This is a multi-part message in MIME format. --------------162582D455F4AE63B21D4367 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit I've been asked for the fix for Irix's nsd. Here's what the man said. Cheers, Ben. -- http://www.apache-ssl.org/ben.html "My grandfather once told me that there are two kinds of people: those who work and those who take the credit. He told me to try to be in the first group; there was less competition there." - Indira Gandhi --------------162582D455F4AE63B21D4367 Content-Type: message/rfc822 Content-Transfer-Encoding: 7bit Content-Disposition: inline Received: from mailgate.algroup.co.uk (mailgate-fw.algroup.co.uk [192.168.254.5]) by freeby.ben.algroup.co.uk (8.6.12/8.6.12) with SMTP id TAA29509 for <benat_private>; Thu, 4 Feb 1999 19:19:59 GMT Received: (qmail 27584 invoked by uid 1002); 4 Feb 1999 19:19:37 -0000 Delivered-To: aldigit-benat_private Received: (qmail 15545 invoked from network); 4 Feb 1999 19:19:37 -0000 Received: from eastwood.aldigital.algroup.co.uk (194.128.162.193) by mailgate.algroup.co.uk with SMTP; 4 Feb 1999 19:19:37 -0000 Received: from algroup.co.uk ([193.195.56.225]) by eastwood.aldigital.algroup.co.uk (8.8.8/8.6.12) with ESMTP id TAA15768 for <benat_private>; Thu, 4 Feb 1999 19:19:36 GMT Message-ID: <36B9F2C8.9FED9106at_private> Date: Thu, 04 Feb 1999 19:19:36 +0000 From: Adam Laurie <adamat_private> Organization: A.L. Group plc X-Mailer: Mozilla 4.07 [en] (Win95; I) MIME-Version: 1.0 To: Ben Laurie <benat_private> Subject: Re: [Fwd: BUGTRAQ Digest - 1 Feb 1999 to 2 Feb 1999 (#1999-30)] References: <36B9E4F8.28D3374Bat_private> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit They're in the Irix 6.5.3 overlays, which were released a few days ago. They wouldn't tell me exactly what the exploit was, but the "fix" is to only allow the NFS to be mounted locally (whether they've done this sensibly or not I couldn't say, but I'll be installing the overlays on monday, so Watch This Space(tm)). cheers, Adam Ben Laurie wrote: > > Do we? > > Cheers, > > Ben. > > -- > http://www.apache-ssl.org/ben.html > > "My grandfather once told me that there are two kinds of people: those > who work and those who take the credit. He told me to try to be in the > first group; there was less competition there." > - Indira Gandhi > > ------------------------------------------------------------------------ > > Subject: Re: BUGTRAQ Digest - 1 Feb 1999 to 2 Feb 1999 (#1999-30) > Date: Thu, 04 Feb 1999 12:53:05 -0500 > From: Valdis.Kletnieksat_private > To: Ben Laurie <benat_private> > CC: BUGTRAQat_private > References: <19990203000741Z70265-9984+1008at_private> <36B83C58.4EC1B2E1at_private> > <36B888C5.633F0F77at_private> > > On Wed, 03 Feb 1999 17:35:01 GMT, you said: > > Speaking of which, we've been more than a little alarmed by the new dsn > > "security feature" which opens ports all over the place and exports > > stuff with NFS and generally does horrible stuff, but you can't switch > > it off if you want DNS (say SGI)! > > > > There's already a patch out for it, which hasn't been noted here, AFAIK, > > BTW. > > Do you have an SGI patch or bug number handy for this? I am not > finding any hits on 'nsd' or '/usr/sbin/nsd' in SupportFolio Online.. > > -- > Valdis Kletnieks > Computer Systems Senior Engineer > Virginia Tech > > ------------------------------------------------------------------------ > > Part 1.2.1.2 Type: application/pgp-signature -- Adam Laurie Tel: +44 (181) 742 0755 A.L. Digital Ltd. Fax: +44 (181) 742 5995 Voysey House Barley Mow Passage http://www.aldigital.co.uk London W4 4GB mailto:adamat_private UNITED KINGDOM PGP key on keyservers --------------162582D455F4AE63B21D4367--
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:32:38 PDT