Yeah, that LD_PRELOAD trick NOEXEC uses doesn't work so well with
static executables.
Thank you, so there is a way tricking noexec with vi to get a root shell.
But how exactly? Why isn't it fixed? :O
On Mon, Apr 27, 2015 at 9:49 PM, Christian Weisgerber na...@mips.inka.de
wrote:
On 2015-04-27,
You are perfectly correct, it was ed, not vi and sudoedit could be the
solution, thanks.
I will try to search the internet how to do the LD_PRELOAD trick with ed.
Thanks :)
On Tue, Apr 28, 2015 at 7:09 AM, Philip Guenther guent...@gmail.com wrote:
On Mon, Apr 27, 2015 at 9:43 PM, someone
13-year-old SSL/TLS Weakness Exposing Sensitive Data in Plain Text
http://thehackernews.com/2015/03/rc4-ssl-tls-security.html
On Tue, Mar 17, 2015 at 5:08 PM, someone thisistheone8...@gmail.com wrote:
How much do we bet in $$$ that March 19. will be an RC4 related security
bug?
On Sat, Mar 7
Hello,
I recently seen an OS:
http://www.manux.info/en/
The userspace architecture is unlike any other, with all processes
chrooted (yes, even /bin/true). And programs that can launch others require
no access to their chroot for this;
Can this be done on OpenBSD too? Or the installer size
How much do we bet in $$$ that March 19. will be an RC4 related security
bug?
On Sat, Mar 7, 2015 at 3:33 PM, Stuart Henderson s...@spacehopper.org
wrote:
(ridiculous formatting adjusted)
On 2015-03-06, someone thisistheone8...@gmail.com wrote:
SUGGEST THE WORLD TO ONLY USE PERFECT FORWARD
servers that are installed nowadays are
still using RC4? WHAT A BRIGHT FUTURE. Cryptographers are shouting LOUDly
that do not use RC4/*DES ciphers, use ONLY PFS!!!
On Wed, Mar 4, 2015 at 11:56 PM, Theo de Raadt dera...@cvs.openbsd.org
wrote:
On Thu, 5 Mar 2015, at 07:37 AM, someone wrote
:00PM +0100, someone wrote:
So I argumented against ex.: RC4/*DES with the
https://jve.linuxwall.info/blog/index.php?post/TLS_Survey
but nothing in reply came in as con this looks like a one-sided
topic...
I still don't understand why couldn't we put the KNOWN weak ciphers
Hello,
---
Does LibreSSL supports RSA export-grade keys? - FREAK Attack
Apple's SecureTransport and OpenSSL -- have a bug in them. This bug causes
them to accept RSA export-grade keys *even when the client didn't
I think that's a win.
What about PFS-only + HIGH ciphers?
On Wed, Mar 4, 2015 at 4:32 PM, Ted Unangst t...@tedunangst.com wrote:
someone wrote:
Does LibreSSL supports RSA export-grade keys? - FREAK Attack
Export ciphers were deleted from LibreSSL last summer.
Sometimes you have to break things to make it better
On Wed, Mar 4, 2015 at 5:13 PM, Miod Vallat m...@online.fr wrote:
I think that's a win.
What about PFS-only + HIGH ciphers?
What about interoperability? It is too early to restrict LibreSSL to
PFS ciphersuites, alas.
Miod
interoperable - you mean there are still softwares that really count and
still cannot use/support HIGH ciphers? wow. What a world we live in.. :\
On Wed, Mar 4, 2015 at 7:27 PM, Miod Vallat m...@online.fr wrote:
Sometimes you have to break things to make it better
Yes, and getting people to
, at 07:37 AM, someone wrote:
interoperable - you mean there are still softwares that really count
and
still cannot use/support HIGH ciphers? wow. What a world we live in.. :\
On Wed, Mar 4, 2015 at 7:27 PM, Miod Vallat m...@online.fr wrote:
Sometimes you have to break things to make
Thanks for all the useful comments :)
On Wed, Mar 4, 2015 at 12:33 PM, Jiri B ji...@devio.us wrote:
On Tue, Mar 03, 2015 at 08:16:11PM +0100, someone wrote:
If X security is so bad, how can one run a GUI app, ex.: Firefox without
it? Using framebuffer? How can then someone use a GUI
Thanks for clarifying!
On Tue, Mar 3, 2015 at 9:33 PM, Nick Holland n...@holland-consulting.net
wrote:
On 03/03/15 10:55, Thisis theone wrote:
Hello,
Do you expect to run the X Window System? [yes] no
Do you want the X Window System to be started by xdm(1)? [no] no
Isn't this a
Hello,
1) If I run transmission-gtk with ex.: 20 torrent files and I'm on a
50 mbit/sec network, after ~10-15 minutes (network fully used,
ethernet, not wifi) my OpenBSD 5.6 64bit on a T61 will always crash
and brings up the gdb. Is that normal? How can I help debug it? I'm
not running it as
Thank you for the tricks! :) (Google already indexed it, so less people
will ask it in the future, lol)
Is this an old bug or just a feature?
I know it would be great if the world would only have 1 language: English,
but that will be about ~1000 years away.
Hello,
If I:
pkg_add firefox-esr
then I cannot see any separated user for it:
grep -i firefox /etc/passwd
When will OpenBSD have a separated user for the webbrowser by default?
If someone gets in via the webbrowser... it will have the id_rsa, the
*.kdb, etc.
If it will not be default
pkg_add colorls
alias ls=colorls
This one did it, many thanks!!
On Tue, Mar 3, 2015 at 5:41 PM, Stefan Sperling s...@stsp.name wrote:
On Tue, Mar 03, 2015 at 04:55:01PM +0100, Thisis theone wrote:
$ touch árvÃztűrÅ tükörfúrógép
$ ls -lah
-rw--- 1 user user 0B Feb 8
+0100, someone wrote:
Hello,
If I:
pkg_add firefox-esr
then I cannot see any separated user for it:
grep -i firefox /etc/passwd
When will OpenBSD have a separated user for the webbrowser by default?
I think Ted specifically stated that jailing the browser under its own
user
Only running -release without patches. Ok, then I will try out newer
versions before reporting anything, thanks!
On Tue, Mar 3, 2015 at 5:56 PM, Josh Grosse j...@jggimi.homeip.net wrote:
On 2015-03-03 11:37, someone wrote:
1) If I run transmission-gtk with ex.: 20 torrent files and I'm
If X security is so bad, how can one run a GUI app, ex.: Firefox without
it? Using framebuffer? How can then someone use a GUI password manager to
copy the pwd to the Firefox in the fb?
google doesn't gives too many answers, to be more precise, zero per hour
can someone at least give keywords
http://blogs.gnome.org/alexl/2015/02/17/first-fully-sandboxed-linux-desktop-app/
h, great, looks like X is not soo good regarding security.. maybe
Wayland..
On Tue, Mar 3, 2015 at 6:09 PM, someone thisistheone8...@gmail.com wrote:
Wow, copying the .Xauthority to the separated user worked
22 matches
Mail list logo