lostecho/oldlinux-files
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
af7120d204d37af256fa9bbca1572e91f89b8ef0
oldlinux-files/mail-archive/linux-admin/Volume2/digest187
gohigh a778c607a4 add directory mail-archive
2024-02-19 00:25:02 -05:00

593 lines
23 KiB
Plaintext
Raw Blame History

From: Digestifier <Linux-Admin-Request@senator-bedfellow.mit.edu>
To: Linux-Admin@senator-bedfellow.mit.edu
Reply-To: Linux-Admin@senator-bedfellow.mit.edu
Date: Thu, 13 Oct 94 14:13:44 EDT
Subject: Linux-Admin Digest #187
Linux-Admin Digest #187, Volume #2 Thu, 13 Oct 94 14:13:44 EDT
Contents:
Re: New Motif lib's for use with XFree 3.1 ? (John Burton)
Re: Xterminals with Linux as X server (Mark A. Davis)
Re: Please don't post security holess... (Steve Kneizys)
On PPP I can FTP but not SMTP (Michele Bini)
Re: Please don't post security holess... (Steve Kneizys)
Re: Security hole - has noone noticed so far? (David Barr)
Re: Security hole - has noone noticed so far? (Shawn D. McPeek)
Re: Please don't post security holess... (Tim Bass (Network Systems Engineer))
Re: "more" quit working. HELP!!! (Greck Cannon)
Re: Quick Q: Changing beep - where? (Kai Voigt)
Re: Please don't post security holess... (David Dyer-Bennet)
Linux [c]fdisk vs DOS (John D. Mitchell)
Re: Please don't post security holess... (Patrick Schaaf)
----------------------------------------------------------------------------
From: jcburt@gatsibm.larc.nasa.gov (John Burton)
Crossposted-To: comp.windows.x.i386unix,comp.windows.x.motif
Subject: Re: New Motif lib's for use with XFree 3.1 ?
Date: 13 Oct 1994 13:09:57 GMT
In article <Pine.SUN.3.91.941013153628.7105A-100000@huxley> Rajesh Raj <rxr401@huxley> writes:
On 10 Oct 1994, Craig Groeschel wrote:
> In article <Pine.SUN.3.90.941008125857.26941A-100000@huxley>,
> Rajesh Raj <rxr401@huxley> wrote:
> >I was in contact with tech@metrolink.com. They have no plan to recompile
> >Linux Motif 1.2.4 with X11R6 libraries. The tech guy advised me to use the
> >old X11R5 libraries.
>
> That's an interesting spin you have chosen to put on things.
> Yes, it's true we do not plan to update 1.2.x, but you left out why:
>
> Motif 2.0 is out. We are working on porting Motif 2.0 to Linux.
I am not trying to put "spin" on things. I posted what I gathered from
your response. Yes, Motif 2.0 is out, and it is known that Motif-vendors
are working on it. You are not revealing anything that was not known 30
days ago when I bought Motif for Linux from you.
Now, as you have chosen to speak for Metrolink would you like to clarify
a few things ?
1.When do you propose to make Motif 2.0 for Linux available ? How
much would it cost me to upgrade ? [You did not reply to the
e-mail in which I had asked these questions.]
2.Why is it that none of your advertisements (e.g., on tsx-11.mit.edu)
indicate that Motif 1.2.4 would *only* run with X11R5 libraries ?
[Most companies mention the hardware/software requirements in their
products.]
You know, this is an interesting point of view...A *new* product comes
out (XFree86 3.1) that is *not* compatible with an existing product
(Motif), yet instead of asking why the *new* product is not compatible
with the *existing* product, you choose to question *why* the existing
product is not immediately made compatible with the new product...the
logic is a bit skewed here...
Personally, I think the XFree folks should have consulted more with
the Motif folks *before* releasing their product so that most of these
incompatibility issues could be ironed out...
Also, I noticed a little disclaimer with the XFree stuff, something to
the effect that your X11R5 clients would not work properly with
XFree_3.1, so apparently this "incompatibility" is not just limited to
Motif. I *hope* there are some very good reasons for this apparent
gratuitous incompatibility, because I'd sure hate to have to recompile
or replace all or even most of my x-clients...
[...stuff deleted...]
The issue is not inadequate disk-space or old libraries. It is fine if
the author of a freeware does not specify the requirements of running the
program, but I have not known a commercial software that would not
specify the software/hardware requirements on its package.
Ummm...perhaps because the XFree folks held the testing so close to
their chests, the "commercial" software vendors were unaware of this
incompatibility till sometime shortly after the "freeware" was released?
Also, it is NOT "okay" for the author of a freeware program to not
specify the requirements of running the program, especially "freeware"
that is being used as the basis for many business applications...
Hopefully next time the XFree folks will be more open about their
testing, and this sort of problem will be eliminated long before a
public release...try looking at the development/testing activities for
the Linux system...*very* open policy, and from what I've seen, the
software is of *very* high quality...perhaps the XFree folk will take
note of that ?
John
--
--
John Burton
jcburt@gatsibm.larc.nasa.gov G & A Technical Software, Inc.
jcburt@gats486.larc.nasa.gov 28 Research Dr. Hampton, Va. 23666
(804) 865-7491 (voice) (804) 865-1021 (fax)
------------------------------
From: mark@taylor.infi.net (Mark A. Davis)
Subject: Re: Xterminals with Linux as X server
Date: Thu, 13 Oct 1994 13:10:25 GMT
klamer@ph.tn.tudelft.nl (Klamer Schutte) writes:
>In <1994Oct8.202354.20384@thor.xon.com> edwards@thor.xon.com (Ken Edwards) writes:
>:Ken Edwards (edwards@thor.xon.com) wrote:
>:: Mark A. Davis (mark@taylor.infi.net) wrote:
>:: : srini@igt.com (Srini Seetharam) writes:
>:: [ ... ]
>:: : >Currently, the Linux machines respond to it
>:: : >BUT the windows are managed by the
>:: : >Linux machine. As one can guess, once many Xterminals are served
>:: : >by a single Linux machine, it is soon overwhelmed.
>:: How many Xterminals are you looking to hook to one Linux machine?
>:: This is correct, the window manager (I use fvwm) does not impose much
>:: load on the host, if you have many Xterminals connected to a Linux box
>:: and is slowing down, you probably need more memory, faster processor, or
>:: more Linux boxes. [...]
>High response times you get from a system is most of the time due to to paging
>and / or swapping. Adding a faster CPU will not help you very much. Adding
>memory will.
Those machines with have enough RAM, and are not swapping, are more likely
to need better I/O devices. For example, I wonder if Srini's machine
serving those few Xterminals has an EISA bus, with an EISA scsiII HD
controller and fast drives, and an EISA ethernet card and serial ports
being used are off a smart EISA card..... Even with just a 486 66,
the proper amount of memory and speedy I/O should yield startling results.
>This 8 Meg is the amount of menory which is swapped in at a certain moment.
>A window manager typically is used often, and stays swapped in. So running
>this on a xterminal rather then on the host is a good way to save available RAM.
>Besides that, it is one of the X client programs you have to wait for when
>it should be paged in. Thaat is the major advantage of running it local -
>switching to another window does not cost the time to swap in the
>window manager anymore (but still perhaps the time to swap in another client!)
That does not make sense. Unix is *UNIX*, if everyone is using the same
window manager (very typical), then the binary is loaded only once into
memory and shared. Window managers are small compared to most X applications.
If you want to speed things up, lower loads on the host and net, then
add more memory to the Xterminals and make sure the Xterminal has backing
store enabled!
>(PS The above is based upon experiences with Sun Sparc 1 en 2 -- but will be
> similar for Linux boxes.)
Actually, no. The Sun (at least running 2.3) swapps like *MAD* with
16 MB of memory doing just about anything. I was quite disappointed.
On the other hand, my Linux box at home has 16MB of RAM and I can run
tons of stuff and still not swap. This might be due to the RISCness of
the Suns (I noticed binary sizes are often 50% bigger).
--
/--------------------------------------------------------------------------\
| Mark A. Davis | Lake Taylor Hospital | Norfolk,VA (804)-461-5001x431 |
| Director/SysAdmin | Information Systems | mark@taylor.infi.net |
\--------------------------------------------------------------------------/
------------------------------
Subject: Re: Please don't post security holess...
From: STEVO@acad.ursinus.edu (Steve Kneizys)
Date: 9 Oct 94 19:14:03 EST
Panzer Boy (panzer@dhp.com) wrote:
: Steve Kneizys (STEVO@acad.ursinus.edu) wrote:
: : If there was a security developers group, then the holes could
: : be emailed to them for evaluation so as not to publicize the hole
: : long before the fix. Or make a moderated comp.os.linux.security
: : group?
: comp.os.linux.security? Moderated? Gimme a break. By not releasing
: information about problems you are just limitting that information to the
: people who "really want it", no matter if they are "bad" or "good".
: If you are running any machine directly attached to the internet and you
: don't expect people to rattle the locks you have, you are extremely
: naive. If you expect by not posting publically that there are holes in
: systems, and expect that only "good" guys will get that information, then
: you are also extremely naive. You could wait for the CERT advisory about
: SMAIL, I'm sure one will be out in 4-6 weeks from now...
I never said do not release information...give me a break! You ever
read the CERT advisories? Ever notice how they do not tell people
exactly how to break in, but rather just tell where a vulnerability is
and an immediate workaround / something to disable/ the risks/ the fix?
A moderator might be able to help decide what info is critical to get out
and what might add to security risk instead of making things safer.
You ever wonder why they do not post the actual breakin procedure?
You didn't seem to have thought about that! CERT has some discretion.
I guess you would not be a good moderator for such a group then ;-)
Can you think of another way to reduce the risk?
Steve...
============================================================================
| Steve Kneizys Stevo@acad.ursinus.edu |
| Director P.O. Box 1000 |
| Academic Computing Collegeville, PA 19426 |
| Phone (215) 489 4111 x 2244 |
| Ursinus College FAX (215) 489 0634 |
============================================================================
------------------------------
From: bini@cli.di.unipi.it (Michele Bini)
Crossposted-To: comp.protocols.ppp
Subject: On PPP I can FTP but not SMTP
Date: 13 Oct 1994 13:40:48 GMT
I just installed PPP 2.1.1 on two Linux boxes, to setup a
point-to-point modem link (with no Internet connection).
The two systems are referred to as cassandra and pegasus in the
following.
The following work:
ftp
telnet
rlogin
finger
But the following don't:
talk (exits complaining with an "aborted talkd write: network is
unreachable" immediately after having sent the talk request to
the other machine talkd (the other machine rings, then talk
exits))
smail on smtp (when a message is sent from, say, cassandra, it
arrives to pegasus, but something goes wrong, and it's
not delivered. However, on cassandra, root receives a
mail messages, originating from MAIL-DAEMOD@pegasus,
showing a log about an smtp transfer which seems to
imply that the message arrived to pegasus, but then,
while pegasus was trying to do something in reply,
network went down ("network is unreachable" again))
Obviously, exchanging "cassandra" <-> "pegasus" doesn't affect the results.
Does someone have any suggestions/solutions?
Mail me, I'll summarize.
--
Michele Bini:
bini@cli.di.unipi.it
http://www.cli.di.unipi.it/~bini/intro
------------------------------
Subject: Re: Please don't post security holess...
From: STEVO@acad.ursinus.edu (Steve Kneizys)
Date: 9 Oct 94 20:00:11 EST
Tim Bass (Network Systems Engineer) (bass@cais2.cais.com) wrote:
: [stuff deleted]
: SOAPBOX
: In a free and open society, ALL information should be available.
: Many governments and orgs withhold information in the interest
: of 'security' to the detriment of society as a whole. All this
: done in the name of 'security'
: BACK ON THE GROUND
: [more stuff deleted]
All information eh? Like
Your sexual practices...how to make a nuclear device...your BANK CARD
mag strip info with your PIN #...medical history...trade secrets...
list of ppl's houses and how to defeat their home security system...
President's moment by moment schedule...usernames and passwords...
Why don't you just post all your root/system passwords!
:) :)
Steve...
------------------------------
From: barr@pop.psu.edu (David Barr)
Subject: Re: Security hole - has noone noticed so far?
Date: 9 Oct 1994 20:39:18 -0400
In article <LEE.94Oct7223327@netspace.students.brown.edu>,
Lee Silverman <lee@netspace.students.brown.edu> wrote:
>There's a good one! A sendmail bug was just reported a few months
>ago, adding yet another to the DOZENS of bugs reported about sendmail.
Yes, but those were all fixed. There are no outstanding security
bugs in sendmail, to my knowledge.
>Most of the bugs reported in sendmail give *outside* users access to
>your machine;
Historically, maybe, but not in recent memory. Most of the ones
recently require local access. Scanning the CERT archives, the
list is split about halfway betweeen local-only holes and remote
holes.
>this smail bug was only available to users who have
>already logged in.
Well there are *three* bugs in smail currently, and if memory serves,
at least one is remote.
>Big difference. Sendmail (The standard one,
>anyway, 8.6.9) arguably the single hardest unix package to configure
>correctly.
Okay, I'll argue with you. I found smail to be a total pain to install.
The documentation sucks, and the config file options aren't very obvious.
Sendmail's documentation is much more complete.
Smail has the "advantage" that it's not used nearly as much as sendmail,
and thus has less people pounding out the bugs on it. Sendmail may be
of bad design, but if there's a hole to be found, it gets found fairly
soon these days. Unfortunately it also means that once a bug _is_
found, a heck of a lot more people are affected. It's simple numbers games.
>Smail is a damn good program, and I use it all the time.
>I am going to check out Zmailer 2.97, but in the meantime, for ease
>and understandability, and for security reasons, I'm going to stick to
>smail rather than risk using sendmail.
There are also security problems with the current Zmailer. (Or
so I was told a couple months ago by someone who discovered some)
--Dave
------------------------------
From: smcpeek@isr0830.urh.uiuc.edu (Shawn D. McPeek)
Subject: Re: Security hole - has noone noticed so far?
Date: 10 Oct 1994 00:49:22 GMT
David Barr (barr@pop.psu.edu) wrote:
: recently require local access. Scanning the CERT archives, the
: list is split about halfway betweeen local-only holes and remote
: holes.
Where can one find these CERT archives?
------------------------------
From: bass@cais.cais.com (Tim Bass (Network Systems Engineer))
Subject: Re: Please don't post security holess...
Date: 10 Oct 1994 00:49:01 GMT
: : [more stuff deleted]
: All information eh? Like
: Your sexual practices...how to make a nuclear device...your BANK CARD
Inquiring minds want to know :-)
: mag strip info with your PIN #...medical history...trade secrets...
PIN # is 4231
Medical History.... dying slowly and painfully
Trade Secrets .... Need a contract vehicle to do services directly with
the US gov. PLEASE HELP !!
: list of ppl's houses and how to defeat their home security system...
: President's moment by moment schedule...usernames and passwords...
Let me see, now he's looking for medical insurance for Hillary :-)
: Why don't you just post all your root/system passwords!
All root passwds are the same: more$4me!
Give them a try !!!
: :) :)
: Steve...
Great come back Steve, I really set myself up for that one. See what
happens when I try to be an advocate for freedom ;-) Guess I'll leave my
soapbox on the washing machine next to my lost socks box.
Still, I think posting security holes is good. Posting all root passwds
might be fun though ! Nice idea.
------------------------------
From: greck@scaredy.catt.ncsu.edu (Greck Cannon)
Crossposted-To: comp.os.linux.misc
Subject: Re: "more" quit working. HELP!!!
Date: 13 Oct 1994 13:21:51 GMT
Tony Schwartz (tony@teleport.com) wrote in article <<tony.128.0016EE71@teleport.com>>:
> Recently my 'more' program quit working. I have tried several things with no
> success. When I type 'more filename', it simply goes to the next line. When
Are you running xdm? On machines running slackware 2.0.1+xdm, more goes haywire.
It starts buffering about 5 chars before if actually does anything with them, and
then processes them all at once. Unless I'm mistaken, more uses ncurses to do it's
work, and therein I believe lies the problem.
> I say "ls >more" I get a broken pipe error.
This won't work on any machine. more is a pipe. Try "ls | more".
^
a pipe
-greck
p.s. quick solution: use less.
--
Greck S. Cannon \ [He's] only bitter on the outside--inside
sophomore CSC major \ he's got creamy nougat.
greck@ \ -Slappy Squirrel
scaredy.catt.ncsu.edu \
===========================
set your URL to http://www.catt.ncsu.edu
------------------------------
From: kai@depeche.toppoint.de (Kai Voigt)
Subject: Re: Quick Q: Changing beep - where?
Date: 13 Oct 1994 07:20:15 GMT
In <1994Oct12.211251.34599@spillman.uucp> jamesk@spillman.uucp (James Knowles) writes:
>I must be blind, but can some kind soul point me in the right direction
>for changing the default "beep" sound?
in tcsh you can use a command as the beep signal.
alias beepcmd "cat ~/.dip.au > /dev/audio"
would play an .au file instead of beeping...
Kai
--
Kai Voigt, Werftstrasse 2, 24148 Kiel, Germany, +49 431 7297514
"3.2 Kostet EMail Geld?" "... Aus verstaendlichen Gruenden wird es nicht
gerne gesehen, dass unnoetige oder gar private Mails verschickt werden."
-- aus FAQ der Informatik, Uni-Kiel
------------------------------
From: ddb@terrabit.mn.org (David Dyer-Bennet)
Subject: Re: Please don't post security holess...
Date: Thu, 13 Oct 1994 03:12:36 GMT
sheela@er7.rutgers.edu (Isis Leslie) writes:
>I'm rather unconfortable with the posting of all of these security holes.
>For a while I was under the impression that this was a no-no, and that
>while sure, posting a "fix" or "work around will tell those in the know
>just what the whole is, at least it makes it a little tougher.
I can't reasonably evaluate a patch that doesn't include a description
of what it fixes. And I hope you aren't suggesting that people apply
any patch that anybody posts!
Historically, not posting bug reports seems to result in bugs not
getting fixed. After watching the net for, um, a number of years now,
I'm firmly in favor of full disclosure.
--
David Dyer-Bennet, proprietor, The Terraboard Minneapolis, MN
ddb@network.com, ddb@terrabit.mn.org, ddb@mtn.org
Web URL: http://www.mtn.org/~ddb (SF, photo)
------------------------------
From: johnm@cory.EECS.Berkeley.EDU (John D. Mitchell)
Crossposted-To: ucb.os.linux
Subject: Linux [c]fdisk vs DOS
Date: 11 Oct 1994 16:40:44 GMT
I've got two machines that are almost identical. Both are using BusLogic
445s VL-Bus SCSI-2 controllers onto Micropolis SCSI disks (one is 1.7 GB
and one is 1.0 GB).
The 1.7 GB machine is running MS-DOS v6.20 and Linux 1.1.47 (the Yggdrasil
Fall '94 CD). I partitioned this using the cfdisk program that was
installed with Linux creating the following partitions:
/dev/sda1 500 MB for DOS
/dev/sda2 32 MB for swap
/dev/sda3 448 MB for Linux root
/dev/sda4 700+ MB for Linux home
When I boot into DOS on that machine DOS correctly states that it's got 500
MB of disk space (and whatever I have left (110+ MB :-) is correct too).
The 1.0 GB machine is running MS-DOS v6.21 and the same Linux as above. I
partitioned this using the cfdisk from Linux as follows:
/dev/sda1 384 MB for DOS
/dev/sda2 32 MB for swap
/dev/sda3 384 MB for Linux root
/dev/sda4 200+ MB for Linux home
When I boot to DOS on this machine DOS says that it's got all 1.0 GB of
disk space. I've tried re-partitioning the drive, reformatting it, etc.
but none of that made any difference. All of the partitions are primary
and I set the active/boot partition to the DOS partition. At this point
I'm inclined to believe that it's a 'feature' of MS-DOS v6.21 but...
Thanks,
John
------------------------------
From: bof@wg.saar.de (Patrick Schaaf)
Crossposted-To: comp.security.misc
Subject: Re: Please don't post security holess...
Date: 12 Oct 1994 11:09:25 -0000
mkshenk@u.washington.edu (M. K. Shenk) writes:
>I am not talking about doing anything with the system..) typing a
>correct response to a password prompt for an account which is
>not yours and hanging up does no harm.
... unless it triggers all kinds of alarm bells set up to alert the
security conscious admin of the Bad Guys. Figuring out that you are
not malicious takes time.
According to your argument, opening car doors is ok as long as you
close it immediately. I hate the sound of car alarm systems in the night...
>Can someone propose a location where followups would be more germane?
>We're sort of off-topic.
Completely off-topic. F'ups to comp.security.misc. It would probably
be better to drop the topic completely, because it was beaten to death
a zillion times, but that's Usenet for you...
bye
Patrick
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: Linux-Admin-Request@NEWS-DIGESTS.MIT.EDU
You can send mail to the entire list (and comp.os.linux.admin) via:
Internet: Linux-Admin@NEWS-DIGESTS.MIT.EDU
Linux may be obtained via one of these FTP sites:
nic.funet.fi pub/OS/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Admin Digest
******************************
Reference in New Issue View Git Blame Copy Permalink