Chris Elving wrote:
> Is it not reasonable to consider the uid of the process that created or
> bound the socket? I'd suggest that, by default, a given user should be
> able to bind to both INADDR_ANY and a specific address. This preserves
> the well established semantics of the bind(2) interface.
Tom Simpson wrote:
>Apologies if this is an FAQ, but I've searched the net for a while on this and
>can't find a definitive answer.
>
>Are there viruses/worms in the wild that target Solaris (sparc or intel)?
>
>By this, I don't mean rootkits, sendmail vulnerabilities etc. Basically, I'm
>getti
Alan Coopersmith writes:
> There have been two worms that I remember in years past - the original
> Morris worm, which targeted SunOS finger, and a later worm which targeted
> a overflow in the Solaris sadmind and used that to target Windows IIS servers
> (see http://www.cert.org/advisories/CA-2001
James Carlson wrote:
>Kacheong Poon writes:
>
>
>...
>
>
>> This
>>works currently and will not work using the above suggestion.
>>Probably there is no such app, but it is better to ask
>>first.
>>
>>
>
>I'd be surprised if there were an application that worked that way.
>It seems pretty o
I have written another zenity-based shell script to simplify the configuration
of labeled network interfaces. This one extends the functionality of two CDE
actions: Share Physical Interface and Share Logical Interface. It also supports
bringing up (and down) multiple logical interfaces, and the
Batey, Everett II NAVSEA wrote:
> Darren,
>
> Will moving from dtlogin to GDM remedy both seeing
> "last successful login" and "last UNsuccessful
> login"?
Only the later and only when lock_after_retires is setup.
> Will all the _features_ in dtlogin menu's have to
> be added back into the
classification?
Thanks for your help . . . Spencer
-- next part --
An HTML attachment was scrubbed...
URL:
<http://mail.opensolaris.org/pipermail/security-discuss/attachments/20060808/a8329c68/attachment.html>
Never heard of any viruses myself, but there have been worms that
affect things like Apache. Don't forget that the first ever major
Internet worm targeted a debug option that was left enabled in
SunOS's sendmail.
As a point of reference, there *are* a few viruses that affect MacOS
X. How
Tom Simpson wrote:
> Apologies if this is an FAQ, but I've searched the net for a while on this
> and can't find a definitive answer.
>
> Are there viruses/worms in the wild that target Solaris (sparc or intel)?
There have been two worms that I remember in years past - the original
Morris worm,
Yates, Spencer A. wrote:
> After a jumpstart install of SUNWXCall and TX43, I created the
> following local Security Templates with the default domain of
> interpretation (DOI):
> - ADMIN_LOWDOI=1 (installed by default)
> - PUBLICDOI=0
> - CONFIDENTIALDOI=
>>After creating and cloning the zones (we have 33 of them), the booting
of the
>>zones will bring our machine to its knees as it attempts to configure
>>about 118 services in each zone. Further, with each zone, its
>> svc.configd
>>runs at about 5~6% of the CPU, which seems like a lot when all t
> On Tue, Aug 08, 2006 at 09:03:04AM -0500, Mike Lewis wrote:
>
> > I've also noticed that auditd runs by default in both the global and local
> > zones, and that they conflict (you can't run both). I have turned off
> > auditd in the local zones and defer to the one running at the global
> > lev
Kacheong Poon writes:
> I guess using the bind() time uid is reasonable. But is
> there an app which passes a listening socket to another
> process with different uid and that process will open
> another socket binding to a more specific address?
Yes -- a wait-type inetd service could do that fai
Mike Lewis wrote:
> I found the culprit to be the "cde-login" service running in each zone and
> attempting (by default) to run X servers with non-existent frame buffers.
> The processes were starting and stopping too quickly to be recognized
> except by DTrace, who pointed to the culprit.
64451
On Tue, Aug 08, 2006 at 09:03:04AM -0500, Mike Lewis wrote:
> I've also noticed that auditd runs by default in both the global and local
> zones, and that they conflict (you can't run both). I have turned off
> auditd in the local zones and defer to the one running at the global
> level.
The 'p
Chris Elving writes:
> Without the ability to bind to both INADDR_ANY and specific addresses,
> Web Server would need to constantly watch the list of configured
> interfaces. (The implementation of which would likely require additional
> user land synchronization, hurting performance.)
Actually
Just wanted to say I got this working, and it wasn't anything out of the
ordinary. The directory which contained the scripts had two very similarly
named ones. Well, I added the wrong one of the two to the rights profile, and
never even noticed it until this morning. I probably looked right at i
> Are they asking you to install the AV software to
> protect the Solaris
> servers or the PCs they serve?
They don't serve any PCs. These are purely DB/app servers that are not
internet connected, nor connected to any PCs. My understanding is that AV
software for Solaris is designed for this
Apologies if this is an FAQ, but I've searched the net for a while on this and
can't find a definitive answer.
Are there viruses/worms in the wild that target Solaris (sparc or intel)?
By this, I don't mean rootkits, sendmail vulnerabilities etc. Basically, I'm
getting pressure from our securi
19 matches
Mail list logo
