On Thu, Nov 14, 2013 at 06:50:33AM +0100, Piotr Grzybowski wrote:
> My main point is: this patch means that every user that has access to
> who-knows-how restricted shell can open listen sockets, and unless
> someone thought of using grsecurity to deny access to bind(2) it is
> unrestricted.
Rest
Piotr Grzybowski writes:
> I can think of an attack, just provide me with ip address of the host
> :) and a root account password and login :)
Why bother with an attack if you are root?
Andreas.
--
Andreas Schwab, SUSE Labs, sch...@suse.de
GPG Key fingerprint = 0196 BAD8 1CE9 1970 F4BE 1748
On 14 November 2013 14:20, Andreas Schwab wrote:
> Piotr Grzybowski writes:
>
>> I can think of an attack, just provide me with ip address of the host
>> :) and a root account password and login :)
>
> Why bother with an attack if you are root?
Trusted Unix 'root' or 'root' in Solaris zones is
On 13 November 2013 15:46, Joel Martin wrote:
> Irek,
>
> Great feedback. Comments inline.
>
> On Wed, Nov 13, 2013 at 6:39 AM, Irek Szczesniak wrote:
>
>> ':' in *any* Unix paths is not wise because its already used by $PATH.
>> Likewise ';' is already occupied by version file systems.
>>
>
> I
On 12 November 2013 17:58, Chet Ramey wrote:
> On 11/7/13 10:31 AM, Simon Toedt wrote:
>
>>> Yes. There are a few issues with the bash-20131025 snapshot. I've
>>> attached a patch that fixes them.
>>
>> Chet, can you push the patch to git to avoid that other people stumble
>> over that build iss
On 11/8/13 6:26 PM, John Dawson wrote:
> The following surprised me. I thought line 4 of the output, and certainly
> line 5 of the output, should have said "0 /dev/fd/63" too. Is this behavior
> a bug?
I'm still looking at this. I have not had a great deal of time to
investigate.
Chet
--
``The
Maybe like some people, I'm playing around w/saving and storing
my .histfiles .. not on a line-by-line basis,
but with the histfiles sorted, & merged & erase dups in effect
and intention of throwing out short commands (one to 2-3 words)
I have most of that working , though right now the merging s
