-BEGIN PGP SIGNED MESSAGE-
-
Debian Security Advisory [EMAIL PROTECTED]
http://www.debian.org/security/ Wichert Akkerman
November 20, 2000
-
Hi all,
I've found a curious hidden file at the root of my system:
It looks like an esound thing but its content is very strange for me and
I don't like the _auth in its name...
# cat /.esd_auth
^M?^C@à:^C@^\óÿ¿^@\x9e^@@
There is only this line in ...
Could anybody reassure me please ?:)
On Mon, 20 Nov 2000, Virginie-ML wrote:
Hi all,
I've found a curious hidden file at the root of my system:
It looks like an esound thing but its content is very strange for me and
I don't like the _auth in its name...
# cat /.esd_auth
^M?^C@à:^C@^\óÿ¿^@\x9e^@@
There is only this
On Mon, 20 Nov 2000, Virginie-ML wrote:
On Mon, Nov 20, 2000 at 11:26:28AM +0100, Johan Bergström wrote:
# cat /.esd_auth
^M?^C@à:^C@^\óÿ¿^@\x9e^@@
There is only this line in ...
Could anybody reassure me please ?:)
I belive its part of the Enlightenment Sound Daemon.
On Mon, Nov 20, 2000 at 10:09:23AM +0100, Michel Dänzer wrote:
So 0620 might be better, with /dev/fb in group video or a dedicated group.
that seems more reasonable.
This is on a SuSE 6.4 system BTW:
crw-rw 1 root video 29, 0 Mar 11 2000 /dev/fb0
this is broken IMO, it
Those who choose to run unstable choose to take upon themselves
more responsibility/inconvenience, if they are unwilling to bear that
burden they should not run unstable.
To me this sounds like:
Every single unstable user must track debian-security-announce.
versus:
One unstable user
On Mon, Nov 20, 2000 at 09:21:40AM -0500, Itai Zukerman wrote:
Those who choose to run unstable choose to take upon themselves
more responsibility/inconvenience, if they are unwilling to bear that
burden they should not run unstable.
To me this sounds like:
Every single unstable
On Mon, Nov 20, 2000 at 03:00:10PM +0100, Christian Hammers wrote:
On Mon, Nov 20, 2000 at 02:54:19PM +0100, Wichert Akkerman wrote:
Previously Virginie-ML wrote:
I've found a curious hidden file at the root of my system:
It looks like an esound thing but its content is very strange for
On Mon, Nov 20, 2000 at 03:50:29PM +0100, Virginie-ML wrote:
I don't :)
Especially when I don't use esound...
do you have it installed? gnome programs love to start all kinds of
little daemons and such all on their own, esd is one of them. even if
you don't use gnome as your desktop
Previously Christian Hammers wrote:
Shouldn't such a cookie be in /var/state, /var/run or at least /tmp?
I really wouldn't like such a think in my *root*!
It's a user thing, not a system-wide thing. It's much like the
.Xauthority file, except less sane.
Wichert.
--
unsubscribe
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
On Mon, Nov 20, 2000 at 06:07:55AM -0900, Ethan Benson wrote:
On Mon, Nov 20, 2000 at 03:50:29PM +0100, Virginie-ML wrote:
I don't :)
Especially when I don't use esound...
do you have it installed? gnome programs love to start all kinds of
little daemons and such all on their own,
apparently writing random garbage into the fb devices is not supposed
to cause a kernel panic, that seems to be a bug in the framebuffer
That's just MHO. I've not tried to reproduce this with atyfb, and I'd
probably need an objdump -d --start-address=function it happened in
output from you if
On Mon, Nov 20, 2000 at 08:21:10AM -0500, Itai Zukerman wrote:
It would be very helpful if there was a pseudo-package that conflicted
with packages that have known security problems that have been fixed in a
later version. That way one could do a regular 'apt-get install
On Mon, Nov 20, 2000 at 09:28:29PM +0100, Michel Dänzer wrote:
Ethan Benson wrote:
hour:/home/kr0n# ls -ls /dev/fb0
0 crw--w--w-1 root tty 29, 0 Jul 5 14:44 /dev/fb0
apparently writing random garbage into the fb devices is not supposed
to cause a kernel panic,
On Sun, Nov 19, 2000 at 12:55:00PM -0700, Mike Fisk wrote:
There doesn't seem to be an automatic way to get all of the unstable
packages necessary to address reported security problems. You either
have to watch the security mailing lists and upgrade individual packages
yourself or do a full
On Sun, 19 Nov 2000, Joey Hess wrote:
Alexander Viro wrote:
a) take a look at /etc/init.d/bootmisc.sh. Around Cleaning: /tmp, that is.
So you're editing a file in /tmp and you're worried about the DEADJOE
file lying around after a reboot? What about the file itself?
cd /tmp
joe ~/foo
Samu wrote:
On Sun, Nov 19, 2000 at 06:04:01AM -0900, Ethan Benson wrote:
does anyone know why debian has /dev/fb* with 622 permissions?
the reason i ask is there is a pretty nasty security problem with
this, try the following:
cat /dev/urandom /dev/fb0
on my system i get a instant
Hi all,
I've found a curious hidden file at the root of my system:
It looks like an esound thing but its content is very strange for me and
I don't like the _auth in its name...
# cat /.esd_auth
[EMAIL PROTECTED]:[EMAIL PROTECTED]@\x9e^@@
There is only this line in ...
Could anybody reassure
On Mon, Nov 20, 2000 at 11:26:28AM +0100, Johan Bergström wrote:
# cat /.esd_auth
[EMAIL PROTECTED]:[EMAIL PROTECTED]@\x9e^@@
There is only this line in ...
Could anybody reassure me please ?:)
I belive its part of the Enlightenment Sound Daemon. Some sort of X magic
cookie or
On Mon, 20 Nov 2000, Virginie-ML wrote:
On Mon, Nov 20, 2000 at 11:26:28AM +0100, Johan Bergström wrote:
# cat /.esd_auth
[EMAIL PROTECTED]:[EMAIL PROTECTED]@\x9e^@@
There is only this line in ...
Could anybody reassure me please ?:)
I belive its part of the
On Mon, Nov 20, 2000 at 11:33:32AM +0100, Virginie-ML wrote:
On Mon, Nov 20, 2000 at 11:26:28AM +0100, Johan Bergström wrote:
# cat /.esd_auth
[EMAIL PROTECTED]:[EMAIL PROTECTED]@\x9e^@@
There is only this line in ...
Could anybody reassure me please ?:)
I belive its part
On Mon, Nov 20, 2000 at 10:09:23AM +0100, Michel Dänzer wrote:
So 0620 might be better, with /dev/fb in group video or a dedicated group.
that seems more reasonable.
This is on a SuSE 6.4 system BTW:
crw-rw 1 root video 29, 0 Mar 11 2000 /dev/fb0
this is broken IMO, it
On 00-11-19 Mike Fisk wrote:
[big snip]
Is that possible? Would the security team be willing to maintain such a
pseudo-package?
Something very close to this kind of task package has been discussed
recently on debian-devel and we come to the conclusion that it won't be
helpful or easy to
It would be very helpful if there was a pseudo-package that conflicted
with packages that have known security problems that have been fixed in a
later version. That way one could do a regular 'apt-get install
task-unstable-security-updates' and cause the upgrade of all the
conflicting
Previously Virginie-ML wrote:
I've found a curious hidden file at the root of my system:
It looks like an esound thing but its content is very strange for me and
I don't like the _auth in its name...
It's a cookie used by esound to authorize clients to connect to a
running esd process.
this is some strange
hour:/home/kr0n# cat /dev/urandom /dev/fb0
bash: /dev/fb0: No such device
hour:/home/kr0n# ls -ls /dev/fb0
0 crw--w--w-1 root tty 29, 0 Jul 5 14:44 /dev/fb0
Ethan Benson wrote:
On Mon, Nov 20, 2000 at 10:09:23AM +0100, Michel Dänzer wrote:
So 0620
On Mon, Nov 20, 2000 at 02:54:19PM +0100, Wichert Akkerman wrote:
Previously Virginie-ML wrote:
I've found a curious hidden file at the root of my system:
It looks like an esound thing but its content is very strange for me and
I don't like the _auth in its name...
It's a cookie used by
On Mon, Nov 20, 2000 at 08:21:10AM -0500, Itai Zukerman wrote:
The answer is just to watch one single list - debian-security-announce.
That's what it's for :)
I'm not sure I understand the reasoning here. If the answer is to
watch the debian-security-announce list, then what prevents
On Mon, Nov 20, 2000 at 11:54:12AM -0200, Philipe Gaspar wrote:
this is some strange
hour:/home/kr0n# cat /dev/urandom /dev/fb0
bash: /dev/fb0: No such device
not really, it just means you don't have a framebuffer configured in
your kernel. intel machines usually do not use a framebuffer
Those who choose to run unstable choose to take upon themselves
more responsibility/inconvenience, if they are unwilling to bear that
burden they should not run unstable.
To me this sounds like:
Every single unstable user must track debian-security-announce.
versus:
One unstable user
On Mon, Nov 20, 2000 at 09:21:40AM -0500, Itai Zukerman wrote:
Those who choose to run unstable choose to take upon themselves
more responsibility/inconvenience, if they are unwilling to bear that
burden they should not run unstable.
To me this sounds like:
Every single unstable user
On Mon, Nov 20, 2000 at 03:00:10PM +0100, Christian Hammers wrote:
On Mon, Nov 20, 2000 at 02:54:19PM +0100, Wichert Akkerman wrote:
Previously Virginie-ML wrote:
I've found a curious hidden file at the root of my system:
It looks like an esound thing but its content is very strange for
On Mon, Nov 20, 2000 at 03:50:29PM +0100, Virginie-ML wrote:
I don't :)
Especially when I don't use esound...
do you have it installed? gnome programs love to start all kinds of
little daemons and such all on their own, esd is one of them. even if
you don't use gnome as your desktop
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mon, Nov 20, 2000 at 03:05:24PM +0100, Jean-Marc V. Liotier
wrote:
Shouldn't such a cookie be in /var/state, /var/run or at
least /tmp?
I really wouldn't like such a think in my *root*!
I think it's normally in the user's directory.
Previously Christian Hammers wrote:
Shouldn't such a cookie be in /var/state, /var/run or at least /tmp?
I really wouldn't like such a think in my *root*!
It's a user thing, not a system-wide thing. It's much like the
.Xauthority file, except less sane.
Wichert.
--
unsubscribe
On Mon, Nov 20, 2000 at 06:07:55AM -0900, Ethan Benson wrote:
On Mon, Nov 20, 2000 at 03:50:29PM +0100, Virginie-ML wrote:
I don't :)
Especially when I don't use esound...
do you have it installed? gnome programs love to start all kinds of
little daemons and such all on their own, esd
apparently writing random garbage into the fb devices is not supposed
to cause a kernel panic, that seems to be a bug in the framebuffer
That's just MHO. I've not tried to reproduce this with atyfb, and I'd
probably need an objdump -d --start-address=function it happened in
output from you if I
On Mon, Nov 20, 2000 at 08:21:10AM -0500, Itai Zukerman wrote:
It would be very helpful if there was a pseudo-package that conflicted
with packages that have known security problems that have been fixed in a
later version. That way one could do a regular 'apt-get install
Ethan Benson wrote:
hour:/home/kr0n# ls -ls /dev/fb0
0 crw--w--w-1 root tty 29, 0 Jul 5 14:44 /dev/fb0
apparently writing random garbage into the fb devices is not supposed
to cause a kernel panic, that seems to be a bug in the framebuffer
driver in my kernel. (or
On Mon, Nov 20, 2000 at 09:28:29PM +0100, Michel Dänzer wrote:
Ethan Benson wrote:
hour:/home/kr0n# ls -ls /dev/fb0
0 crw--w--w-1 root tty 29, 0 Jul 5 14:44 /dev/fb0
apparently writing random garbage into the fb devices is not supposed
to cause a kernel panic,
On Sun, Nov 19, 2000 at 12:55:00PM -0700, Mike Fisk wrote:
There doesn't seem to be an automatic way to get all of the unstable
packages necessary to address reported security problems. You either
have to watch the security mailing lists and upgrade individual packages
yourself or do a full
43 matches
Mail list logo
