not that I know of, but I would suggest turning on tainted mode and
passing all external variables through a regex.
my $documentRoot = $ENV{"DOCUMENT_ROOT"};
if (defined($documentRoot)) {
# untaint documentRoot
$documentRoot =~ m#^([\w_./+:-]+)$#;
$documentRoot = $1;
}
or
not that I know of, but I would suggest turning on tainted mode and
passing all external variables through a regex.
my $documentRoot = $ENV{"DOCUMENT_ROOT"};
if (defined($documentRoot)) {
# untaint documentRoot
$documentRoot =~ m#^([\w_./+:-]+)$#;
$documentRoot = $1;
}
or
Just for further info
If you want a whole process in locking up Linux go to www.securityportal.com
and Select the Linux tab. In the left hand frame, there should be a
section labelled Securing Linux. Follow that to help plug further holes.
Dan Hutchinson
Dan Christensen <[EMAIL PROTECTED]
Just for further info
If you want a whole process in locking up Linux go to www.securityportal.com
and Select the Linux tab. In the left hand frame, there should be a
section labelled Securing Linux. Follow that to help plug further holes.
Dan Hutchinson
Dan Christensen <[EMAIL PROTECTED
Thanks everybody, it's nice to have an active security ml
Vincenzo Ciancia
--
Nick Name - [EMAIL PROTECTED] - UIN 94982698 - Vincenzo Ciancia -
Hello Everyone,
I'm not quite sure if this is the right place to be posting this, but I am
using Debian and it is a security related question.
We are currently developing a new website with perl that consists of using
the HTML::Template module. In the beginning of this script there are
multip
Dan Christensen <[EMAIL PROTECTED]> writes:
> No need to reboot or restart init, I think.
Actually, on second thought, rebooting is probably a good idea,
since there are probably lots of processes already running with
the wrong umask.
Dan
Ethan Benson <[EMAIL PROTECTED]> writes:
> neh. messing around with what /sbin/init is nasty. better solution
> is adding umask 022 to /etc/init.d/rc, using /etc/initscript (im not
> totally sure how this works rtfm...)
Here is what I put in /etc/initscript, which does the trick
according to Ni
Thanks everybody, it's nice to have an active security ml
Vincenzo Ciancia
--
Nick Name - [EMAIL PROTECTED] - UIN 94982698 - Vincenzo Ciancia -
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Hello Everyone,
I'm not quite sure if this is the right place to be posting this, but I am
using Debian and it is a security related question.
We are currently developing a new website with perl that consists of using
the HTML::Template module. In the beginning of this script there are
multi
Dan Christensen <[EMAIL PROTECTED]> writes:
> No need to reboot or restart init, I think.
Actually, on second thought, rebooting is probably a good idea,
since there are probably lots of processes already running with
the wrong umask.
Dan
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a
Ethan Benson <[EMAIL PROTECTED]> writes:
> neh. messing around with what /sbin/init is nasty. better solution
> is adding umask 022 to /etc/init.d/rc, using /etc/initscript (im not
> totally sure how this works rtfm...)
Here is what I put in /etc/initscript, which does the trick
according to N
Dear all,
I will be on vacation from Monday 16/07/01 and be back on Monday 30/07/01.
M. Weynants
Ich bin zur Zeit nicht im Hause und ab dem 06.08.2001 wieder unter dieser
Adresse erreichbar.
In dringenden Fällen wenden Sie sich bitte an meine Vertretung Sander Jones,
der unter +49 (0) 651 8247 0 erreichbar ist.
E-Mail-Adresse: [EMAIL PROTECTED]
Thomas Nesges
I am currently out of the office from July 24th - July 30th. I will be
returning on July 31st. If you need assistance, please contact Paul
Frohardt (396-5039) or James Hatmaker (396-7936) .
Thanks,
- Ryan
Title: Untitled Document
Bonjour,
vous aimez la pêche et le milieu aquatique ?
Hi, you like the fishing and the environment ?
Gratuit,
chaque semaine en français : La
Lettre de Sea-River
Gratuit,
chaque mois : La
Lettre européenne de Sea-River
Free,
every month : The
Dear all,
I will be on vacation from Monday 16/07/01 and be back on Monday 30/07/01.
M. Weynants
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Ich bin zur Zeit nicht im Hause und ab dem 06.08.2001 wieder unter dieser
Adresse erreichbar.
In dringenden Fällen wenden Sie sich bitte an meine Vertretung Sander Jones,
der unter +49 (0) 651 8247 0 erreichbar ist.
E-Mail-Adresse: [EMAIL PROTECTED]
Thomas Nesges
--
To UNSUBSCRIBE, email to [E
I am currently out of the office from July 24th - July 30th. I will be
returning on July 31st. If you need assistance, please contact Paul
Frohardt (396-5039) or James Hatmaker (396-7936) .
Thanks,
- Ryan
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Troubl
Title: Untitled Document
Bonjour,
vous aimez la pêche et le milieu aquatique ?
Hi, you like the fishing and the environment ?
Gratuit,
chaque semaine en français : La
Lettre de Sea-River
Gratuit,
chaque mois : La
Lettre européenne de Sea-River
Free,
every month : The
On Tue, Jul 24, 2001 at 02:24:41AM +0200, Nick Name wrote:
> More seriously, a quick fix could be, if you can't switch back 2.2.19 or
> go forward 2.4.7, to mv /sbin/init /sbin/good_init and put in /sbin/init
> a script like this, everything is untested of course:
>
> #!/bin/sh
> umask 022
> exe
On Mon, 23 Jul 2001 19:27:06 dude wrote:
>
>
> On Mon, 23 Jul 2001, Jeff Coppock wrote:
>
> > >
> > > iptables -A log -j LOG --log-prefix "Rejected: " # be verbose in syslog
> > > iptables -A log -j delete # hand over package to "delete"
> > >
>
>
> What more information does log prefix add to
On Tue, Jul 24, 2001 at 02:24:41AM +0200, Nick Name wrote:
> More seriously, a quick fix could be, if you can't switch back 2.2.19 or
> go forward 2.4.7, to mv /sbin/init /sbin/good_init and put in /sbin/init
> a script like this, everything is untested of course:
>
> #!/bin/sh
> umask 022
> ex
23 matches
Mail list logo
