This automatic mail gives an overview over security issues that were recently
fixed in Debian Testing. The majority of fixed packages migrate to testing
from unstable. If this would take too long, fixed packages are uploaded to the
testing-security repository instead. It can also happen that
Hallo,
I manage a lot of debian servers and try to install often the updates.
So I had in mind my systems are well prepaired. (I follow also other
security rules ;-) )
But since some days I mull over a question: What happens if a user run
a selfcopy from a program with a security hole? I'm
--On January 16, 2009 10:31:35 AM +0100 Andreas Matthus
andreas.matt...@tu-dresden.de wrote:
Hallo,
I manage a lot of debian servers and try to install often the updates.
So I had in mind my systems are well prepaired. (I follow also other
security rules ;-) )
But since some days I mull
Le Fri, 16 Jan 2009 10:31:35 +0100,
Andreas Matthus andreas.matt...@tu-dresden.de a écrit :
Hallo,
I manage a lot of debian servers and try to install often the updates.
So I had in mind my systems are well prepaired. (I follow also other
security rules ;-) )
But since some days I mull
On Friday 2009 January 16 04:13:10 Michael Loftis wrote:
--On January 16, 2009 10:31:35 AM +0100 Andreas Matthus
andreas.matt...@tu-dresden.de wrote:
But since some days I mull over a question: What happens if a user run
a selfcopy from a program with a security hole? I'm afraid he can get
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Boyd Stephen Smith Jr. wrote:
What about hardlinking the suid-root binaries to a hidden location, waiting
for a security hole to be found/fixed, and then running the old binary to
exploit the hole?
IIRC, a hard link is the same file called two
On Friday 2009 January 16 12:29:13 Johannes Wiedersich wrote:
Boyd Stephen Smith Jr. wrote:
What about hardlinking the suid-root binaries to a hidden location,
waiting for a security hole to be found/fixed, and then running the old
binary to exploit the hole?
IIRC, a hard link is the same file
--On January 16, 2009 7:29:13 PM +0100 Johannes Wiedersich
johan...@physik.blm.tu-muenchen.de wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Boyd Stephen Smith Jr. wrote:
What about hardlinking the suid-root binaries to a hidden location,
waiting for a security hole to be
Boyd Stephen Smith Jr. wrote:
What about hardlinking the suid-root binaries to a hidden location, waiting
for a security hole to be found/fixed, and then running the old binary to
exploit the hole? Does dpkg handle suid/sgid files so that this is
prevented?
Hi,
Having /home, /tmp,
On Friday 2009 January 16 14:45:44 Michael Loftis wrote:
--On January 16, 2009 7:29:13 PM +0100 Johannes Wiedersich
johan...@physik.blm.tu-muenchen.de wrote:
Boyd Stephen Smith Jr. wrote:
What about hardlinking the suid-root binaries to a hidden location,
waiting for a security hole to be
On Fri, Jan 16, 2009 at 01:45:44PM -0700, Michael Loftis wrote:
|| --On January 16, 2009 7:29:13 PM +0100 Johannes Wiedersich
|| johan...@physik.blm.tu-muenchen.de wrote:
|| IIRC, a hard link is the same file called two different names. If
|| dpkg/apt change the file in one location
On Friday 2009 January 16 15:06:33 Vincent Zweije wrote:
On Fri, Jan 16, 2009 at 01:45:44PM -0700, Michael Loftis wrote:
|| --On January 16, 2009 7:29:13 PM +0100 Johannes Wiedersich
|| johan...@physik.blm.tu-muenchen.de wrote:
|| IIRC, a hard link is the same file called two different names.
Boyd Stephen Smith Jr. wrote:
Did you mean this to go to the list? I've replied directly to you, but feel
free to repost my mail or part thereof to the list if you believe the
discussion could continue there.
Sorry, my fault.
On Friday 2009 January 16 13:03:53 you wrote:
Boyd Stephen
On Fri, 16 Jan 2009 11:10:09 +1100
Stephen Vaughan stephenvaug...@gmail.com wrote:
returning 29/09/2008 ??
When will people learn not to set auto replies
When other people understand, email is not a real time medium.
Didn't you get my mail I've sent 2 minutes ago!?!?!?!?!
Cheers,
On Friday 2009 January 16 15:49:46 Repasi Tibor wrote:
Boyd Stephen Smith Jr. wrote:
On Friday 2009 January 16 13:03:53 you wrote:
Boyd Stephen Smith Jr. wrote:
What about hardlinking the suid-root binaries to a hidden location,
waiting for a security hole to be found/fixed, and then running
Hi,
On Fri, Jan 16, 2009 at 03:13:10PM -0600, Boyd Stephen Smith Jr. wrote:
On Friday 2009 January 16 14:45:44 Michael Loftis wrote:
[hardlinking (suid binaries in hope a vulnerability will be found)]
you can't do
it across drives,
Right, but the default partitioning puts /sbin /usr/sbin
On Friday 16 January 2009, Mike Dornberger mike.dornber...@gmx.de wrote
about 'Re: basically security of linux':
Hi,
just an addition: Often I've seen /home as a separate mount (mounted
nosuid,nodev,...) and /tmp as tmpfs, but then we have /var/tmp (which
can't be tmpfs, because it's purpose is
In article 20090117002104.ga...@wolfden.dnsalias.net you wrote:
/tmp as tmpfs, but then we have /var/tmp (which can't
be tmpfs, because it's purpose is to retain the files even across reboots).
It is just supposed to hold larger data. No persistence in /var/tmp over
reboots required.
I
Bernd Eckenfels e...@lina.inka.de writes:
In article 20090117002104.ga...@wolfden.dnsalias.net you wrote:
/tmp as tmpfs, but then we have /var/tmp (which can't be tmpfs, because
it's purpose is to retain the files even across reboots).
It is just supposed to hold larger data. No persistence
Stephen Vaughan stephenvaug...@gmail.com wrote:
When will people learn not to set auto replies
Nothing wrong with a proper auto-reply (one that does some decent
caching, only replies once a day, avoids mailing lists and things with
precedence: bulk, etc etc).
The problem IMHO is that that is
20 matches
Mail list logo