On Wed 11 May 2022 at 20:26:20 (+0200), to...@tuxteam.de wrote:
> On Wed, May 11, 2022 at 11:07:09AM -0500, David Wright wrote:
>
> [...]
>
> > But after two posts about background information on setuid shell
> > scripts, you now write "the worst antipattern is to misuse tech
> > to force people
On Wed, May 11, 2022 at 11:07:09AM -0500, David Wright wrote:
[...]
> But after two posts about background information on setuid shell
> scripts, you now write "the worst antipattern is to misuse tech
> to force people to follow some nonsensical rituals". Strong words.
Sorry if I was unclear. Th
On Wed 11 May 2022 at 07:05:47 (+0200), to...@tuxteam.de wrote:
> On Tue, May 10, 2022 at 10:08:20PM -0500, David Wright wrote:
> > On Tue 10 May 2022 at 17:12:25 (-0600), Charles Curley wrote:
>
> [...]
>
> > IOW, though logging in to root by password is ok at the console,
> > it's not ok when r
Charles Curley wrote:
> On Tue, 10 May 2022 11:08:23 -0500
> David Wright wrote:
>
> > That complicates unlocking partitions remotely because, even if you
> > can log in as root, you normally can't log in remotely as root.
>
> ??? I log in as root over SSH all the time.
Most sshd configs eithe
On Tue, May 10, 2022 at 10:08:20PM -0500, David Wright wrote:
> On Tue 10 May 2022 at 17:12:25 (-0600), Charles Curley wrote:
[...]
> IOW, though logging in to root by password is ok at the console,
> it's not ok when remote. ➀
I assume you know all that you can set "PermitRootLogin yes" in
your
On Tue 10 May 2022 at 17:12:25 (-0600), Charles Curley wrote:
> On Tue, 10 May 2022 11:08:23 -0500
> David Wright wrote:
>
> > That complicates unlocking partitions remotely because, even if you
> > can log in as root, you normally can't log in remotely as root.
>
> ??? I log in as root over SSH
On Tue, May 10, 2022 at 05:12:25PM -0600, Charles Curley wrote:
> David Wright wrote:
> > I use a special user called unlock, whose home directory is on
> > /var/local/, to unlock my /home partitions:
>
> Unlock? What does "unlock" mean in this context? It looks like a
> synonym for "mount". If s
On Tue, 10 May 2022 11:08:23 -0500
David Wright wrote:
> That complicates unlocking partitions remotely because, even if you
> can log in as root, you normally can't log in remotely as root.
??? I log in as root over SSH all the time.
>
> I use a special user called unlock, whose home director
On Tue 10 May 2022 at 13:02:41 (-0400), Greg Wooledge wrote:
> On Tue, May 10, 2022 at 11:08:23AM -0500, David Wright wrote:
[> > On Tue 10 May 2022 at 08:21:00 (-0600), Charles Curley wrote:]
> > > Why the aversion to doing things as root? Why not just run your scripts
> > > as root? This is exa
On Tue, May 10, 2022 at 11:08:23AM -0500, David Wright wrote:
> > On Tue, 10 May 2022 07:50:18 -0400 rhkra...@gmail.com wrote:
> > Why the aversion to doing things as root? Why not just run your scripts
> > as root? This is exactly the sort of thing that is reserved to root for
> > reasons of secur
On Tuesday, May 10, 2022 10:21:00 AM Charles Curley wrote:
> Why the aversion to doing things as root? Why not just run your scripts
> as root? This is exactly the sort of thing that is reserved to root for
> reasons of security.
I may think about that some more, but it is a general aversion to be
On Tue 10 May 2022 at 08:21:00 (-0600), Charles Curley wrote:
> On Tue, 10 May 2022 07:50:18 -0400 rhkra...@gmail.com wrote:
>
> > Background: 8 years ago I wrote a set of scripts to help me mount and
> > unmount LUKS encrypted partitions as needed and as myself
> > () rather than as root.
>
> W
On Tue, 10 May 2022 07:50:18 -0400
rhkra...@gmail.com wrote:
> Background: 8 years ago I wrote a set of scripts to help me mount and
> unmount LUKS encrypted partitions as needed and as myself
> () rather than as root.
Why the aversion to doing things as root? Why not just run your scripts
as ro
By the way, thanks to all who replied! One followup below.
On Tuesday, May 10, 2022 08:20:10 AM rhkra...@gmail.com wrote:
> Ok, thanks very much!
>
> That resolves that -- I do have another way of doing it (the c helper
> program), I just don't like it -- I'll probably continue to use that but
>
On Tue, May 10, 2022 at 07:58:39AM -0400, Greg Wooledge wrote:
> On Tue, May 10, 2022 at 07:50:18AM -0400, rhkra...@gmail.com wrote:
> > Aside: even though this is not a Debian specific question, I often use
> > debian-
> > user as my first resource in asking Linux questions.
>
> It's Linux-speci
(Intentionally top posting)
Ok, thanks very much!
That resolves that -- I do have another way of doing it (the c helper
program), I just don't like it -- I'll probably continue to use that but think
about alternatives.
On Tuesday, May 10, 2022 07:58:39 AM Greg Wooledge wrote:
> The Linux ker
On Tue, May 10, 2022 at 07:50:18AM -0400, rhkra...@gmail.com wrote:
> Aside: even though this is not a Debian specific question, I often use debian-
> user as my first resource in asking Linux questions.
>
> Background: 8 years ago I wrote a set of scripts to help me mount and unmount
> LUKS encr
On Tue, May 10, 2022 at 07:50:18AM -0400, rhkra...@gmail.com wrote:
> Aside: even though this is not a Debian specific question, I often use debian-
> user as my first resource in asking Linux questions.
It's Linux-specific, though.
> -rwsr-xr-x 1 root 1412 Aug 31 2014
>
The Linux kernel doe
working as
intended (that is, using suid) is part of my effort to do that.
Problem: I tried to use suid to allow the scripts to be run by me, but with
the permissions of root but I could not get that to work.
Aside: I do run those scripts with the aid of a (compiled) c helper program
that
confess to being a little bit mystified by the description
> there (I'll note that the user was having exactly the same debugging
> problem I am -- a wild goose chase caused by suid being ignored in
> strace!).
The user also reports the result of strace output. Is that not working
gs are now working.
I'd still be curious to find a way to re-enable suid with ptrace when
necessary
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://li
having exactly the same debugging
problem I am -- a wild goose chase caused by suid being ignored in
strace!). The fix reported there was
>Re: VBox 4.1.8 fails as non-root user
>by Perryg » 8. Jan 2012, 23:32
>If you started VirtualBox as root then the VBOX_USER_HOME environment has
>p
On Fri, 13 Jan 2012 13:23:23 -0700, Joe Pfeiffer wrote:
> I've got a very strange virtualbox problem: I have two hosts sharing
> /home with NFS. The two machines are very close to identical: same
> CPU, same motherboard, same amount of memory. Same kernel version, same
> virtualbox version, sa
ember of vboxusers on both machines.
I'm at a stage of frustration where I want to run strace to try to see
where the seg fault is happening. Unfortunately, due to a past
exploit, suid bits are silently ignored when ptrace is active, so when I
run it with strace I get an error to the effect t
>> Why can't the binary execute "amarok -t" when it is confirmed that it
>> is indeed running as user "tommy"?
>
> X doesn't authenticate connections based on uid. (For one thing, connections
> need not be from the local machine. But uid is not used even on the same
> machine.) Read the manpage
On Tuesday 02 February 2010 17:14:31 Thomas Anderson wrote:
> Why can't the binary execute "amarok -t" when it is confirmed that it
> is indeed running as user "tommy"?
X doesn't authenticate connections based on uid. (For one thing, connections
need not be from the local machine. But uid is no
I'm trying to make a web page that has buttons to control my running
music player application "Amarok" (Amarok is a Debian package). I can
control it from the command line by issuing this command:
$ amarok -t
That command toggles the music on and off.
I run Apache2 on Debian Lenny and the comman
José Alburquerque wrote:
Does anyone know a way for regular users to use cdrecord for CD
writing/blanking without the need for it to setuid? Any pointers
would be greatly appreciated. Thanks!
Just thought I'd let everyone know, I think I'll just be using cdrecord
as it is. I'll keep all
David E. Fox wrote:
On Tue, 8 Aug 2006 16:55:54 -0600
"Dwayne C. Litzenberger" <[EMAIL PROTECTED]> wrote:
Also be CAREFUL. On my system, /usr/bin/cdrecord is a SHELL SCRIPT, and
SUID-root shell scripts are a big security hole, IIRC. You probably want
to set the permiss
On Tue, Aug 08, 2006 at 08:53:35PM -0700, David E. Fox wrote:
To the OP - you can, I suppose, chmod the /usr/bin/cdrecord to regular
non-suid (chmod 750 /usr/bin/cdrecord). I notice the permissions here
for it are -rwsr-xr-- implying that others can read the binary, but not
execute it. (2754 in
On 08/08/2006 12:32 AM, Mike McCarty wrote:
Mumia W. wrote:
[...] Sudo is the only
alternative to making cdrecord SUID root.
And a very viable one.
Mike
But people should know that they would have to create a
special script to run cdrecord under sudo, or it would be less
safe than SUID
On Tue, 8 Aug 2006 16:55:54 -0600
"Dwayne C. Litzenberger" <[EMAIL PROTECTED]> wrote:
>
> Also be CAREFUL. On my system, /usr/bin/cdrecord is a SHELL SCRIPT, and
> SUID-root shell scripts are a big security hole, IIRC. You probably want
> to set the permissio
(sarge defautl kernel) but not in later ones. As the other
poster said, it has to do supposedly with priviieged IOCTLs and
kernel-level things.
I'm running etch (kernel 2.6.15.1-k7 actually). People running 2.4.x
may not have to have this requirement of
as a regular user, and it is indeed suid root
here. At least in Debian -land this is the case, and it's been a while
since I ran cdrecord on non-Debian systems.
To the OP - you can, I suppose, chmod the /usr/bin/cdrecord to regular
non-suid (chmod 750 /usr/bin/cdrecord). I notice the permission
On Tue, Aug 08, 2006 at 12:32:49AM -0500, Mike McCarty wrote:
The user won't get much mileage out of it either. Sudo is the only
alternative to making cdrecord SUID root.
And a very viable one.
And it opens up a rather large security hole.
cdrecord is designed to be made suid-root; It
On Tue, Aug 08, 2006 at 12:49:27PM -0400, José Alburquerque wrote:
The setuid-root sollution (give only the group executable rights, make it
suid root), please note that this is a security risk - you have been
warned):
1) create a group and add users as above
2) remove world executable from
José Alburquerque wrote:
s. keeling wrote:
Very odd, on both of you.
(0) heretic /home/keeling_ all `which cdrecord`
-rwxr-xr-x 1 root root 133 2005-01-09 09:55 /usr/bin/cdrecord*
No SUID needed.
(0) heretic /home/keeling_ id
uid=1000(keeling) gid=1000(keeling)
groups=20(dialout),24(cdrom
roblem is that I'd like cdrecord not to have the SUID set (the 's'
in '-rwsr-xr--' above). I'm not sure this is possible, but if it is and
Very odd, on both of you.
(0) heretic /home/keeling_ all `which cdrecord`
-rwxr-xr-x 1 root root 133 2005-01-09 09:5
On 08/07/2006 03:52 PM, Mumia W. wrote:
[...] Sudo is the only
alternative to making cdrecord SUID root.
Oops. Evidently that isn't the only alternative. Others have
posted that they've run cdrecord without SUID root. Oh well,
on my kernel SUID root is required.
--
To U
Mumia W. wrote:
I find it hard to believe that this works. I tried that too and
discovered that running cdrecord SUID root is a requirement; cdrecord
uses privileged IOCTLS (whatever they are).
IOCTL - Input/Output ConTroL
This does direct communication with the device driver. In this case
On 08/07/2006 02:39 PM, Glenn English wrote:
José Alburquerque wrote:
My problem is that I'd like cdrecord not to have the SUID set (the 's'
in '-rwsr-xr--' above). I'm not sure this is possible, but if it is and
someone out there knows, I'd really appreci
gt; permissions and everything works fine like this:
>
> [EMAIL PROTECTED]:~$ ll `which cdrecord`
> -rwsr-xr-- 1 root cdrom 133 2006-01-07 13:43 /usr/bin/cdrecord*
>
> My problem is that I'd like cdrecord not to have the SUID set (the 's'
> in '-rwsr-x
of that...
>
> Note, however, that if cdrecord doesn't run SUID root, it can't get
> realtime scheduling priority, so you could run into buffer underruns on a
> slow or heavily-loaded system.
It is not only about priorities. In fact most modern systems are
overpowered
#x27;t run SUID root, it can't get
realtime scheduling priority, so you could run into buffer underruns
on a slow or heavily-loaded system.
Makes a lot of sense. Thank you both very much.
Sincerely
Jose
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe"
On Mon, Aug 07, 2006 at 01:39:43PM -0600, Glenn English wrote:
If you want to do it without the extra group, just make the burner world
write-able. I don't see how a cracker could get much mileage out of that...
Note, however, that if cdrecord doesn't run SUID root, it can'
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
José Alburquerque wrote:
> My problem is that I'd like cdrecord not to have the SUID set (the 's'
> in '-rwsr-xr--' above). I'm not sure this is possible, but if it is and
> someone out there knows, I'
PROTECTED]:~$ ll `which cdrecord`
-rwsr-xr-- 1 root cdrom 133 2006-01-07 13:43 /usr/bin/cdrecord*
My problem is that I'd like cdrecord not to have the SUID set (the 's'
in '-rwsr-xr--' above). I'm not sure this is possible, but if it is and
someone out there knows,
José Alburquerque wrote:
> Does anyone know a way for regular users to use cdrecord for CD
> writing/blanking without the need for it to setuid? Any pointers would
> be greatly appreciated. Thanks!
I think you need to have at leas this:
chelcicky:~$ ll `which cdrecord`
-rwsr-xr-- 1 root cdrom 1
Does anyone know a way for regular users to use cdrecord for CD
writing/blanking without the need for it to setuid? Any pointers would
be greatly appreciated. Thanks!
Sincerely
Jose Alburquerque
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact
Hi all,
I have a Debian woody system and updated perl-suid package
(from 5.6.1-8.2 to 5.6.1-8.7).
I used neomail webmail and the following error occurs now:
"fd script not allowed in suidperl"
How I can fix this?
TIA, Paulo Henrique
--
To UNSUBSCRIBE, email to [EMAIL PROTECTE
n run X as root just fine. But when I try to run it as a user, I
get the following errors in /var/log/XFree86.0.log:
(WW) xf86ReadBIOS: Failed to open /dev/mem (Operation not permitted)
Fatal server error:
xf86OpenConsole: Server must be suid root
Here is some info:
XFree86 Version 4.2.1.1
ha
error:
xf86OpenConsole: Server must be suid root
Here is some info:
XFree86 Version 4.2.1.1
hardin:/usr/X11R6/bin# ls -l X*
-rwsr-sr-x1 root root 7476 Aug 29 11:30 X
-rwsr-sr-x1 root root 1584152 Aug 29 11:30 XFree86
-rwxr-xr-x1 root root27494 Aug 29 11:26
When cdrecord is run suid root it will work. However, it won't have
access to the function setpriority() listed below. If you want to do
away with those errors, you will have to run cdrecord as root (ex: sudo
cdrecord)
- Ryan
On Tue, Jun 03, 2003 at 01:39:40PM -0400, Chris Metzler
ion denied. WARNING: Cannot set priority using setpriority().
cdrecord: WARNING: This causes a high risk for buffer underruns.
>From searching the web/newsgroups, I can see that this is fairly
common -- cdrecord needs to be run as root, or as suid root. However,
there are a few important differ
On 19 Sep 2001, John Hasler wrote:
> Anthony writes:
> > I have no idea how all this happened, nor do I understand why /dev/ttyS0
> > had originally got incorrect permissions while /dev/ttyS1, etc, were
> > correct.
>
> Pppd once had a bug that caused it to fail to restore the permissions on
> the
Anthony writes:
> I have no idea how all this happened, nor do I understand why /dev/ttyS0
> had originally got incorrect permissions while /dev/ttyS1, etc, were
> correct.
Pppd once had a bug that caused it to fail to restore the permissions on
the serial port. I thought it was fixed long ago, t
:27:15 -0400 UTC), Ian Marlier
> > > > wrote:
> > > > > I feel like an idiot asking this, but how does one set something to
> > > > > run SUID?
> > > >
> > > > chmod u+s To setUID to the user that owns the file
> > > > ch
feel like an idiot asking this, but how does one set something to
> > > > run SUID?
> > >
> > > chmod u+s To setUID to the user that owns the file
> > > chmod g+s To setGID to the group that owns the file
> > >
> > > Standard disclaimer: Be
On 19 Sep 2001, Michael Heldebrant wrote:
> On Wed, 2001-09-19 at 08:35, Anthony Campbell wrote:
> > On 19 Sep 2001, Carel Fellinger wrote:
> > > On Wed, Sep 19, 2001 at 07:51:11AM +0100, Anthony Campbell wrote:
> > > > On 18 Sep 2001, Michael Heldebrant wrote:
> > > > > On Tue, 2001-09-18 at 10:59
On Wed, Sep 19, 2001 at 01:57:06PM +0100, Anthony Campbell wrote:
> On 19 Sep 2001, Carel Fellinger wrote:
...
> > group ownership:
> >
> > $ ls -l /dev/ttyS0
> > crw-rw1 root dialout4, 64 Jul 5 2000 /dev/ttyS0
...
> A good suggestion and in fact I found that the permiss
On Wed, 2001-09-19 at 08:35, Anthony Campbell wrote:
> On 19 Sep 2001, Carel Fellinger wrote:
> > On Wed, Sep 19, 2001 at 07:51:11AM +0100, Anthony Campbell wrote:
> > > On 18 Sep 2001, Michael Heldebrant wrote:
> > > > On Tue, 2001-09-18 at 10:59, Anthony Campbell wrote:
> > > > > I have to have m
On 19 Sep 2001, Carel Fellinger wrote:
> On Wed, Sep 19, 2001 at 07:51:11AM +0100, Anthony Campbell wrote:
> > On 18 Sep 2001, Michael Heldebrant wrote:
> > > On Tue, 2001-09-18 at 10:59, Anthony Campbell wrote:
> > > > I have to have minicom setuid root, even though I have added myself to
> > > >
On 19 Sep 2001, Carel Fellinger wrote:
> On Wed, Sep 19, 2001 at 07:51:11AM +0100, Anthony Campbell wrote:
> > On 18 Sep 2001, Michael Heldebrant wrote:
> > > On Tue, 2001-09-18 at 10:59, Anthony Campbell wrote:
> > > > I have to have minicom setuid root, even though I have added myself to
> > > >
On Wed, Sep 19, 2001 at 07:51:11AM +0100, Anthony Campbell wrote:
> On 18 Sep 2001, Michael Heldebrant wrote:
> > On Tue, 2001-09-18 at 10:59, Anthony Campbell wrote:
> > > I have to have minicom setuid root, even though I have added myself to
> > > the dialout group, which according to the man pag
On 18 Sep 2001, Michael Heldebrant wrote:
> On Tue, 2001-09-18 at 10:59, Anthony Campbell wrote:
> > I have to have minicom setuid root, even though I have added myself to
> > the dialout group, which according to the man page should allow access
> > to serial port devices. Any suggestions for what
On Wednesday 19 September 2001 12:27 am, Ian Marlier wrote:
> I feel like an idiot asking this, but how does one set something to
> run SUID? I can't figure out what change has to be made...I tried
> RTFM, but didn't see anything that seemed relevant, even in the man
> fil
On Wed, Sep 19, 2001 at 04:35:11AM +0800, csj wrote:
> On Wed, 2001-09-19 at 03:15, Jason Healy wrote:
> > At 1000834035s since epoch (09/18/01 13:27:15 -0400 UTC), Ian Marlier wrote:
> > > I feel like an idiot asking this, but how does one set something to
> > > run
On Tue, 2001-09-18 at 10:59, Anthony Campbell wrote:
> I have to have minicom setuid root, even though I have added myself to
> the dialout group, which according to the man page should allow access
> to serial port devices. Any suggestions for what's wrong?
You need to add yourself to the dialout
On Wed, 2001-09-19 at 03:15, Jason Healy wrote:
> At 1000834035s since epoch (09/18/01 13:27:15 -0400 UTC), Ian Marlier wrote:
> > I feel like an idiot asking this, but how does one set something to
> > run SUID?
>
> chmod u+s To setUID to the user that owns the file
> ch
At 1000834035s since epoch (09/18/01 13:27:15 -0400 UTC), Ian Marlier wrote:
> I feel like an idiot asking this, but how does one set something to
> run SUID?
chmod u+s To setUID to the user that owns the file
chmod g+s To setGID to the group that owns the file
Standard disclaimer: B
On Tuesday, September 18, 2001 10:27 AM, [EMAIL PROTECTED] wrote:
> I can't figure out what change has to be made...I tried
> RTFM, but didn't see anything that seemed relevant
Yeah, I'm not sure why,but neither 'man chmod' nor
'info chmod' answer th
I feel like an idiot asking this, but how does one set something to
run SUID? I can't figure out what change has to be made...I tried
RTFM, but didn't see anything that seemed relevant, even in the man
files for sudoers and the like.
- Ian
--
[EMAIL PROTECTED]
773 667 9763 (hom
I have to have minicom setuid root, even though I have added myself to
the dialout group, which according to the man page should allow access
to serial port devices. Any suggestions for what's wrong?
Anthony
--
Anthony Campbell - running Debian GNU/Linux (Windows-free zone).
For electronic books
On 04 Aug 2001, Matthias Fonfara wrote:
> Since I installed Dosemu 1.0.2 it reports suid root is not allowed
> because of insecure experimental code. I should recompile it without
> this code.
>
> But I have no idea what to change.
>
> Bye
> Matthias
> -
I had the s
> Harry Henry Gebel writes:
hhg> The mode is NOT seen as security enough. The private key is
hhg> encrypted using a symmetrical cipher whose key is derived
hhg> from a hash of the passphrase. (the exact cipher and hash can
hhg> be specified in an S2K block in the secret keyring
On Thu, Nov 30, 2000 at 09:03:57PM -0800, kmself@ix.netcom.com wrote:
> on Thu, Nov 30, 2000 at 10:57:53PM -0500, Harry Henry Gebel ([EMAIL
> PROTECTED]) wrote:
> > On Thu, Nov 30, 2000 at 10:09:26PM -0500, Chris Gray wrote:
> > > > "kmself" == kmself writes:
> > > >> You're probably ri
On Thu, Nov 30, 2000 at 09:01:50PM -0800, kmself@ix.netcom.com wrote:
> I did:
>
> gpg --armor --export-secret-keys kmself
>
> ...which did just that, without prompting for a passphrase. I think you
> may be right about that. Hmmm Still, the key doesn't work without
> the passphrase,
on Thu, Nov 30, 2000 at 10:57:53PM -0500, Harry Henry Gebel ([EMAIL PROTECTED])
wrote:
> On Thu, Nov 30, 2000 at 10:09:26PM -0500, Chris Gray wrote:
> > > "kmself" == kmself writes:
> > >> You're probably right about this (IANA security expert), but
> > >> these should only be reada
on Thu, Nov 30, 2000 at 10:09:26PM -0500, Chris Gray ([EMAIL PROTECTED]) wrote:
> > "kmself" == kmself writes:
>
> >> You're probably right about this (IANA security expert), but
> >> these should only be readable by root. Also, if you have a
> >> malicious root, your private k
On Thu, Nov 30, 2000 at 10:09:26PM -0500, Chris Gray wrote:
> > "kmself" == kmself writes:
> >> You're probably right about this (IANA security expert), but
> >> these should only be readable by root. Also, if you have a
> >> malicious root, your private key isn't going to be al
> "kmself" == kmself writes:
>> You're probably right about this (IANA security expert), but
>> these should only be readable by root. Also, if you have a
>> malicious root, your private key isn't going to be all that
>> safe anyway.
kmself> Well, on disk, your private
on Thu, Nov 30, 2000 at 07:09:02PM -0500, Chris Gray ([EMAIL PROTECTED]) wrote:
> > "kmself" == kmself writes:
>
> >> The other root programs shouldn't be looking at memory other
> >> than their own, or else they'd segfault. The major thing with
> >> memory-locking is that the
> "kmself" == kmself writes:
>> The other root programs shouldn't be looking at memory other
>> than their own, or else they'd segfault. The major thing with
>> memory-locking is that the memory never gets written to disk.
kmself> What about /proc/kcore or /dev/mem?
You'r
on Thu, Nov 30, 2000 at 04:36:18PM -0500, Chris Gray ([EMAIL PROTECTED]) wrote:
> >>>>> "kmself" == kmself writes:
>
> kmself> I'd also confirmed this on another box. Though I can
> kmself> never remember what the [EMAIL PROTECTED]&*
>>>>> "kmself" == kmself writes:
kmself> I'd also confirmed this on another box. Though I can
kmself> never remember what the [EMAIL PROTECTED]&*() mode bit is for SUID.
kmself> '4577' was what I was looking for, IIRC.
4755.
o, but I'd just
> get flamed
Mutt 'L' is your friend .
> > > It depends on how much you trust gnupg. Setting it SUID means that is
> > > can lock pages sure. But it also means that it has to be really secure
> > > - if you are running a single-user box t
On Thu, Nov 30, 2000 at 12:05:58PM -0800, kmself@ix.netcom.com wrote:
> Response redirected to list.
> Follow-up set to list.
Yea, sorry. I would suggest that the list set Reply-To, but I'd just get flamed
> > It depends on how much you trust gnupg. Setting it SUID means tha
age from gpg
> > since a system upgrade yesterday. Checking, I found that gpg was
> > not set SUID.
> >
> > I've set the SUID bit, but am wondering why this changed. I can't
> > find any notes about setting gnupg non-SUID in any of the obvious
> > locati
I'd been getting the "Warning: using shared memory" message from gpg
since a system upgrade yesterday. Checking, I found that gpg was not
set SUID.
I've set the SUID bit, but am wondering why this changed. I can't find
any notes about setting gnupg non-SUID in any of
On Mon, Sep 25, 2000 at 01:11:19PM -0700, [EMAIL PROTECTED] wrote:
> cron keeps telling me that some file from emacs is registered but not
> installed, from the suidmanager, whats the best way to go about removing
either use suidunregister (suidunregister /path/to/file) or just
delete the relevant
|> cron keeps telling me that some file from emacs is registered but
|> not installed, from the suidmanager, whats the best way to go about
|> removing this entry(i recently removed emacs totally since i never
|> use it)
I know, this is really annoying. `Movemail' is it?
s
cron keeps telling me that some file from emacs is registered but not
installed, from the suidmanager, whats the best way to go about removing
this entry(i recently removed emacs totally since i never use it)
thanks!
nate
:::
http://www.aphroland.org/
http://www.linuxpowered.net/
[EMAIL PROTECTE
On Sat, Sep 23, 2000 at 12:30:38AM -0500, William Jensen wrote:
> What is SUID? RipperX complains it wants to be run as SUID?
SUID is Set User I D. RipperX probably wants to SUID root?
That means that if joe user runs RipperX, it will be as if root had run it.
SUID is the cause of m
What is SUID? RipperX complains it wants to be run as SUID?
Wm
On Thu, Sep 14, 2000 at 10:18:37PM -0400, Jonathan D. Proulx wrote:
> If this machine is in your home *and* your internet connection is via
> intermittent dial-up with dynamic IP adressing, I say no big deal.
> If you have persistant internet connection (via LAN, xDSL, Cable) your
> risk goes way
your self to the "floppy" group in /etc/group,
then relogin. This will give you, and only you, permission to write to the
floppy device.
As for suid root, for "convenience", well, that's something we never do by
default. We setup perms on devices like this (and programs th
On Thu, 14 Sep 2000, Ethan Benson wrote:
> a better way to go is adding yourself to group floppy, then you can
> read and write /dev/fd0. this is less of a risk then making random
> binaries suid.
>
> sudo as someone else mentioned is also probably safer.
>
> just
On Thu, Sep 14, 2000 at 10:00:55PM -0400, Michael Soulier wrote:
>
> How do you guys feel about SUID root? For example, I'm here using
> supermount, finding it mildly annoying that I have to login as root to
> format a floppy. Is it against the "Debian way" to SU
On Thu, Sep 14, 2000 at 10:00:55PM -0400, Michael Soulier wrote:
:
: How do you guys feel about SUID root? For example, I'm here using
:supermount, finding it mildly annoying that I have to login as root to
:format a floppy. Is it against the "Debian way" to SUID root on
How do you guys feel about SUID root? For example, I'm here using
supermount, finding it mildly annoying that I have to login as root to
format a floppy. Is it against the "Debian way" to SUID root on supermount
and mformat for convenience? Does that cause a majo
1 - 100 of 176 matches
Mail list logo
