Michael David Crawford wrote:
> It's not that setuid shell scripts are really more
> inherently insecure than programs written in C.
Actually, absent some careful cooperation between the kernel
and the interpreter to prevent a race condition that can cause
the interpreter to run (with elevated pe
per...@pluto.rain.com wrote:
> Actually, absent some careful cooperation between the kernel
> and the interpreter to prevent a race condition that can cause
> the interpreter to run (with elevated permissions) a completely
> different script than the one that was marked setuid, setuid
> scripts _a
On Sat, 29 Aug 2009 00:17:24 -0700, Michael David Crawford
wrote:
> I came across a page that explained all the different ways setuid
> scripts could screw up - one would have to be a rocket scientist to
> avoid all the potential pitfalls.
Hi Michael,
It would be a very useful addition to the l
On Sat, 29 Aug 2009 00:06:29 -0700
per...@pluto.rain.com wrote:
> Michael David Crawford wrote:
> > It's not that setuid shell scripts are really more
> > inherently insecure than programs written in C.
>
> Actually, absent some careful cooperation between the kernel
> and the interpreter to pre
Ere we not sufficiently convinced of the danger and the arduousness of
our attempt, by our own experience and by analogy, we should have found
abundant reason for diffidence in the often repeated counsels of
Russians, who all unite in asserting that there is something so
peculiarly delicate and in
2009/8/28 Ruben de Groot
> On Thu, Aug 27, 2009 at 12:28:26PM -0400, APseudoUtopia typed:
> > Two more questions then I should be ready to go with my jail(s).
> >
> > In order to minimize the HDD space of the jail, can I add things in my
> > src.conf such as
> > WITHOUT_BOOT, WITHOUT_ACPI, WITHOU
Hi folks!!!
Homework done!
updated to STABLE 7.2:
uname -a:
[iscariote@ /usr/home/iscariote]$ uname -a
FreeBSD 7.2-STABLE FreeBSD 7.2-STABLE #1: Sat Aug 29 15:04:29 UTC 2009
root@:/usr/obj/usr/src/sys/GENERIC amd64
[iscariote@ /usr/home/iscariote]$
Installed radeonhd from radeonhd:
/usr/por
On Fri, Aug 28, 2009 at 08:10:59PM -0600, Tim Judd wrote:
> On 8/28/09, RW wrote:
> > On Fri, 28 Aug 2009 11:54:19 +0300
> > Giorgos Keramidas wrote:
> >
> >> On Fri, 28 Aug 2009 09:24:35 +0100, Jeronimo Calvo
> >> wrote:
> >
> >> > As far as i know, using SUID, script must runs with root
> >>
On Sat, Aug 29, 2009 at 03:11:29PM +, Jeronimo Calvo wrote:
> updated to STABLE 7.2:
> Installed radeonhd from radeonhd:
>
> after this, i edited my /etc/X11/Xorg.conf
>
> editing that line:
>
> [iscariote@ /usr/home/iscariote]$ cat /etc/X11/xorg.conf | grep radeonhd
> Driver
> "radeonh
RW wrote:
On Sat, 29 Aug 2009 00:06:29 -0700
per...@pluto.rain.com wrote:
Michael David Crawford wrote:
It's not that setuid shell scripts are really more
inherently insecure than programs written in C.
Actually, absent some careful cooperation between the kernel
and the interpreter to preve
Perhaps a better idea than a setuid shell script, would be to figure out
just what it is about your script that really needs to be executed as root.
When write a C program that can do just that one thing - and absolutely
nothing else.
If it takes any kind of input, or command line parameters,
Hello,
I'm using FreeBsd 6.3 and I trying to build APE-Server from
[1]http://www.ape-project.org.
To compile APE -Server its riquire:
- GCC
- libc6-dev
Could you please give me any suggestion about howto install libc6-dev
on FreeBsd?
Thank you.
Best regards,
Vlad
On Sat, 29 Aug 2009 09:35:49 -0700, "Vladimir M" wrote:
>Could you please give me any suggestion about howto install libc6-dev
>on FreeBsd?
I'm not sure what libc6-dev refers to, maybe development version
6 of the C library? In this case, FreeBSD already has version 7
which should be comp
Hello,
I'm experimenting with trying to boot from a RAIDZ on 8.0-BETA3 (amd64).
The environment is VMware. I've been googling and reading what I can
on this procedure, which sounds possible, but I have been unable to
successfully get a system up and running with my technique.
So far, this
On Fri, 28 Aug 2009, stan wrote:
> I have a FreeBSD machine serving as (among other things) a Samba server
> for an XP instance running under VirtualBox. The XP application is a data
> gathering one that polls continuously. I have set up things so that XP
> mounts the Samba share, and logs it's d
On Fri, 28 Aug 2009, AN wrote:
> I'm trying to configure java on FreeBSD 7-stable and Gnome 2.26.3, with
> Firefox35. I tried the following commands, but still no ability to view java
> applets.
>
> ln -s libjavaplugin_oji.so /usr/local/lib/firefox/plugins
> ln -s libjavaplugin_oji.so /usr/local
RW wrote:
> On Sat, 29 Aug 2009 00:06:29 -0700
> per...@pluto.rain.com wrote:
> > Actually, absent some careful cooperation between the
> > kernel and the interpreter to prevent a race condition ...
>
> isn't that the same issue that Matthew Seaman was saying
> was fixed years ago ... and is descr
17 matches
Mail list logo