Andrew Vaughan wrote:
> I'm wondering why the body of the email doesn't include instructions on how
> to unsubscribe? Most modern email clients
[...]
> Just adding "To unsubscribe email:debian-security-requ...@lists.debian.org
> with the subject unsubscribe" at
Alexander Wirt wrote:
> Because people expect that they can answer a DSA.
Okay, but what's the point? If someone has something valuable to say in
response to a DSA:
1) he can find the debian-security list;
2) if he replies to the -announce list and gets a bounce
Carsten Aulbert wrote:
> Would it make sense to add that to the DSA 3500-1 page, like for
> DSA-3481[1]?
Probably (if not already the case---didn't check). But frankly, *every*
library with a security update falls in this case AFAICT, so if you're
going to do that,
Noah Meyerhans wrote:
> He replied to a post to debian-security-annou...@lists.debian.org yet
> everybody who replied to him how to unsubscribe from
> debian-security@lists.debian.org. Amazing how he's still on the list,
> isn't it?
Yup. Wouldn't it be possible to set the
Hi,
I appreciate your help (Joerg, David and Kurt), but there is still a
problem to solve before I can trust my connection to db.debian.org via
HTTPS.
Kurt Roeckx [EMAIL PROTECTED] wrote:
So Joerg just replaced them with the new ones:
http://www.spi-inc.org/secretary/spi-ca.crt
Kurt Roeckx [EMAIL PROTECTED] wrote:
The certificate for db.debian.org is still signed by the old key.
Mmmm.
They're both part of the ca-certificates package in testing and
unstable:
new: /etc/ssl/certs/SPI_CA_2006-cacert.pem
old: /etc/ssl/certs/spi-ca.pem
It appears that
Hi,
Joerg Jaspert [EMAIL PROTECTED] wrote:
1. There is also:
* Entry created: /00/00 00:00:00 UTC
* Entry modified: /00/00 00:00:00 UTC
Those fields could be removed and not shown, that would fix this. Its
just that in the past we had those filled in, now we
Hi,
David Clymer [EMAIL PROTECTED] wrote:
With a signature, he just has to trust that signer f00's key has not
been compromised, thus the published host key info is trustworthy and a
MITM is not happening.
To be honest, I believe the MITM attack problem could be mitigated by
the certificate
[ I think debian-admin have read enough about my request by now, so if
you reply about verifying certificates and such, please consider
dropping the CC. Thanks. ]
Kurt Roeckx [EMAIL PROTECTED] wrote:
See:
http://lists.debian.org/debian-project/2006/07/msg00056.html
Which has the key in
Hi,
I wanted to login on gluck today and stumbled on that:
@@@
@WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING
Goswin von Brederlow [EMAIL PROTECTED] wrote:
if (isatty (0) (cp = ttyname (0))) {
For this to succeed the stdin must be a terminal. But nothing stops
you from using a pseudo terminal (pty).
You're right, that works. Thanks.
My conclusion is that whether using su or su - from a
Florent Rougon [EMAIL PROTECTED] wrote:
Is it possible for a malicious su wrapper to:
1. record root's password (of course, yes);
2. *and then* feed this password to the real su.
I suspect the real su empties the stdin buffer (or something like
that) to avoid such attacks, but would
Michael Marsh [EMAIL PROTECTED] wrote:
What this means is that if you just run su, you'll be left with the
environment of the user from whose account you entered root's. In
particular, $PATH, $LD_PRELOAD, and $LD_LIBRARY_PATH won't be unset.
If the user is malicious, he can get you to run
LeVA [EMAIL PROTECTED] wrote:
And can you tell me why the $USER and the $LOGNAME variables gets
resetted by su, no matter if I've invoked it with or without the '-'
option?
Which suite are you testing this on?
Here, on sarge, using su with the - sets USER to root but doesn't
modify
Oops!
Florent Rougon [EMAIL PROTECTED] wrote:
Here, on sarge, using su with the - sets USER to root but doesn't
without
modify LOGNAME.
Sorry for the confusion.
(of course, with su -, LOGNAME is set to 'root')
--
Florent
Florian Weimer [EMAIL PROTECTED] wrote:
mutt and Gnus are, in typical configurations. Most distributions
kindly add all these helpful mailcap entries.
Could you point out a mailcap entry that causes the file to be
*executed*?
Because running gqview $file.jpg is very different from running
[ I'm not subscribed to debian-www ]
Johan Haggi [EMAIL PROTECTED] wrote:
Maybe you want to add this at security faq:
=== Question ===
To use sarge's security updates I write this line in sources.list:
deb http://security.debian.org/ sarge/updates main contrib non-free
Why they don't say
[ I'm not subscribed to debian-www ]
Johan Haggi [EMAIL PROTECTED] wrote:
Maybe you want to add this at security faq:
=== Question ===
To use sarge's security updates I write this line in sources.list:
deb http://security.debian.org/ sarge/updates main contrib non-free
Why they don't say
Andris Kalnozols [EMAIL PROTECTED] wrote:
lpans1# dpkg -l | grep kernel-image
ii kernel-image-2 2.4.23-1 Linux kernel image for version 2.4.23 on PPr
ii kernel-image-2 2.4.24-2 Linux kernel image for version 2.4.24 on PPr
^^
Note that the package name is
Andris Kalnozols [EMAIL PROTECTED] wrote:
lpans1# dpkg -l | grep kernel-image
ii kernel-image-2 2.4.23-1 Linux kernel image for version 2.4.23 on PPr
ii kernel-image-2 2.4.24-2 Linux kernel image for version 2.4.24 on PPr
^^
Note that the package name is
Jonas J Linde [EMAIL PROTECTED] wrote:
Procmail is a big tool, I need something different: small, reliable,
secure.
Big? The gzipped source tar ball is 227kB. If you want something that
processes mail in a fully customizable way I'm pretty sure you won't find
anything much smaller than
Jonas J Linde [EMAIL PROTECTED] wrote:
Procmail is a big tool, I need something different: small, reliable,
secure.
Big? The gzipped source tar ball is 227kB. If you want something that
processes mail in a fully customizable way I'm pretty sure you won't find
anything much smaller than
Nick Boyce [EMAIL PROTECTED] wrote:
Don't forget FileZilla
http://filezilla.sourceforge.net/
GUI Win32 client that does FTP, FTP over SSL, and SFTP. Apparently
has some integration with PuTTY,though I can't currently figure out
how to get FileZilla to use my PuTTY keystore.
The way I
Nick Boyce [EMAIL PROTECTED] wrote:
Don't forget FileZilla
http://filezilla.sourceforge.net/
GUI Win32 client that does FTP, FTP over SSL, and SFTP. Apparently
has some integration with PuTTY,though I can't currently figure out
how to get FileZilla to use my PuTTY keystore.
The way I
Marcel Weber [EMAIL PROTECTED] wrote:
I think he meant France with the limitation of 56 bit encription.
It doesn't exist any more. It used to be 128 bits for some time (I think
it's still 128 bits for undeclared secret-key crypto-systems, but
IANAL), and since the 15th of July 2002, the key
Marcel Weber [EMAIL PROTECTED] wrote:
I think he meant France with the limitation of 56 bit encription.
It doesn't exist any more. It used to be 128 bits for some time (I think
it's still 128 bits for undeclared secret-key crypto-systems, but
IANAL), and since the 15th of July 2002, the key
Hi,
Anthony DeRobertis [EMAIL PROTECTED] wrote:
There is a package for doing that (setting up those pseudo-packages) but I
don't remember the name. Sorry :-(
I think you mean equivs.
--
Florent
Christoph Moench-Tegeder [EMAIL PROTECTED] wrote:
It's your fault if you don't filter on X-Spam-Status.
FYI (sorry for the long line), it was:
X-Spam-Status: No, hits=4.3 required=4.7
Hi,
I have read several times, including on this list, that password
authentication with ssh does not send the password in clear text (it is
sent in the encrypted tunnel). This is confirmed by the ssh(1) man page:
If other authentication methods fail, ssh prompts the user for a
29 matches
Mail list logo