 81E7 B979 63BC A0E6 ED88 9D5B D511 B7CD A2DC -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]