Re: red worm amusement

2001-07-22 Thread SDiZ Cheng
Microsoft Windows is not really bad, if you know how to admin it. However, Microsoft give this on its web site: http://www.microsoft.com/NTWorkstation/downloads/Recommended/Featured/NTZAK. asp Oh my god... Zero Administration ? Luckily, Debian is asking their administrator check for security

Re: shared root account

2001-07-07 Thread SDiZ Cheng
[] yup, which is why nobody gets root but me. if i ever for some reason decided to go back to sysadmin work a criteria for employment would be that no manager, sales guy, or other morons would be permitted access to root for ANY REASON, period, end of story. as for sudo for my own

How to write a secure C program..

2001-07-03 Thread SDiZ Cheng
I am going to rewrite suexec.c of apache ( to suit my boss's need ). As this program is SUID, I don't want to make any mistake. Besides not passing those arguments to printf( ), what C/C++ function(s) I should take extra care while using? -- Cheng Yuk Pong (SDiZ) 4096/1024 DH/DSS 0xA4C6FAD3

Re: How to write a secure C program..

2001-07-03 Thread SDiZ Cheng
Just as an additional question: Are there any known buffer overflow problem in perl functions? Coz I am writing another program in perl which will, too, run as root and listen to TCP socket with SSL. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble?

How to write a secure C program..

2001-07-03 Thread SDiZ Cheng
I am going to rewrite suexec.c of apache ( to suit my boss's need ). As this program is SUID, I don't want to make any mistake. Besides not passing those arguments to printf( ), what C/C++ function(s) I should take extra care while using? -- Cheng Yuk Pong (SDiZ) 4096/1024 DH/DSS 0xA4C6FAD3

Re: How to write a secure C program..

2001-07-03 Thread SDiZ Cheng
Just as an additional question: Are there any known buffer overflow problem in perl functions? Coz I am writing another program in perl which will, too, run as root and listen to TCP socket with SSL.

Re: Exploit

2001-06-09 Thread SDiZ Cheng
Nothing have to be done. It's just a joke. Try it, under that root shell, create some file then ls -l - Original Message - From: Tomasz Olszewski [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Exploit Could you please tell me how I can prevent from following exploit:

Re: Exploit

2001-06-09 Thread SDiZ Cheng
Nothing have to be done. It's just a joke. Try it, under that root shell, create some file then ls -l - Original Message - From: Tomasz Olszewski [EMAIL PROTECTED] To: debian-security@lists.debian.org Subject: Exploit Could you please tell me how I can prevent from following exploit: