Search Members Help

» Welcome Guest
[ Log In :: Register ]

Mini-ITX Boards Sale, Fanless BareBones Mini-ITX, Bootable 1G DSL USBs, 533MHz Fanless PC <-- SALE $200 each!
Get The Official Damn Small Linux Book. DSL Market , Great VPS hosting provided by Tektonic
Pages: (9) </ ... 2 3 4 5 6 [7] 8 9 >/

[ Track this topic :: Email this topic :: Print this topic ]

new topic new poll
Topic: DSL v3.3 RC2< Next Oldest | Next Newest >
curaga Offline





Group: Members
Posts: 2163
Joined: Feb. 2007
Posted: Mar. 13 2007,15:08 QUOTE

There are also many scripts in init.d that are never used.. If space is tight, why is all this just let be?

Oh, and have you now got the finnish keymap?


--------------
There's no such thing as life. Those mean little jocks invented it ;)
-
Windows is not a virus. A virus does something!
Back to top
Profile PM 
ron Offline





Group: Members
Posts: 72
Joined: July 2006
Posted: Mar. 13 2007,16:19 QUOTE

Quote (roberts @ Mar. 12 2007,18:14)
A very vague post.

But to quote the security announcement:
Quote
To execute this attack a malicious user needs shell access to the victim's machine.  The severity of this bug is considered low because local denial-of-service attacks are hard to prevent in general.


DSL primarily being single user (dsl) live CD or compressed image (frugal) desktop does not a server make.

Being single user, would mean an internal or local DoS would be self inititated?  See the quoted security above.

If you decide to install DSL as traditional hard drive installation and make it into a server, then you should take every precaution to protect it.

Servers and traditional hard installations cannot be supported as it is impossible to know the state of your machine and network environment.

Given the low level of this security announcement and the above facts regarding the intended use of DSL, no further action will be taken.

DSL does not necessarily have to be used in single user mode. It is possible to set it up with multi-user logins, and to use it to run a server with several users. This is not a problem with DSL distro. It is a problem for certain Linux kernel versions, affecting all distros. I know it requires shell access - I have seen this exploit in action on a Red Hat server running a 2.4.something kernel version. It does not require the attacker to be in super users group. But if the telnet port is open on a DSL server, then the kernel version becomes important. I am not suggesting any course of action - I was only interested whether it was possible to use this exploit on a DSL 3.0 (whether anyone had done it?)
Back to top
Profile PM 
jls legalize Offline





Group: Members
Posts: 476
Joined: April 2004
Posted: Mar. 14 2007,01:42 QUOTE

To dsl developers:
1)can u add autodetection of joystick without having to add
sudo insmod joydev
?
2)Maybe u can check knoppix way of adding language transations to your scripts



legalize cannabis, etc.
Back to top
Profile PM WEB ICQ MSN YIM 
jls legalize Offline





Group: Members
Posts: 476
Joined: April 2004
Posted: Mar. 14 2007,05:08 QUOTE

having in /opt/bootlocal.sh
iptables --table nat --append POSTROUTING --out-interface ppp0 -j MASQUERADE
I got the following error:
modprobe: can't locate module ip_tables................

with 3.2 there were no problems.

legalize cannabis, etc.
Back to top
Profile PM WEB ICQ MSN YIM 
jls legalize Offline





Group: Members
Posts: 476
Joined: April 2004
Posted: Mar. 14 2007,08:40 QUOTE

I'm also not sure that the wallpaper I choose gets reloaded upon reboot.

legalize cannabis, etc
Back to top
Profile PM WEB ICQ MSN YIM 
40 replies since Mar. 06 2007,04:46 < Next Oldest | Next Newest >

[ Track this topic :: Email this topic :: Print this topic ]

Pages: (9) </ ... 2 3 4 5 6 [7] 8 9 >/
new topic new poll
Quick Reply: DSL v3.3 RC2

Do you wish to enable your signature for this post?
Do you wish to enable emoticons for this post?
Track this topic
View All Emoticons
View iB Code