Hi,
On Donnerstag, 12. Februar 2009, Michael S. Gilbert wrote:
> I'll wait for lenny to
> get out the door rather than submitting these apparently complex and
> difficult security (and hence release-critical) issues at the last
> minute.
Please dont hesitate to file bugs (unless the issue at hand
Just answered the question myself: The system entered single user mode and
that cleary IS wanted behaviour...
Sorry for bothering,
Simon
Simon Campese wrote:
> Hello,
>
> I recently set up a fresh, fully luks-encrypted debian machine (testing
> release) with a typo in my crypttab (for a system
Hello,
I recently set up a fresh, fully luks-encrypted debian machine (testing
release) with a typo in my crypttab (for a system critical partition)
using the lenny RC2 installer.
After a reboot, the system tries to open the mistyped partition to be
mounted on the critical path (in this case /var)
A lot of you have probably seen some of the recent coverage about the
potential avenue for exploits via kde and gnome application launchers
(it looks like xfce is safe, for now) [1],[2],[3]. Is there any plan
within debian to begin addressing these concerns? Where do I even
start reporting bugs t
I just came across a reference [1] on potential flaws in the linux
kernel PRNG (Pseudo-Random Number Generator). Does anyone know if
CVE's have been issued for these problems and/or whether they have been
fixed either upstream or in debian? If not, someone should issue
requests for CVE's. Thanks
On Thursday, 2009-02-12 at 12:11:01 -0800, The Well - Systems Administrator
wrote:
> 600 on /etc is technically more secure than the default 755 with normal
> POSIX systems, not less. If this is an exploit, it's one that locks
> things down tighter than they should normally be. :) Giacomo is c
600 on /etc is technically more secure than the default 755 with normal
POSIX systems, not less. If this is an exploit, it's one that locks
things down tighter than they should normally be. :) Giacomo is correct
that these incorrect perms can cause other issues, though not security
related ones
On Thu, 12 Feb 2009 15:32:57 +0100
"Giacomo A. Catenazzi" wrote:
> Boyd Stephen Smith Jr. wrote:
...
> > I don't see how a 600 /etc can be exploited. Do you have any other records
> > that would indicate you are exploited, or is this just fear-mongering?
>
> /etc with 600 is a grave error!
>
Boyd Stephen Smith Jr. wrote:
On Wednesday 11 February 2009 23:26:45 Stan Katz wrote:
I updated/upgraded both my AMD64 and AMD k6 "Etch" machines between Feb
10-11, 2009 using "Lenny" test. Both picked up a symptom I haven't seen
since the lpd exploit of the 1990's. This symptom manifests itself
On Sun, Feb 08, 2009 at 07:56:10PM +1100, Chip Panarchy wrote:
> Hello
>
> You've probably been to a café before that offered WiFi via a Wireless
> Hotspot. Or maybe you've been to an airport that had some hotspots?
> Well whatever the case, I'm sure you've seen a Public Wireless
> Hotspot. Or, at
On Wednesday 11 February 2009 23:26:45 Stan Katz wrote:
> I updated/upgraded both my AMD64 and AMD k6 "Etch" machines between Feb
> 10-11, 2009 using "Lenny" test. Both picked up a symptom I haven't seen
> since the lpd exploit of the 1990's. This symptom manifests itself as
> either a random escal
11 matches
Mail list logo