"Secure by default" is an OpenBSD slogan BTW. Or they have
made it into one at least. But I'm not sure it is any more
secure than Debian - maybe.
https://www.openbsd.org/security.html
--
underground experts united
https://dataswamp.org/~incal
On Wed, Mar 27, 2024 at 05:30:50PM -0400, Lee wrote:
> I just saw this advisory
> Escape sequence injection in util-linux wall (CVE-2024-28085)
> https://seclists.org/fulldisclosure/2024/Mar/35
> where they're talking about grabbing other users sudo password.
Are there any users logged in to
On Wed, Mar 27, 2024 at 10:22 PM Andy Smith wrote:
>
> Hello,
>
> On Thu, Mar 28, 2024 at 07:37:13AM +0800, jeremy ardley wrote:
> > Some distros, like Debian, do not seem to have a command like
> > command-not-found by default.
>
> […]
>
> > Which implies that Debian is secure by default again
On Wed, Mar 27, 2024 at 10:07 PM Andy Smith wrote:
>
> Hi,
>
> On Wed, Mar 27, 2024 at 05:30:50PM -0400, Lee wrote:
> > I just saw this advisory
> > Escape sequence injection in util-linux wall (CVE-2024-28085)
> > https://seclists.org/fulldisclosure/2024/Mar/35
> > where they're talking abou
Hello,
On Thu, Mar 28, 2024 at 07:37:13AM +0800, jeremy ardley wrote:
> Some distros, like Debian, do not seem to have a command like
> command-not-found by default.
[…]
> Which implies that Debian is secure by default against this particular
> exploit
I suspect if OP is worried about users
On 28/3/24 05:30, Lee wrote:
oof. Are there instructions somewhere on how to make Debian secure by default?
Further down the advisory is
"
Some distros, like Debian, do not seem to have a command like
command-not-found by default. There does not seem to be a way to
leak a users pass
Hi,
On Wed, Mar 27, 2024 at 05:30:50PM -0400, Lee wrote:
> I just saw this advisory
> Escape sequence injection in util-linux wall (CVE-2024-28085)
> https://seclists.org/fulldisclosure/2024/Mar/35
> where they're talking about grabbing other users sudo password.
It doesn't work by default
On Wed, Mar 27, 2024 at 4:47 PM nimrod wrote:
>
> I'm having this annoying behaviour from GDM (or something related).
>
> Quite ofter, after the GDM login screen appears, the host freezes completely:
> every input device is unresponsive, no ssh connection from another host is
> possible any more
I just saw this advisory
Escape sequence injection in util-linux wall (CVE-2024-28085)
https://seclists.org/fulldisclosure/2024/Mar/35
where they're talking about grabbing other users sudo password.
Apparently the root of the security issue is that wall is a setguid program?
Even more fun i
Thank you for your mail.
On Wed, Mar 27, 2024 at 12:42 AM Andy Smith wrote:
> On Tue, Mar 26, 2024 at 06:33:42PM +0100, Steffen Dettmer wrote:
> > I changed a gateway on a remote site using /etc/network/interfaces by
> > changing gateway. However, at reboot some old gateway IP reappears. I
I als
Hi,
I'm having this annoying behaviour from GDM (or something related).
Quite ofter, after the GDM login screen appears, the host freezes
completely: every input device is unresponsive, no ssh connection from
another host is possible any more, no CTRL+ALT+CANC/F1-F6 is working.
But the same happ
11 matches
Mail list logo
