Re: Which ssh should I have?

2001-11-08 Thread Junichi Uekawa
Wichert Akkerman [EMAIL PROTECTED] immo vero scripsit That's because nessus only checks the version number, and since we backported the patch we still have the old version number even though we are safe. CERT tells me Debian potato is vulnerable. We might want to correct them if they are

Re: the right way to access CDROM as non-root

2002-01-01 Thread Junichi Uekawa
On Tue, 1 Jan 2002 02:26:58 -0800 (PST) Nicole Zimmerman [EMAIL PROTECTED] wrote: You should have a device /dev/cdrom that is a symbolic link to your real CDROM device (/dev/hdc?). This link should be owned by root:cdrom. Not the link, the real file. /dev/hdc, or whatever it may be needs to

Re: tcl, tk and tix

2002-01-21 Thread Junichi Uekawa
those packages. regards, junichi -- [EMAIL PROTECTED] : Junichi Uekawa http://www.netfort.gr.jp/~dancer GPG Fingerprint : 17D6 120E 4455 1832 9423 7447 3059 BF92 CD37 56F4 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL

Re: scp and sftp

2002-03-30 Thread Junichi Uekawa
linux machine. You can disable sftp ability by removing the sftp-server program but the scp server part seems to be part of sshd. I'd be interested to know how you give scp access without giving shell access. regards, junichi -- [EMAIL PROTECTED] : Junichi Uekawa http

Re: OpenSSH 3.1

2002-04-07 Thread Junichi Uekawa
Peter Lieven [EMAIL PROTECTED] cum veritate scripsit: is the OpenSSH_3.0.2p1 version avaiable in the testing/unstable tree already patched against the March 7, 2002: Off-by-one error in the channel code security hole? yes. -- [EMAIL PROTECTED] : Junichi Uekawa http://www.netfort.gr.jp

Re: spam

2002-11-13 Thread Junichi Uekawa
I try to block on character sets: ie., ^Content-Type.*charset.*[gG][bB]2312 This catches quite a few spams I can't read. Some mail I try to reply have latin-1 chars. They will be translated to Japanese charset when I reply to them, so people are conveniently blocking some of my

Re: spam

2002-11-15 Thread Junichi Uekawa
Some mail I try to reply have latin-1 chars. They will be translated to Japanese charset when I reply to them, so people are conveniently blocking some of my mail, which is immensely annoying. Does that happen when you are replying in English, or only for Japanese? Japanese

Re: pbuilder and dpkg.cfg

2003-03-12 Thread Junichi Uekawa
Hi, I'm not quite sure if I follow what is happening. So, what is the problem ? I presume you are installing debsig-verify within chroot. And is the problem that debsig-verify is being ran in an unpacked but not yet configured state, or is it something else ? Turns out I wasn't imagining

Re: Stupid package installer wanted: uppity robots need not apply

2003-03-16 Thread Junichi Uekawa
dpkg? dpkg -i filename.deb Not even close. For instance: You may want to look at anna and udpkg, maybe. regards, junichi -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Which ssh should I have?

2001-11-08 Thread Junichi Uekawa
Wichert Akkerman [EMAIL PROTECTED] immo vero scripsit That's because nessus only checks the version number, and since we backported the patch we still have the old version number even though we are safe. CERT tells me Debian potato is vulnerable. We might want to correct them if they are

Re: the right way to access CDROM as non-root

2002-01-01 Thread Junichi Uekawa
On Tue, 1 Jan 2002 02:26:58 -0800 (PST) Nicole Zimmerman [EMAIL PROTECTED] wrote: You should have a device /dev/cdrom that is a symbolic link to your real CDROM device (/dev/hdc?). This link should be owned by root:cdrom. Not the link, the real file. /dev/hdc, or whatever it may be needs to

Re: tcl, tk and tix

2002-01-21 Thread Junichi Uekawa
bugs against those packages. regards, junichi -- [EMAIL PROTECTED] : Junichi Uekawa http://www.netfort.gr.jp/~dancer GPG Fingerprint : 17D6 120E 4455 1832 9423 7447 3059 BF92 CD37 56F4

Re: OpenSSH 3.1

2002-04-07 Thread Junichi Uekawa
Peter Lieven [EMAIL PROTECTED] cum veritate scripsit: is the OpenSSH_3.0.2p1 version avaiable in the testing/unstable tree already patched against the March 7, 2002: Off-by-one error in the channel code security hole? yes. -- [EMAIL PROTECTED] : Junichi Uekawa http

Re: spam

2002-11-13 Thread Junichi Uekawa
I try to block on character sets: ie., ^Content-Type.*charset.*[gG][bB]2312 This catches quite a few spams I can't read. Some mail I try to reply have latin-1 chars. They will be translated to Japanese charset when I reply to them, so people are conveniently blocking some of my

Re: spam

2002-11-15 Thread Junichi Uekawa
Some mail I try to reply have latin-1 chars. They will be translated to Japanese charset when I reply to them, so people are conveniently blocking some of my mail, which is immensely annoying. Does that happen when you are replying in English, or only for Japanese? Japanese

Re: pbuilder and dpkg.cfg

2003-03-12 Thread Junichi Uekawa
Hi, I'm not quite sure if I follow what is happening. So, what is the problem ? I presume you are installing debsig-verify within chroot. And is the problem that debsig-verify is being ran in an unpacked but not yet configured state, or is it something else ? Turns out I wasn't imagining

Re: Stupid package installer wanted: uppity robots need not apply

2003-03-16 Thread Junichi Uekawa
dpkg? dpkg -i filename.deb Not even close. For instance: You may want to look at anna and udpkg, maybe. regards, junichi

question on having . as LOAD_PATH (ruby)

2006-01-06 Thread Junichi Uekawa
Hi, I am wondering what the security implications of having a LOAD_PATH that includes '.' is. Debian includes software that is written in ruby, and is executed with root privilege, such as apt-listbugs. LOAD_PATH is the list of path that ruby library (MODULE.rb, MODULE.so) is searched against.

Re: question on having . as LOAD_PATH (ruby)

2006-01-07 Thread Junichi Uekawa
Hi, Hi, I am wondering what the security implications of having a LOAD_PATH that includes '.' is. Gerenally speaking, having . in any path is a bad idea. You are correct to feel uneasy about it. Can . not be prepended to the path specifically if desired (as in the shell

Re: question on having . as LOAD_PATH (ruby)

2006-01-07 Thread Junichi Uekawa
The following is a full posting I made to debian-security@lists.debian.org: At Sat, 07 Jan 2006 21:44:24 +0900, Junichi Uekawa wrote: Hi, Hi, I am wondering what the security implications of having a LOAD_PATH that includes '.' is. Gerenally speaking, having . in any path

Re: Granting sudo pbuilder

2009-09-23 Thread Junichi Uekawa
Yes. At Sat, 12 Sep 2009 23:33:43 +0200, Javier Serrano Polo wrote: Dear Junichi, In default environments, granting sudo pbuilder is the same as granting a shell. I don't believe users are aware of this. Is it an intended behaviour? Thanks. -- To UNSUBSCRIBE, email to