http://www.tempest.com.br/advisories/01-2001.html
indicates a 2.4 kernel iptables exploit involving ftp passing through. They
also provide a patch for the exploit and a very good explanation.
As long as you trust your internal users(!!?) and your ftp server is
uncompromised, you can ignore this.... :)
-sp
-----Original Message-----
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]; [EMAIL PROTECTED];
[EMAIL PROTECTED]
Sent: 4/19/2001 1:54 PM
Subject: Re: Off-list Re: [Leaf-devel] Updating Eigerstein
Hello Ewald, Charles
> > >> Is anyone working on this already? If not I will have a start
this
> > >> weekend, or perhaps when I return from work tonight. If you
prefer
> > >> someone else's work please tell me so; it will save me some
superfluous
> > >> work.
> > >
yep, sort of.
I am implementing the eigerstein on the 2.4.3 kernel from george.
It just seems to change quite a lot.
I am using Busybox 0.50 for now. as I had problems compiling the
0.51 with insmod. (see previous posts)
Updated the ash. ( oxygen)
Am working on the weblet.
But changing to 2.4 and updating to iptables means also changes
in portforwarding and masquerading.
I now have working ( not properly tested image with shorewall)
I am working on a basic ip-addres setup kind of the way lrp does it.
The rest of the system will be setup with a webinterface (sort of
prealpha stage ;) at the moment.
Allthough this kind of changes would mean a rather radical change
away from eigerstein. :( So perhaps it would be the best to stay
with ipchains. and only update a few programms (busybox etc).
> > >
> > > I haven't seen any progress reports, or been asked any
questions...the
As said , i am still in a very pre-alpha stage, and don't know if I
come further.
> best
> > > I can tell you for sure is that I'm not working on this (just too
busy).
> > >
> > > Feel free to do whatever work you have time for, and just ask if
you
> have
> > > any questions or need anything from me.
> > >
> > Allright! I'll see what I can do this weekend. As I have a part-time
> > job, no wife and no children I'm not as busy as both of you. Of
course I
> > will keep a full log of the changes that I make for you to comment
on.
> > One of the bigger changes I propose is replacing ae with e3 or the
> > busybox vi applet. That will make it a lot easier to throw out
ncurses
The busybox vi applet functions very well :) tried this.
>
I
> > a "whopping" 119 kb).
> >
> > If you have the time it would be nice if you could make sh-httpd
> > compatible with the newer ash from oxygen. I can view webpages but
cgi
> > is broken. The weblet cgi-scripts do work when executed from the
> > commandline.
I don't have a running Oxygen available at the moment, but as the
sh-httpd. is a shell script it shouldn't matter.
I use the Oxygen ash script and after the following changes to sh-
httpd (thanks to charles) it is running very fine ! So this should run
on Oxygen also.
the "`jobs`" seems not to function.
in routine do-cgi()
Change the following part of code
---------------------------
esac
$LOCALURL "$@" > $OUTPUT &
CNT=1
while [ -n "`jobs`" ] ; do
sleep 1
-------------------------------- in
esac
CGI_PID="$!"
CNT=1
while [ -e "/proc/$CGI_PID ]; do
sleep 1
--------------------------------
in clear text
wait as long as there is a pid from the last started cgi script ( which
means it is still running) until this is finished or until a timeout
occurs.
The timeout is triggered by increasing CNT with each loop.
------------------------------------------------------------------------
---
> I added updating sh-httpd to work under Oxygen as a task (assigned to
me).
> I'll try to get this done in the near term, before I go out of town
again.
I hope this is solved hereby :)
>
> I guess this means I'm going to finally have to get an Oxygen system
up &
> running...should be fun.
>
don't let my answer prevent this :)
> Any particular version(s) of Oxygen I need to be working with, or
should I
> just grab the latest?
>
> Charles Steinkuehler
> http://lrp.steinkuehler.net
> http://c0wz.steinkuehler.net (lrp.c0wz.com mirror)
>
Greetings to all of you.
Ook ewald de groeten :)
Eric Wolzak
http://leaf.sourceforge.net/devel/ericw
_______________________________________________
Leaf-devel mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/leaf-devel
_______________________________________________
Leaf-devel mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/leaf-devel
