On Sun, 20 Mar 2005 11:21:07 +1100, psz <[EMAIL PROTECTED]> said:
> Brendan O'Dea <[EMAIL PROTECTED]> wrote:
>> Your argument is that exporting a writable / or /usr via NFS
>> exposes you to possible exploits? Then DON'T DO THAT.
> and Manoj Srivastava <[EMAIL PROTECTED]> wrote:
>> ... majori
Alert, This is your Second Notification:
Thank you for your recent inquiry, we have been notified that two lenders are
interested in offering you a deal. Remember, for this special offer past
credit history is not a factor.
In accordance with our terms please verify your information on our se
Brendan O'Dea <[EMAIL PROTECTED]> wrote:
> Your argument is that exporting a writable / or /usr via NFS exposes
> you to possible exploits? Then DON'T DO THAT.
and Manoj Srivastava <[EMAIL PROTECTED]> wrote:
> ... majority do not NFS export /usr/local ...
Sorry, but that is not the issue. The
Synopsis:
Make squash_gids be a default for the NFS server, make /home
not be writable by group staff, leave /usr/local alone.
==
By default, in Debian, /usr/local is integrated into the OS,
it is in the defaul
On Sat, 19 Mar 2005 10:02:56 +0100, Bill Allombert <[EMAIL PROTECTED]> said:
> On Fri, Mar 18, 2005 at 07:19:14PM -0600, Manoj Srivastava wrote:
>> On Fri, 10 Dec 2004 16:45:01 -0500, Joey Hess <[EMAIL PROTECTED]>
>> said:
>>
>> > There seems to be no consistency in debian about the default
>> >
On Sat, Mar 19, 2005 at 09:35:42PM +1100, [EMAIL PROTECTED] wrote:
>Thanks for pointing those out! Add group tty also? All should be
>"squashed" (and the objects owned by root:root instead).
Hey, good idea! Why don't we ditch *all* the groups and have everything
groupt root!
That "src" group is
Brendan O'Dea <[EMAIL PROTECTED]> wrote:
> ... the current situation poses no security risks without the
> administrator choosing to add users to the staff group.
Sorry, that is wrong. Quoting from the original bug report:
> Become-any-user-but-root and become-any-group-but-root bugs are quite
>
On Sat, Mar 19, 2005 at 06:56:37PM +1100, Brendan O'Dea wrote:
> I believe that the facility of having a group which may write to
> /usr/local is very useful and should be retained. Furthermore, I would
> assert that the current situation poses no security risks without the
> administrator choosin
On Fri, Mar 18, 2005 at 07:19:14PM -0600, Manoj Srivastava wrote:
> On Fri, 10 Dec 2004 16:45:01 -0500, Joey Hess <[EMAIL PROTECTED]> said:
>
> > There seems to be no consistency in debian about the default
> > directory used by tftpd servers. I've tried all three:
>
> > server directory
> > tft
On Wed, Mar 16, 2005 at 06:00:14PM +0100, Santiago Vila wrote:
>On Wed, 16 Mar 2005, Brendan O'Dea wrote:
>> Having /usr/local staff writable is *very* useful when using CPAN to
>> install local packages w/- having to do the "make install" as root.
>>
>> This is a benefit I'd prefer not to see rem
10 matches
Mail list logo
