-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi,
I've rewritten these two utilities to improve security. The new versions depend on OS-specific features to work, and rather than duplicate code (which is likely to introduce security issues), I chose to drop Linux support. These tools are therefore only available on Solaris login servers (e.g. willow) from now on.
- river.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 10-05-25 10:40 PM, River Tarnell wrote:
I've rewritten these two utilities to improve security.
May I ask what the security flaws were?
- -Mike
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Mike.lifeguard:
On 10-05-25 10:40 PM, River Tarnell wrote:
I've rewritten these two utilities to improve security.
May I ask what the security flaws were?
There was no specific problem (as far as I know), but they ran with more privileges than were necessary. The new versions use fine-grained privileges, reducing the impact of any security problems that might exist.
- river.
River Tarnell schrieb:
Hi,
I've rewritten these two utilities to improve security. The new versions depend on OS-specific features to work, and rather than duplicate code (which is likely to introduce security issues), I chose to drop Linux support. These tools are therefore only available on Solaris login servers (e.g. willow) from now on.
Please make dummies for linux, which just tell people to run the command on a solaris box like willow.
-- daniel
toolserver-l@lists.wikimedia.org