Re: Disable whatever is cleaning /tmp
On 26.04.2014, Garry T. Williams wrote: > That's not true. Swap will come into play and unreferenced data in > the /tmp files will be paged out in favor of claiming that memory for > other uses. Did you actually try? [htd@kiera ~]$ dd if=/dev/zero of=/tmp/bigfile bs=1M count=3000 dd: error writing ‘/tmp/bigfile’: No space left on device 2048+0 records in 2047+0 records out 2147450880 bytes (2.1 GB) copied, 0.920556 s, 2.3 GB/s [htd@kiera ~]$ free -m total used free sharedbuffers cached Mem: 3745 1562 2183 0 0773 -/+ buffers/cache:787 2957 Swap: 8191 0 8191 I have 4 GB of memory in my machine, and mount defaults to "size=50%" (= 2GB). I have been running /tmp as a tmpfs a long time, because the harddisk is a SSD. What happens can you see above: it creates a 2 GB file and aborts for the next 1 GB. The machine has 8 GB of swap, and nothing of it was used. Disclaimer: this is not a rant against having /tmp using tmpfs. I'm aware of the limitations, and have only encountered positive experiences so far. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Coding Practice [was Re: Serious OpenSSL vulnerability]
On 26 April 2014 03:38, Tim wrote: > On Wed, 2014-04-23 at 23:26 -0400, Rahul Sundaram wrote: >> millions and millions of affected users who had to go ahead and change >> passwords for many many things they rely on > > One thing I haven't seen mentioned, here nor elsewhere, was whether the > bug could only affect you if they tried to hack the server while you > were using it. Or if it was possible to extra useful data well after > you had been and gone. Since it's talking about reading data beyond > what's expected, I suspect it may be that you were vulnerable even > sometime after your session, if the server hadn't re-used the memory for > something else, yet. > The simplest 'backwards' exploit is if the private keys were stolen then other encrypted traffic captured which had used the same keys could then be decoded. Though IIUC 'perfect forward secrecy' should reduce the risk of that. As you say there's also whatever data is still in memory, that's a shorter window. I don't know how Apache memory is structured, but I'd speculate there's the potential to leak hashed passwords there. -- imalone http://ibmalone.blogspot.co.uk -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Coding Practice [was Re: Serious OpenSSL vulnerability]
Ian Malone wrote: > On 26 April 2014 03:38, Tim wrote: >> On Wed, 2014-04-23 at 23:26 -0400, Rahul Sundaram wrote: >>> millions and millions of affected users who had to go ahead and change >>> passwords for many many things they rely on >> >> One thing I haven't seen mentioned, here nor elsewhere, was whether the >> bug could only affect you if they tried to hack the server while you >> were using it. Or if it was possible to extra useful data well after >> you had been and gone. Since it's talking about reading data beyond >> what's expected, I suspect it may be that you were vulnerable even >> sometime after your session, if the server hadn't re-used the memory for >> something else, yet. >> > > The simplest 'backwards' exploit is if the private keys were stolen > then other encrypted traffic captured which had used the same keys > could then be decoded. Though IIUC 'perfect forward secrecy' should > reduce the risk of that. As you say there's also whatever data is > still in memory, that's a shorter window. I don't know how Apache > memory is structured, but I'd speculate there's the potential to leak > hashed passwords there. I'm not SSL/TLS guru and I'm not in-deep study heartbeat OpenSSL bug (mainly because I consider Fedora 15+ as too problematic and stay at F14 with eventual migration to CentOS 6 on my servers, thus they aren't affected with this bug), but - it is truth, that when private key is stealed, this _always_ implied, that encrypted traffic may be read with private key knowledge? As I know, when e.g. Diffie-Hellman key exchanging is used, then either private key knowledge isn't sufficient to decode network traffic. Of course, TLS RFCs give us some basic set of mandatory ciphersuites which should know every TLS endpoint, and there are also these, where private key knowledge is sufficient for traffic decoding. But when at my side I allow e.g. (contrary to RFCs) only DH ciphersuites, then maybe either I'm not able establish a connection, or my connection is reliable - although connection is tapped by someone, who keep my private key. Or am I wrong? --- Regards, Franta Hanzlik -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Coding Practice [was Re: Serious OpenSSL vulnerability]
On 4/26/2014 1:19 PM, Frantisek Hanzlik wrote: I consider Fedora 15+ as too problematic and stay at F14 yup...fedora version 19 or 20 bugs are far worse than a computer security breach. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Flashplugin for Chrome ??
Fedora-20 / Chrome-34.0.1847.132/ FlashPlayer-11.2.202.350 How do I get FlashPlayer working in Chrome, I went into settings and imported Firefox setting,bookmarks,etc, Firefox is working fine with Flashplayer. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Flashplugin for Chrome ??
On 04/26/2014 04:41 PM, Mickey wrote: > Fedora-20 / Chrome-34.0.1847.132/ FlashPlayer-11.2.202.350 > > How do I get FlashPlayer working in Chrome, I went into settings and > imported Firefox setting,bookmarks,etc, Firefox is working fine with > Flashplayer. > > As far as I can tell, flash player isn't required for Chrome. I removed flash-plugin-11.2.202.350-release.x86_64 and went to Adobe's site. The test for shockwave player fails (http://www.adobe.com/shockwave/welcome/) but the test for flash itself works (https://www.adobe.com/software/flash/about/), saying "You have version 13,0,0,206 installed." According to Adobe, Chrome for Linux has flash built in: http://helpx.adobe.com/flash-player/kb/flash-player-google-chrome.html $ rpm -qa |grep chrome google-chrome-stable-34.0.1847.132-1.x86_64 -- -- Steve -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Flashplugin for Chrome ??
On 04/27/14 05:57, Steven Stern wrote: > On 04/26/2014 04:41 PM, Mickey wrote: >> Fedora-20 / Chrome-34.0.1847.132/ FlashPlayer-11.2.202.350 >> >> How do I get FlashPlayer working in Chrome, I went into settings and >> imported Firefox setting,bookmarks,etc, Firefox is working fine with >> Flashplayer. >> >> > As far as I can tell, flash player isn't required for Chrome. I removed > flash-plugin-11.2.202.350-release.x86_64 and went to Adobe's site. The > test for shockwave player fails > (http://www.adobe.com/shockwave/welcome/) but the test for flash itself > works (https://www.adobe.com/software/flash/about/), saying "You have > version 13,0,0,206 installed." > > According to Adobe, Chrome for Linux has flash built in: > http://helpx.adobe.com/flash-player/kb/flash-player-google-chrome.html > > $ rpm -qa |grep chrome > google-chrome-stable-34.0.1847.132-1.x86_64 > You are correct. Chrome has a flashplayer builtin. If one uses chrome://plugins as the URL and has the Adobe plugin installed, as I do, they would see something like this. Adobe Flash Player (2 files) - Version: 11.2 r202 Shockwave Flash 11.2 r202 Name:Shockwave Flash Description:Shockwave Flash 13.0 r0 Version:13.0.0.206 Location:/opt/google/chrome/PepperFlash/libpepflashplayer.so Type:PPAPI (out-of-process) Enable MIME types: MIME typeDescriptionFile extensions application/x-shockwave-flashShockwave Flash .swf application/futuresplashFutureSplash Player .spl Name:Shockwave Flash Version:11.2 r202 Location:/usr/lib64/flash-plugin/libflashplayer.so Type:NPAPI Disable MIME types: MIME typeDescriptionFile extensions application/x-shockwave-flashShockwave Flash .swf application/futuresplashFutureSplash Player .spl Note that I have the builtin player (libpepflashplayer.so) disabled at the moment since there is a problem when using that with mlb.com live games. -- Getting tired of non-Fedora discussions and self-serving posts -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Coding Practice [was Re: Serious OpenSSL vulnerability]
On Sat, Apr 26, 2014 at 22:19:47 +0200, Frantisek Hanzlik wrote: I'm not SSL/TLS guru and I'm not in-deep study heartbeat OpenSSL bug (mainly because I consider Fedora 15+ as too problematic and stay at F14 with eventual migration to CentOS 6 on my servers, thus they aren't affected with this bug), but - it is truth, that when private key is stealed, this _always_ implied, that encrypted traffic may be read with private key knowledge? As I know, when e.g. Diffie-Hellman key exchanging is used, then either private key knowledge isn't sufficient to decode network traffic. Of course, TLS RFCs give us some basic set of mandatory ciphersuites which should know every TLS endpoint, and there are also these, where private key knowledge is sufficient for traffic decoding. But when at my side I allow e.g. (contrary to RFCs) only DH ciphersuites, then maybe either I'm not able establish a connection, or my connection is reliable - although connection is tapped by someone, who keep my private key. Or am I wrong? If you have the private key and can redirect network traffic you can do man in the middle attacks. If forward security isn't being provided then just being able to see the traffic can allow you to get session keys. Depending on what you don't like about current Fedoras, you might try out the XFCE or Mate desktops. They provide an experience similar to Gnome 2. If you have an old graphics card, you will want to use kdm or lxdm instead of gdm. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: SOLVED: Thunderbird can't read Mail
Hi Zeff, You are right your method will work as long as the destination location in local folders is empty as you are overwriting those files when you do your copy. The method I was suggesting was to get the second set of emails to be listed as an inbox as I thought they were on the original system. But either method will work as long as appropriate precautions are taken. regards, Steve On 04/26/2014 10:19 AM, Joe Zeff wrote: On 04/25/2014 05:06 PM, Stephen Morris wrote: Just my 2 cents worth, which may or may not help. As I understand the way Thunderbird works, the mail files in your profile directory that Thunderbird uses are defined in the Local directory text box in the Message Storage section at the bottom of your Sever Settings in your Account Definition, which unfortunately as far as I am aware doesn't support multiple directories. ...because it doesn't need to. On my desktop computer, all of the mailboxes are stored in /home/joe/.thunderbird/ywhu7a5g.default/Mail/Local Folders, and the name of the default profile varies from one person to another. In order to have your old mail folders show up, start off by closing Thunderbird. Then, copy all of the mailbox files and their indexes (the .msf files) into that directory. When you restart T'bird, they'll be available. I know, because I use this to move saved emails from my laptop to my desktop whenever I've been away from home and had anything that needed to be available at home. <>-- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Coding Practice [was Re: Serious OpenSSL vulnerability]
On 04/26/2014 04:35 PM, Bruno Wolff III wrote: Depending on what you don't like about current Fedoras, you might try out the XFCE or Mate desktops. They provide an experience similar to Gnome 2. If you have an old graphics card, you will want to use kdm or lxdm instead of gdm. If you pick Xfce, lightdm is probably your best choice, as it's the one you'd get if you did a clean install with Xfce as your only DM. Using gdm pulls in a considerable amount of Gnome cruft, and kdm probably does the equivalent. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Flashplugin for Chrome ??
On 04/27/14 09:02, Stephen Morris wrote: > Just as a side issue to this, how do you get chrome to provide what you > have shown? > I know chrome has flash built in, and the adobe installer installs the > plugin in /usr/lib64, plus I have a link to the adobe plugin in /usr/lib > because the upstream 64-bit Firefox wants its plugins in /usr/lib, what I > can't account for is the 4th plugin. > If I use chrome://plugins in the browser I get the following display (the > following display is how the chrome output is represented in Thunderbird as a > result of a copy and paste, not how it is displayed in chrome): > > Adobe Flash Player (4 files) - Version: 13.0.0.182 > Shockwave Flash 13.0 r0 > If you look at the very top line you should seeover in the right hand side "+Details". Click on that to expand the list. -- Getting tired of non-Fedora discussions and self-serving posts -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
