>On Fri, 4 Aug 2006, Alan DuBoff wrote:
>
>> Security wise I might argue.
>>
>> It gives an unsuspecting user the ability to determine which disk boots at
>> minimum.
>>
>> I'd like to hear from someone like Casper or Darren who work on the security
>> team.
>
>One hting that comes to mind is
On Friday 04 August 2006 02:32 pm, Garrett D'Amore wrote:
> Now that OpenSolaris is open-sourced, I was wondering if we might start
> to see a push to start supplying information about developing nexus
> drivers. Historically that information has only been available inside
> Sun, and few companies
Now that OpenSolaris is open-sourced, I was wondering if we might start
to see a push to start supplying information about developing nexus
drivers. Historically that information has only been available inside
Sun, and few companies have had the expertise in house to attempt it.
(We have done so
Alan DuBoff wrote:
> On Friday 04 August 2006 01:56 pm, Garrett D'Amore wrote:
>
>> In order to do anything with this knowledge the attacker would probably
>> need to have root or physical access to the machine. And, for the vast,
>> vast majority of cases, just running df -k / will also report
On Friday 04 August 2006 01:56 pm, Garrett D'Amore wrote:
> In order to do anything with this knowledge the attacker would probably
> need to have root or physical access to the machine. And, for the vast,
> vast majority of cases, just running df -k / will also report this
> information. (In the
Alan DuBoff wrote:
> On Friday 04 August 2006 10:00 am, Garrett D'Amore wrote:
>
>> I've been thinking, it seems to me that it is inconvenient that root
>> privilege is required to look at prom properties in the Solaris device
>> tree. I believe that the data located there is not security sensi
Rich Teer wrote:
> On Fri, 4 Aug 2006, Alan DuBoff wrote:
>
>
>> Security wise I might argue.
>>
>> It gives an unsuspecting user the ability to determine which disk boots at
>> minimum.
>>
>> I'd like to hear from someone like Casper or Darren who work on the security
>> team.
>>
>
> One
Gavin Maltby wrote:
> On 08/04/06 18:00, Garrett D'Amore wrote:
>
>> I propose that /dev/openprom be changed to be mode 644, allowing any
>> user to access it. This would allow ordinary users to run prtconf -vp
>> (as well as a few other things like prtconf -F and prtconf -V) without
>> becoming r
On Fri, 4 Aug 2006, Alan DuBoff wrote:
> Security wise I might argue.
>
> It gives an unsuspecting user the ability to determine which disk boots at
> minimum.
>
> I'd like to hear from someone like Casper or Darren who work on the security
> team.
One hting that comes to mind is the security
On 08/04/06 18:00, Garrett D'Amore wrote:
I propose that /dev/openprom be changed to be mode 644, allowing any
user to access it. This would allow ordinary users to run prtconf -vp
(as well as a few other things like prtconf -F and prtconf -V) without
becoming root.
Last I knew there was a di
On Friday 04 August 2006 10:00 am, Garrett D'Amore wrote:
> I've been thinking, it seems to me that it is inconvenient that root
> privilege is required to look at prom properties in the Solaris device
> tree. I believe that the data located there is not security sensitive
> (at least not normally
I've been thinking, it seems to me that it is inconvenient that root
privilege is required to look at prom properties in the Solaris device
tree. I believe that the data located there is not security sensitive
(at least not normally), as long as unauthorized users are not allowed
to _modify_ those
Paul Jakma <[EMAIL PROTECTED]> wrote:
> On Thu, 3 Aug 2006, Joerg Schilling wrote:
>
> > This is relevent for the following reasons:
> >
> > - the CDDL is a file based license.
> > If you have the GPLd code in different files, the CDDL does not
> > put any restrictions on GPLd code.
>
>
13 matches
Mail list logo
