On Tue, 2010-09-21 at 15:33 +0100, David Woodhouse wrote:
> Why on earth would that be critical? The firewall is just a band-aid. If
> it does anything useful, your system was broken (or infected) already.
>
> Seriously, if there is *any* case where the lack of firewall would be
> 'critical', ple
Once upon a time, David Woodhouse said:
> Why on earth would that be critical? The firewall is just a band-aid. If
> it does anything useful, your system was broken (or infected) already.
There are still a number of network daemons that don't have any
practical IP ACL setup. TCP wrappers only ki
W dniu 21 września 2010 16:33 użytkownik David Woodhouse
napisał:
> On Mon, 2010-09-20 at 11:56 +0200, Michał Piotrowski wrote:
>> 2010/9/20 Bryn M. Reeves :
>> > On 09/20/2010 06:43 AM, Ralph Loader wrote:
>> >>
>> >>> After all these years, something from the fedora repos
>> >>> (the only ones I
On Mon, 2010-09-20 at 11:56 +0200, Michał Piotrowski wrote:
> 2010/9/20 Bryn M. Reeves :
> > On 09/20/2010 06:43 AM, Ralph Loader wrote:
> >>
> >>> After all these years, something from the fedora repos
> >>> (the only ones I have active in my F14 partition) is still
> >>> creating an (empty) /etc/
Ralph Loader ihug.co.nz> writes:
> Looks like it's a minor security hole too:
>
> $ ls -l /etc/modprobe.conf
> -rw-rw-rw- 1 root root 0 Jun 27 17:50 /etc/modprobe.conf
>^^
Are you seeing this in F14? June 27 is pretty old.
--
test mailing list
test@lists.fedoraproject.org
To unsub
On Mon, 2010-09-20 at 09:53 -0400, Tom Horsley wrote:
> > > In the yum.log I see the time on modprobe.conf occurs
> > > in a gap in the yum updates:
> > >
> > > Aug 25 19:37:56 Updated: xorg-x11-drv-aiptek-1.3.1-1.fc14.x86_64
> > > Aug 25 20:02:56 Updated: libgcc-4.5.1-1.fc14.x86_64
> >
> > The f
> > In the yum.log I see the time on modprobe.conf occurs
> > in a gap in the yum updates:
> >
> > Aug 25 19:37:56 Updated: xorg-x11-drv-aiptek-1.3.1-1.fc14.x86_64
> > Aug 25 20:02:56 Updated: libgcc-4.5.1-1.fc14.x86_64
>
> The fix for https://bugzilla.redhat.com/show_bug.cgi?id=589593 was pushed
2010/9/20 Tom Horsley :
> On Mon, 20 Sep 2010 13:49:30 +0100
> Adam Williamson wrote:
>
>> What's the last-touched date of your /etc/modprobe.conf ? Do you know
>> when that is in relation to the lifetime of the install?
>
> Just poking around, I get the impression that it may have
> happened near
Tom Horsley gmail.com> writes:
> Interesting that on my system at least, the file isn't world
> writable. I hadn't noticed that before. Maybe there are multiple
> ways it can get created, or maybe some process is inheriting
> a umask that might be different? (The /spare partition is where I
> hav
On Mon, 20 Sep 2010 13:49:30 +0100
Adam Williamson wrote:
> What's the last-touched date of your /etc/modprobe.conf ? Do you know
> when that is in relation to the lifetime of the install?
Just poking around, I get the impression that it may have
happened near the first round of updates after I d
2010/9/20 Michał Piotrowski :
> 2010/9/20 Bryn M. Reeves :
>> On 09/20/2010 01:37 PM, Tom Horsley wrote:
>>> On Mon, 20 Sep 2010 11:56:56 +0200
>>> Michał Piotrowski wrote:
>>>
You can blacklist the firewall modules - it can be critical :)
>>>
>>> Actually, I think you can run any arbitrary co
Richard Shaw gmail.com> writes:
> I have some anecdotal evidence. I installed F13 (x86_64) on my dad's
> computer this weekend. I did not see the empty modprobe.conf until
> after I did a kernel update. The only packages I updated was the
> kernel and the firmware package at that time.
It could
2010/9/20 Richard Shaw :
> On Mon, Sep 20, 2010 at 7:49 AM, Adam Williamson wrote:
>> So, if this bug is valid as described it's a significant security issue.
>> However, I'm not sure it's simple. I've just checked, and none of my F14
>> test spins (basically RC2) have a modprobe.conf booted live.
2010/9/20 Bryn M. Reeves :
> On 09/20/2010 01:37 PM, Tom Horsley wrote:
>> On Mon, 20 Sep 2010 11:56:56 +0200
>> Michał Piotrowski wrote:
>>
>>> You can blacklist the firewall modules - it can be critical :)
>>
>> Actually, I think you can run any arbitrary command to
>> load a module,
Or pass any
On Mon, Sep 20, 2010 at 7:49 AM, Adam Williamson wrote:
> So, if this bug is valid as described it's a significant security issue.
> However, I'm not sure it's simple. I've just checked, and none of my F14
> test spins (basically RC2) have a modprobe.conf booted live. The clean
> installed system
On Mon, 2010-09-20 at 08:35 -0400, Tom Horsley wrote:
> On Sun, 19 Sep 2010 09:08:43 -0400
> Tom Horsley wrote:
>
> > After all these years, something from the fedora repos
> > (the only ones I have active in my F14 partition) is still
> > creating an (empty) /etc/modprobe.conf file.
>
> Well, I
On 09/20/2010 01:37 PM, Tom Horsley wrote:
> On Mon, 20 Sep 2010 11:56:56 +0200
> Michał Piotrowski wrote:
>
>> You can blacklist the firewall modules - it can be critical :)
>
> Actually, I think you can run any arbitrary command to
> load a module, so it is probably a gigantic security
> hole.
On Mon, 20 Sep 2010 11:56:56 +0200
Michał Piotrowski wrote:
> You can blacklist the firewall modules - it can be critical :)
Actually, I think you can run any arbitrary command to
load a module, so it is probably a gigantic security
hole.
--
test mailing list
test@lists.fedoraproject.org
To unsu
On Sun, 19 Sep 2010 09:08:43 -0400
Tom Horsley wrote:
> After all these years, something from the fedora repos
> (the only ones I have active in my F14 partition) is still
> creating an (empty) /etc/modprobe.conf file.
Well, I found something with a grep -r of the whole
f14 partition :-).
https:
Tom Horsley gmail.com> writes:
> After all these years, something from the fedora repos
> (the only ones I have active in my F14 partition) is still
> creating an (empty) /etc/modprobe.conf file.
It's definitely not the system-config-network bug, since that's now fixed in
everything except F12,
2010/9/20 Bryn M. Reeves :
> On 09/20/2010 06:43 AM, Ralph Loader wrote:
>>
>>> After all these years, something from the fedora repos
>>> (the only ones I have active in my F14 partition) is still
>>> creating an (empty) /etc/modprobe.conf file.
>>
>> Looks like it's a minor security hole too:
>
>
On 09/20/2010 06:43 AM, Ralph Loader wrote:
>
>> After all these years, something from the fedora repos
>> (the only ones I have active in my F14 partition) is still
>> creating an (empty) /etc/modprobe.conf file.
>
> Looks like it's a minor security hole too:
Not sure I'd call that minor consid
> After all these years, something from the fedora repos
> (the only ones I have active in my F14 partition) is still
> creating an (empty) /etc/modprobe.conf file.
Looks like it's a minor security hole too:
$ ls -l /etc/modprobe.conf
-rw-rw-rw- 1 root root 0 Jun 27 17:50 /etc/modprobe.conf
After all these years, something from the fedora repos
(the only ones I have active in my F14 partition) is still
creating an (empty) /etc/modprobe.conf file.
Maybe abrtd should add a special inotify thread that
watches /etc/ for a modprobe.conf file being created :-).
--
test mailing list
test@l
24 matches
Mail list logo
