On Thu, Oct 14, 1999 at 07:20:05PM +, Lars Wirzenius wrote:
> /usr/doc/debian-policy/policy.html/index.html:
>
> Copyright ©1996,1997,1998 Ian Jackson and Christian Schwarz.
>
> Yet the manual has been modified by others since. Should the copyright
> be updated?
Briefly: yes.
--
Ra
According to Tomasz Wegrzanowski:
> > Think of command line arguments, environment variables .. that's
> > all 'user input'
>
> This (command line arguments, environment variables) is
> what i checked in manpages.
Never ever trust manpages. Read the source.
> But theres nothing about
> such thin
On Thu, Oct 14, 1999 at 01:45:29PM +0200, Miquel van Smoorenburg wrote:
> According to Tomasz Wegrzanowski:
> > > But the source might contain a buffer overflow exploit, or another
> > > exploit. Yes, I wrote the code myself, and there is even a comment
> > > in the code about running setuid in a s
According to Tomasz Wegrzanowski:
> > But the source might contain a buffer overflow exploit, or another
> > exploit. Yes, I wrote the code myself, and there is even a comment
> > in the code about running setuid in a special group. But in my experience
> > _every_ setuid program has at least one h
> > I see some possibilities to make a mess with suid shutdown but not
> > much more mess than with turning power off by button
> > but if you know any exploits of suid shutdown of which I dont know
> > please tell me (Ive found nothing in manpages)
>
> Well it would be a bit weird if root-exploit
I second this proposal.
by ...
--
Thomas Kobienia <[EMAIL PROTECTED]> http://my.dex.de/~tk/
"The war won't be over until the last spammer's head is stuck onto a spear
at the city limits." [Paul Vixie, NANOG mailing list, Sept.1997]
On Thu, Oct 14, 1999 at 12:56:48AM +0200, Tomasz Wêgrzanowski wrote:
> Hmm... I used BSD as root a week and this was long time ago so my habit
> is not from this place
> Its just much faster and typoless to write `halt' than `shutdown -h now'
> According to manpages halt|reboot calls shutdown if sy
Processing commands for [EMAIL PROTECTED]:
> close 43651
Bug#43651: debian-policy: [PROPOSAL] mailbox locking
Bug closed, ack sent to submitter - they'd better know why !
> reopen 43651
Bug#43651: debian-policy: [PROPOSAL] mailbox locking
Bug reopened, originator not changed.
> severity normal 4
close 43651
reopen 43651
severity normal 43651
retitle 43651 [AMENDMENT 13/10/1999] mailbox locking
thanks
This proposal was seconded by Joey Hess <[EMAIL PROTECTED]> and Mika
Fischer <[EMAIL PROTECTED]>, no objections were posted, so I think that
this is a consensus.
I hope, that we can bring
According to Seth R Arnold:
> I think this might be debian-specific -- I do remember on other versions of
> unix, and probably even on other linux distributions -- that calling halt or
> reboot directly is a Very Bad Thing, unless things are worse on their own. :)
Well it's pretty much linux-speci
According to Tomasz Wêgrzanowski:
> > Note that 'shutdown' was NOT designed to be run setuid - for all
> > I know it's full of grave security holes if you do. You then not
> > only gave the people in the group 'power' permission to shut down
> > the machine, you just granted them root access as wel
On Sat, 09 Oct at 19:27 -0700, Joey Hess wrote:
> Mailbox locking (#43651)
> * Stalled for 2 weeks.
> * Proposed by Roland Rosenfeld; seconded by Joey Hess.
> * "The Debian policy is not very clear in the definition of the way,
> mailbox locking should be implemented. It only points to a
On Thu, Oct 14, 1999 at 12:56:48AM +0200, Tomasz Wêgrzanowski wrote:
> > Really, you are not supposed to call 'halt' or 'reboot' directly -
> > that's just a BSD heritage that people can't seem to get rid of.
> > But if you insist on it, halt or reboot don't need to be setuid root,
> > since they c
On Wed, Oct 13, 1999 at 07:33:53PM -0500, Nathan E Norman wrote:
> What's inelegant about sudo?
It creates (and waits for) dns traffic every time it's run.
In some circumstances this means sudo just hangs.
--
Raul
On Thu, 14 Oct 1999, Tomasz Wêgrzanowski wrote:
[ snip ]
: > >This group would be very useful for desktop machines for people who
: > >set computer on (via switch), login as common user and do what they have
to
: > >and then stop the computer via command (`halt' or `shutdown -h now')
: > >or
15 matches
Mail list logo
