From owner-freebsd-security@FreeBSD.ORG Sun Nov 9 02:04:56 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ADBA516A4CE for ; Sun, 9 Nov 2003 02:04:56 -0800 (PST) Received: from mail.intellex.com (mail.intellex.com [199.233.213.4]) by mx1.FreeBSD.org (Postfix) with SMTP id 0253943FF9 for ; Sun, 9 Nov 2003 02:04:54 -0800 (PST) (envelope-from root@mail.intellex.com) Received: (qmail 46620 invoked by uid 0); 9 Nov 2003 08:46:54 -0000 Received: (qmail 83941 invoked from network); 7 Nov 2003 13:12:41 -0000 Received: from mx2.freebsd.org (216.136.204.119) by mail.intellex.com with SMTP; 7 Nov 2003 13:12:41 -0000 Received: from hub.freebsd.org (hub.freebsd.org [216.136.204.18]) by mx2.freebsd.org (Postfix) with ESMTP id 1361B57822; Fri, 7 Nov 2003 05:05:22 -0800 (PST) (envelope-from owner-freebsd-stable@freebsd.org) Received: from hub.freebsd.org (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id AC3C416A4DB; Fri, 7 Nov 2003 05:05:20 -0800 (PST) Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 33FC816A4CE; Fri, 7 Nov 2003 05:04:01 -0800 (PST) Received: from hotmail.com (law11-f101.law11.hotmail.com [64.4.17.101]) by mx1.FreeBSD.org (Postfix) with ESMTP id A637543F3F; Fri, 7 Nov 2003 05:04:00 -0800 (PST) (envelope-from parisstc@hotmail.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Fri, 7 Nov 2003 05:04:00 -0800 Received: from 193.218.96.180 by lw11fd.law11.hotmail.msn.com with HTTP; Fri, 07 Nov 2003 13:04:00 GMT X-Originating-IP: [193.218.96.180] X-Originating-Email: [parisstc@hotmail.com] From: "paris stefas" To: mike@voyager.unix-systems.net Date: Fri, 07 Nov 2003 13:04:00 +0000 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 07 Nov 2003 13:04:00.0584 (UTC) FILETIME=[9C993C80:01C3A52F] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Sender: owner-freebsd-stable@freebsd.org Errors-To: owner-freebsd-stable@freebsd.org cc: stable@freebsd.org cc: security@freebsd.org Subject: Re: hack ? - urgent X-BeenThere: freebsd-security@freebsd.org List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 09 Nov 2003 10:04:56 -0000 Dude, you got defaced probably or someone from the inside has a great sence of humour :-P >From: Marco Trentini >Reply-To: mark@remotelab.org >To: Miha Nedok >CC: stable@freebsd.org, security@freebsd.org >Subject: Re: hack ? - urgent >Date: Fri, 07 Nov 2003 13:08:26 +0100 > >Miha Nedok wrote: >>Hi ! >> >>Today I have noticed some modified index.html files on some of our vhosts. >>Is it Apache related ? Does anyone know about this ? >> >>The content is following: >>IR4DEX ownz you FreeBSD - contato: ir4dex@hotmail.com > >Is your apache version update? > >Maybe IR4DEX knows more about it :) > >-- >Marco Trentini mark@remotelab.org >http://www.remotelab.org/ > >_______________________________________________ >freebsd-security@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-security >To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" _________________________________________________________________ The new MSN 8: advanced junk mail protection and 2 months FREE* http://join.msn.com/?page=features/junkmail _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" From owner-freebsd-security@FreeBSD.ORG Tue Nov 11 08:13:36 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BCAB216A4CF for ; Tue, 11 Nov 2003 08:13:36 -0800 (PST) Received: from lakemtao04.cox.net (lakemtao04.cox.net [68.1.17.241]) by mx1.FreeBSD.org (Postfix) with ESMTP id 302E943FBF for ; Tue, 11 Nov 2003 08:13:35 -0800 (PST) (envelope-from jbanghart@cisecurity.org) Received: from cambot ([68.101.39.9]) by lakemtao04.cox.net (InterMail vM.5.01.06.05 201-253-122-130-105-20030824) with ESMTP id <20031111161334.FUKM19895.lakemtao04.cox.net@cambot> for ; Tue, 11 Nov 2003 11:13:34 -0500 From: "John Banghart" To: Date: Tue, 11 Nov 2003 11:13:27 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.5510 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Thread-Index: AcOobr1UVe/UJJLWSKWiJIx7Poqtkg== Message-Id: <20031111161334.FUKM19895.lakemtao04.cox.net@cambot> Subject: Center for Internet Security FreeBSD benchmark X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Nov 2003 16:13:36 -0000 Hello everyone, CIS (http://www.cisecurity.org) is a non-profit that develops security benchmarks and scoring tools for free distribution. We have a project underway to create a FreeBSD benchmark which would be used extensively in the federal government and private business. However, we need some additional FreeBSD experts to help us drive the project. Until recently, Rich Murphy was helping us, but other commitments have forced him to suspend his work. If anyone is interested and/or would like additional information, please let me know. Thank you. -- John Banghart, CISSP, GCFA Director of Benchmark Services The Center for Internet Security jbanghart@cisecurity.org, 703-716-0199 From owner-freebsd-security@FreeBSD.ORG Wed Nov 12 23:02:57 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6F50616A4CE for ; Wed, 12 Nov 2003 23:02:57 -0800 (PST) Received: from spf13.us4.outblaze.com (205-158-62-67.outblaze.com [205.158.62.67]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9B21643F75 for ; Wed, 12 Nov 2003 23:02:56 -0800 (PST) (envelope-from beastie88@bsdmail.org) Received: from 205-158-62-68.outblaze.com (205-158-62-68.outblaze.com [205.158.62.68]) by spf13.us4.outblaze.com (Postfix) with QMQP id 3EFED1803299 for ; Thu, 13 Nov 2003 07:02:56 +0000 (GMT) Received: (qmail 34361 invoked from network); 13 Nov 2003 07:02:56 -0000 Received: from unknown (HELO ws5-7.us4.outblaze.com) (205.158.62.156) by 205-158-62-153.outblaze.com with SMTP; 13 Nov 2003 07:02:56 -0000 Received: (qmail 570 invoked by uid 1001); 13 Nov 2003 07:02:56 -0000 Message-ID: <20031113070256.569.qmail@bsdmail.com> Content-Type: text/plain; charset="iso-8859-1" Content-Disposition: inline Content-Transfer-Encoding: 7bit MIME-Version: 1.0 X-Mailer: MIME-tools 5.41 (Entity 5.404) Received: from [203.130.203.61] by ws5-7.us4.outblaze.com with http for beastie88@bsdmail.org; Thu, 13 Nov 2003 15:02:55 +0800 From: "88 beastie" To: freebsd-security@freebsd.org Date: Thu, 13 Nov 2003 15:02:55 +0800 X-Originating-Ip: 203.130.203.61 X-Originating-Server: ws5-7.us4.outblaze.com Subject: really clean install? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Nov 2003 07:02:57 -0000 Good evening, I was finish the FreeBSD4.9 installation from CD, and only do some edit with the /etc/rc.firewall, /etc/rc.conf, /boot/defaults/loader.conf, and recompiling the kernel to support my ext2 backup harddisk, with sndcard support too. This's a old laptop (ibm380z), i have chkrootkit warning after all finished, i attached my uname -a, dmesg, pkg_info and chkrootkit result, please guide me whether my machine have problem? or it's a bug? Sorry I just play with HandBook for a month, I'm totally newbie who afraid is hacked, please help! Thanks in advance! -- _______________________________________________ Get your free email from http://mymail.bsdmail.com Powered by Outblaze From owner-freebsd-security@FreeBSD.ORG Wed Nov 12 23:05:25 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5326016A4CE for ; Wed, 12 Nov 2003 23:05:25 -0800 (PST) Received: from spf13.us4.outblaze.com (205-158-62-67.outblaze.com [205.158.62.67]) by mx1.FreeBSD.org (Postfix) with ESMTP id 56F5A43F85 for ; Wed, 12 Nov 2003 23:05:24 -0800 (PST) (envelope-from beastie88@bsdmail.org) Received: from 205-158-62-68.outblaze.com (205-158-62-68.outblaze.com [205.158.62.68]) by spf13.us4.outblaze.com (Postfix) with QMQP id 185E21800FD0 for ; Thu, 13 Nov 2003 07:05:24 +0000 (GMT) Received: (qmail 46843 invoked from network); 13 Nov 2003 07:05:23 -0000 Received: from unknown (HELO ws5-2.us4.outblaze.com) (205.158.62.133) by 205-158-62-153.outblaze.com with SMTP; 13 Nov 2003 07:05:23 -0000 Received: (qmail 14105 invoked by uid 1001); 13 Nov 2003 07:05:23 -0000 Message-ID: <20031113070523.14104.qmail@bsdmail.com> Content-Type: multipart/mixed; boundary="----------=_1068707123-10904-0" Content-Transfer-Encoding: 7bit MIME-Version: 1.0 X-Mailer: MIME-tools 5.41 (Entity 5.404) Received: from [203.130.203.61] by ws5-3.us4.outblaze.com with http for beastie88@bsdmail.org; Thu, 13 Nov 2003 15:05:23 +0800 From: "88 beastie" To: freebsd-security@freebsd.org Date: Thu, 13 Nov 2003 15:05:23 +0800 X-Originating-Ip: 203.130.203.61 X-Originating-Server: ws5-3.us4.outblaze.com Subject: really clean install? - attachments X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Nov 2003 07:05:25 -0000 This is a multi-part message in MIME format... ------------=_1068707123-10904-0 Content-Type: text/plain; charset="iso-8859-1" Content-Disposition: inline Content-Transfer-Encoding: 7bit -- _______________________________________________ Get your free email from http://mymail.bsdmail.com Powered by Outblaze ------------=_1068707123-10904-0 Content-Type: application/octet-stream; name="chkrootkit.20031113" Content-Disposition: attachment; filename="chkrootkit.20031113" Content-Transfer-Encoding: base64 Uk9PVERJUiBpcyBgLycKQ2hlY2tpbmcgYGFtZCcuLi4gbm90IGluZmVjdGVk CkNoZWNraW5nIGBiYXNlbmFtZScuLi4gbm90IGluZmVjdGVkCkNoZWNraW5n IGBiaWZmJy4uLiBub3QgaW5mZWN0ZWQKQ2hlY2tpbmcgYGNoZm4nLi4uIElO RkVDVEVECkNoZWNraW5nIGBjaHNoJy4uLiBJTkZFQ1RFRApDaGVja2luZyBg Y3JvbicuLi4gbm90IGluZmVjdGVkCkNoZWNraW5nIGBkYXRlJy4uLiBJTkZF Q1RFRApDaGVja2luZyBgZHUnLi4uIG5vdCBpbmZlY3RlZApDaGVja2luZyBg ZGlybmFtZScuLi4gbm90IGluZmVjdGVkCkNoZWNraW5nIGBlY2hvJy4uLiBu b3QgaW5mZWN0ZWQKQ2hlY2tpbmcgYGVncmVwJy4uLiBub3QgaW5mZWN0ZWQK Q2hlY2tpbmcgYGVudicuLi4gbm90IGluZmVjdGVkCkNoZWNraW5nIGBmaW5k Jy4uLiBub3QgaW5mZWN0ZWQKQ2hlY2tpbmcgYGZpbmdlcmQnLi4uIG5vdCBp bmZlY3RlZApDaGVja2luZyBgZ3BtJy4uLiBub3QgZm91bmQKQ2hlY2tpbmcg YGdyZXAnLi4uIG5vdCBpbmZlY3RlZApDaGVja2luZyBgaGRwYXJtJy4uLiBu b3QgZm91bmQKQ2hlY2tpbmcgYHN1Jy4uLiBub3QgaW5mZWN0ZWQKQ2hlY2tp bmcgYGlmY29uZmlnJy4uLiBub3QgaW5mZWN0ZWQKQ2hlY2tpbmcgYGluZXRk Jy4uLiBub3QgdGVzdGVkCkNoZWNraW5nIGBpbmV0ZGNvbmYnLi4uIG5vdCBp bmZlY3RlZApDaGVja2luZyBgaWRlbnRkJy4uLiBub3QgZm91bmQKQ2hlY2tp bmcgYGluaXQnLi4uIG5vdCBpbmZlY3RlZApDaGVja2luZyBga2lsbGFsbCcu Li4gbm90IGluZmVjdGVkCkNoZWNraW5nIGBsZHNvcHJlbG9hZCcuLi4gbm90 IHRlc3RlZApDaGVja2luZyBgbG9naW4nLi4uIG5vdCBpbmZlY3RlZApDaGVj a2luZyBgbHMnLi4uIElORkVDVEVECkNoZWNraW5nIGBsc29mJy4uLiBub3Qg Zm91bmQKQ2hlY2tpbmcgYG1haWwnLi4uIG5vdCBpbmZlY3RlZApDaGVja2lu ZyBgbWluZ2V0dHknLi4uIG5vdCBmb3VuZApDaGVja2luZyBgbmV0c3RhdCcu Li4gbm90IGluZmVjdGVkCkNoZWNraW5nIGBuYW1lZCcuLi4gbm90IGluZmVj dGVkCkNoZWNraW5nIGBwYXNzd2QnLi4uIG5vdCBpbmZlY3RlZApDaGVja2lu ZyBgcGlkb2YnLi4uIG5vdCBmb3VuZApDaGVja2luZyBgcG9wMicuLi4gbm90 IGZvdW5kCkNoZWNraW5nIGBwb3AzJy4uLiBub3QgZm91bmQKQ2hlY2tpbmcg YHBzJy4uLiBJTkZFQ1RFRApDaGVja2luZyBgcHN0cmVlJy4uLiBub3QgZm91 bmQKQ2hlY2tpbmcgYHJwY2luZm8nLi4uIG5vdCBpbmZlY3RlZApDaGVja2lu ZyBgcmxvZ2luZCcuLi4gbm90IGluZmVjdGVkCkNoZWNraW5nIGByc2hkJy4u LiBub3QgaW5mZWN0ZWQKQ2hlY2tpbmcgYHNsb2dpbicuLi4gbm90IGluZmVj dGVkCkNoZWNraW5nIGBzZW5kbWFpbCcuLi4gbm90IGluZmVjdGVkCkNoZWNr aW5nIGBzc2hkJy4uLiBub3QgaW5mZWN0ZWQKQ2hlY2tpbmcgYHN5c2xvZ2Qn Li4uIG5vdCBpbmZlY3RlZApDaGVja2luZyBgdGFyJy4uLiBub3QgaW5mZWN0 ZWQKQ2hlY2tpbmcgYHRjcGQnLi4uIG5vdCBpbmZlY3RlZApDaGVja2luZyBg dGNwZHVtcCcuLi4gbm90IGluZmVjdGVkCkNoZWNraW5nIGB0b3AnLi4uIG5v dCBpbmZlY3RlZApDaGVja2luZyBgdGVsbmV0ZCcuLi4gbm90IGluZmVjdGVk CkNoZWNraW5nIGB0aW1lZCcuLi4gbm90IGluZmVjdGVkCkNoZWNraW5nIGB0 cmFjZXJvdXRlJy4uLiBub3QgaW5mZWN0ZWQKQ2hlY2tpbmcgYHZkaXInLi4u IG5vdCBmb3VuZApDaGVja2luZyBgdycuLi4gbm90IGluZmVjdGVkCkNoZWNr aW5nIGB3cml0ZScuLi4gbm90IGluZmVjdGVkCkNoZWNraW5nIGBhbGllbnMn Li4uIG5vIHN1c3BlY3QgZmlsZXMKU2VhcmNoaW5nIGZvciBzbmlmZmVyJ3Mg bG9ncywgaXQgbWF5IHRha2UgYSB3aGlsZS4uLiBub3RoaW5nIGZvdW5kClNl YXJjaGluZyBmb3IgSGlEcm9vdGtpdCdzIGRlZmF1bHQgZGlyLi4uIG5vdGhp bmcgZm91bmQKU2VhcmNoaW5nIGZvciB0MHJuJ3MgZGVmYXVsdCBmaWxlcyBh bmQgZGlycy4uLiBub3RoaW5nIGZvdW5kClNlYXJjaGluZyBmb3IgdDBybidz IHY4IGRlZmF1bHRzLi4uIG5vdGhpbmcgZm91bmQKU2VhcmNoaW5nIGZvciBM aW9uIFdvcm0gZGVmYXVsdCBmaWxlcyBhbmQgZGlycy4uLiBub3RoaW5nIGZv dW5kClNlYXJjaGluZyBmb3IgUlNIQSdzIGRlZmF1bHQgZmlsZXMgYW5kIGRp ci4uLiBub3RoaW5nIGZvdW5kClNlYXJjaGluZyBmb3IgUkgtU2hhcnBlJ3Mg ZGVmYXVsdCBmaWxlcy4uLiBub3RoaW5nIGZvdW5kClNlYXJjaGluZyBmb3Ig QW1iaWVudCdzIHJvb3RraXQgKGFyaykgZGVmYXVsdCBmaWxlcyBhbmQgZGly cy4uLiBub3RoaW5nIGZvdW5kClNlYXJjaGluZyBmb3Igc3VzcGljaW91cyBm aWxlcyBhbmQgZGlycywgaXQgbWF5IHRha2UgYSB3aGlsZS4uLiBub3RoaW5n IGZvdW5kClNlYXJjaGluZyBmb3IgTFBEIFdvcm0gZmlsZXMgYW5kIGRpcnMu Li4gbm90aGluZyBmb3VuZApTZWFyY2hpbmcgZm9yIFJhbWVuIFdvcm0gZmls ZXMgYW5kIGRpcnMuLi4gbm90aGluZyBmb3VuZApTZWFyY2hpbmcgZm9yIE1h bmlhYyBmaWxlcyBhbmQgZGlycy4uLiBub3RoaW5nIGZvdW5kClNlYXJjaGlu ZyBmb3IgUksxNyBmaWxlcyBhbmQgZGlycy4uLiBub3RoaW5nIGZvdW5kClNl YXJjaGluZyBmb3IgRHVjb2NpIHJvb3RraXQuLi4gbm90aGluZyBmb3VuZApT ZWFyY2hpbmcgZm9yIEFkb3JlIFdvcm0uLi4gbm90aGluZyBmb3VuZApTZWFy Y2hpbmcgZm9yIFNoaXRDIFdvcm0uLi4gbm90aGluZyBmb3VuZApTZWFyY2hp bmcgZm9yIE9tZWdhIFdvcm0uLi4gbm90aGluZyBmb3VuZApTZWFyY2hpbmcg Zm9yIFNhZG1pbmQvSUlTIFdvcm0uLi4gbm90aGluZyBmb3VuZApTZWFyY2hp bmcgZm9yIE1vbktpdC4uLiBub3RoaW5nIGZvdW5kClNlYXJjaGluZyBmb3Ig U2hvd3RlZS4uLiBub3RoaW5nIGZvdW5kClNlYXJjaGluZyBmb3IgT3B0aWNL aXQuLi4gbm90aGluZyBmb3VuZApTZWFyY2hpbmcgZm9yIFQuUi5LLi4uIG5v dGhpbmcgZm91bmQKU2VhcmNoaW5nIGZvciBNaXRocmEuLi4gbm90aGluZyBm b3VuZApTZWFyY2hpbmcgZm9yIE9CU0QgcmsgdjEuLi4gbm90aGluZyBmb3Vu ZApTZWFyY2hpbmcgZm9yIExPQyByb290a2l0IC4uLiBub3RoaW5nIGZvdW5k ClNlYXJjaGluZyBmb3IgUm9tYW5pYW4gcm9vdGtpdCAuLi4gbm90aGluZyBm b3VuZApTZWFyY2hpbmcgZm9yIFN1Y2tpdCByb290a2l0IC4uLiBub3RoaW5n IGZvdW5kClNlYXJjaGluZyBmb3IgVm9sYyByb290a2l0IC4uLiBub3RoaW5n IGZvdW5kClNlYXJjaGluZyBmb3IgR29sZDIgcm9vdGtpdCAuLi4gbm90aGlu ZyBmb3VuZApTZWFyY2hpbmcgZm9yIFRDMiBXb3JtIGRlZmF1bHQgZmlsZXMg YW5kIGRpcnMuLi4gbm90aGluZyBmb3VuZApTZWFyY2hpbmcgZm9yIEFub25v eWluZyByb290a2l0IGRlZmF1bHQgZmlsZXMgYW5kIGRpcnMuLi4gbm90aGlu ZyBmb3VuZApTZWFyY2hpbmcgZm9yIFpLIHJvb3RraXQgZGVmYXVsdCBmaWxl cyBhbmQgZGlycy4uLiBub3RoaW5nIGZvdW5kClNlYXJjaGluZyBmb3IgYW5v bWFsaWVzIGluIHNoZWxsIGhpc3RvcnkgZmlsZXMuLi4gbm90aGluZyBmb3Vu ZApDaGVja2luZyBgYXNwJy4uLiBub3QgaW5mZWN0ZWQKQ2hlY2tpbmcgYGJp bmRzaGVsbCcuLi4gbm90IGluZmVjdGVkCkNoZWNraW5nIGBsa20nLi4uIG5v dGhpbmcgZGV0ZWN0ZWQKQ2hlY2tpbmcgYHJleGVkY3MnLi4uIG5vdCBmb3Vu ZApDaGVja2luZyBgc25pZmZlcicuLi4gCmxwMCBpcyBub3QgcHJvbWlzYwpm YWl0aDAgaXMgbm90IHByb21pc2MKZXAwIGlzIG5vdCBwcm9taXNjCkNoZWNr aW5nIGB3dGVkJy4uLiBub3RoaW5nIGRlbGV0ZWQKQ2hlY2tpbmcgYHc1NTgw OCcuLi4gbm90IGluZmVjdGVkCkNoZWNraW5nIGBzY2FscGVyJy4uLiBub3Qg aW5mZWN0ZWQKQ2hlY2tpbmcgYHNsYXBwZXInLi4uIG5vdCBpbmZlY3RlZApD aGVja2luZyBgejInLi4uIApub3RoaW5nIGRlbGV0ZWQK ------------=_1068707123-10904-0 Content-Type: application/octet-stream; name="dmesg.20031113" Content-Disposition: attachment; filename="dmesg.20031113" Content-Transfer-Encoding: base64 Q29weXJpZ2h0IChjKSAxOTkyLTIwMDMgVGhlIEZyZWVCU0QgUHJvamVjdC4K Q29weXJpZ2h0IChjKSAxOTc5LCAxOTgwLCAxOTgzLCAxOTg2LCAxOTg4LCAx OTg5LCAxOTkxLCAxOTkyLCAxOTkzLCAxOTk0CglUaGUgUmVnZW50cyBvZiB0 aGUgVW5pdmVyc2l0eSBvZiBDYWxpZm9ybmlhLiBBbGwgcmlnaHRzIHJlc2Vy dmVkLgpGcmVlQlNEIDQuOS1SRUxFQVNFICMwOiBUaHUgTm92IDEzIDExOjEy OjAwIFNHVCAyMDAzCiAgICByb290QDovdXNyL29iai91c3Ivc3JjL3N5cy9G UkVFMzgwWgpUaW1lY291bnRlciAiaTgyNTQiICBmcmVxdWVuY3kgMTE5MzE4 MiBIegpUaW1lY291bnRlciAiVFNDIiAgZnJlcXVlbmN5IDI5ODQyMjQ2NSBI egpDUFU6IFBlbnRpdW0gSUkvUGVudGl1bSBJSSBYZW9uL0NlbGVyb24gKDI5 OC40Mi1NSHogNjg2LWNsYXNzIENQVSkKICBPcmlnaW4gPSAiR2VudWluZUlu dGVsIiAgSWQgPSAweDY1MiAgU3RlcHBpbmcgPSAyCiAgRmVhdHVyZXM9MHgx ODNmOWZmPEZQVSxWTUUsREUsUFNFLFRTQyxNU1IsUEFFLE1DRSxDWDgsU0VQ LE1UUlIsUEdFLE1DQSxDTU9WLFBBVCxQU0UzNixNTVgsRlhTUj4KcmVhbCBt ZW1vcnkgID0gMTAwNDY2Njg4ICg5ODExMksgYnl0ZXMpCmF2YWlsIG1lbW9y eSA9IDkyMzE1NjQ4ICg5MDE1MksgYnl0ZXMpClByZWxvYWRlZCBlbGYga2Vy bmVsICJrZXJuZWwiIGF0IDB4YzA1M2UwMDAuClByZWxvYWRlZCBlbGYgbW9k dWxlICJpcGZ3LmtvIiBhdCAweGMwNTNlMDljLgpQcmVsb2FkZWQgZWxmIG1v ZHVsZSAic25kX2NzYS5rbyIgYXQgMHhjMDUzZTEzOC4KUHJlbG9hZGVkIGVs ZiBtb2R1bGUgInNuZF9wY20ua28iIGF0IDB4YzA1M2UxZDguClByZWxvYWRl ZCBlbGYgbW9kdWxlICJhZ3Aua28iIGF0IDB4YzA1M2UyNzguClBlbnRpdW0g UHJvIE1UUlIgc3VwcG9ydCBlbmFibGVkCm1kMDogTWFsbG9jIGRpc2sKcGNp YmlvczogTm8gY2FsbCBlbnRyeSBwb2ludApucHgwOiA8bWF0aCBwcm9jZXNz b3I+IG9uIG1vdGhlcmJvYXJkCm5weDA6IElOVCAxNiBpbnRlcmZhY2UKcGNp YjA6IDxJbnRlbCA4MjQ0M0JYIGhvc3QgdG8gUENJIGJyaWRnZSAoQUdQIGRp c2FibGVkKT4gb24gbW90aGVyYm9hcmQKcGNpMDogPFBDSSBidXM+IG9uIHBj aWIwCnBjaWMwOiA8VEkgUENJLTEyNTAgUENJLUNhcmRCdXMgQnJpZGdlPiBt ZW0gMHg1MDAwMDAwMC0weDUwMDAwZmZmIGlycSAxMSBhdCBkZXZpY2UgMi4w IG9uIHBjaTAKcGNpYzA6IFRJMTJYWCBQQ0kgQ29uZmlnIFJlZzogW3Jpbmcg ZW5hYmxlXVtzcGVha2VyIGVuYWJsZV1bcHdyIHNhdmVdW0NTQyBwYXJhbGxl bCBpc2EgaXJxXQpwY2NhcmQwOiA8UEMgQ2FyZCAxNi1iaXQgYnVzIChjbGFz c2ljKT4gb24gcGNpYzAKcGNpYzE6IDxUSSBQQ0ktMTI1MCBQQ0ktQ2FyZEJ1 cyBCcmlkZ2U+IG1lbSAweDUxMDAwMDAwLTB4NTEwMDBmZmYgaXJxIDExIGF0 IGRldmljZSAyLjEgb24gcGNpMApwY2ljMTogVEkxMlhYIFBDSSBDb25maWcg UmVnOiBbcmluZyBlbmFibGVdW3NwZWFrZXIgZW5hYmxlXVtwd3Igc2F2ZV1b Q1NDIHBhcmFsbGVsIGlzYSBpcnFdCnBjY2FyZDE6IDxQQyBDYXJkIDE2LWJp dCBidXMgKGNsYXNzaWMpPiBvbiBwY2ljMQpwY2kwOiA8TmVvTWFnaWMgTWFn aWNNZWRpYSAyNTZBViBTVkdBIGNvbnRyb2xsZXI+IGF0IDMuMCBpcnEgMTEK aXNhYjA6IDxJbnRlbCA4MjM3MUFCIFBDSSB0byBJU0EgYnJpZGdlPiBhdCBk ZXZpY2UgNi4wIG9uIHBjaTAKaXNhMDogPElTQSBidXM+IG9uIGlzYWIwCmF0 YXBjaTA6IDxJbnRlbCBQSUlYNCBBVEEzMyBjb250cm9sbGVyPiBwb3J0IDB4 ZmNmMC0weGZjZmYgYXQgZGV2aWNlIDYuMSBvbiBwY2kwCmF0YTA6IGF0IDB4 MWYwIGlycSAxNCBvbiBhdGFwY2kwCmF0YTE6IGF0IDB4MTcwIGlycSAxNSBv biBhdGFwY2kwCnVoY2kwOiA8SW50ZWwgODIzNzFBQi9FQiAoUElJWDQpIFVT QiBjb250cm9sbGVyPiBwb3J0IDB4ODAwMC0weDgwMWYgaXJxIDExIGF0IGRl dmljZSA2LjIgb24gcGNpMAp1c2IwOiA8SW50ZWwgODIzNzFBQi9FQiAoUElJ WDQpIFVTQiBjb250cm9sbGVyPiBvbiB1aGNpMAp1c2IwOiBVU0IgcmV2aXNp b24gMS4wCnVodWIwOiBJbnRlbCBVSENJIHJvb3QgaHViLCBjbGFzcyA5LzAs IHJldiAxLjAwLzEuMDAsIGFkZHIgMQp1aHViMDogMiBwb3J0cyB3aXRoIDIg cmVtb3ZhYmxlLCBzZWxmIHBvd2VyZWQKY2hpcDE6IDxJbnRlbCA4MjM3MUFC IFBvd2VyIG1hbmFnZW1lbnQgY29udHJvbGxlcj4gcG9ydCAweGVmYTAtMHhl ZmFmIGF0IGRldmljZSA2LjMgb24gcGNpMAp2dDAgb24gaXNhMAp2dDA6IGdl bmVyaWMsIDgwIGNvbCwgY29sb3IsIDggc2NyLCB1bmtub3duIGtiZCwgW1Iz LjIwLWIyNF0KdnQwOiBkcml2ZXIgaXMgdXNpbmcgb2xkLXN0eWxlIGNvbXBh dGFiaWxpdHkgc2hpbXMKb3JtMDogPE9wdGlvbiBST00+IGF0IGlvbWVtIDB4 YzAwMDAtMHhjYmZmZiBvbiBpc2EwCnBtdGltZXIwIG9uIGlzYTAKZmRjMDog PE5FQyA3MjA2NUIgb3IgY2xvbmU+IGF0IHBvcnQgMHgzZjAtMHgzZjUsMHgz ZjcgaXJxIDYgZHJxIDIgb24gaXNhMApmZGMwOiBGSUZPIGVuYWJsZWQsIDgg Ynl0ZXMgdGhyZXNob2xkCmZkMDogPDE0NDAtS0IgMy41IiBkcml2ZT4gb24g ZmRjMCBkcml2ZSAwCmF0a2JkYzA6IDxLZXlib2FyZCBjb250cm9sbGVyIChp ODA0Mik+IGF0IHBvcnQgMHg2MCwweDY0IG9uIGlzYTAKYXRrYmQwOiA8QVQg S2V5Ym9hcmQ+IGZsYWdzIDB4MSBpcnEgMSBvbiBhdGtiZGMwCmtiZDAgYXQg YXRrYmQwCnBzbTA6IDxQUy8yIE1vdXNlPiBpcnEgMTIgb24gYXRrYmRjMApw c20wOiBtb2RlbCBHZW5lcmljIFBTLzIgbW91c2UsIGRldmljZSBJRCAwCnZn YTA6IDxHZW5lcmljIElTQSBWR0E+IGF0IHBvcnQgMHgzYzAtMHgzZGYgaW9t ZW0gMHhhMDAwMC0weGJmZmZmIG9uIGlzYTAKc2MwOiA8U3lzdGVtIGNvbnNv bGU+IGF0IGZsYWdzIDB4MTAwIG9uIGlzYTAKc2MwOiBWR0EgPDE2IHZpcnR1 YWwgY29uc29sZXMsIGZsYWdzPTB4MzAwPgpzaW8wIGF0IHBvcnQgMHgzZjgt MHgzZmYgaXJxIDQgZmxhZ3MgMHgxMCBvbiBpc2EwCnNpbzA6IHR5cGUgMTY1 NTBBCnNpbzE6IGNvbmZpZ3VyZWQgaXJxIDMgbm90IGluIGJpdG1hcCBvZiBw cm9iZWQgaXJxcyAwCnBwYzA6IGNhbm5vdCByZXNlcnZlIEkvTyBwb3J0IHJh bmdlCnVua25vd246IDxQTlAwMDAwPiBjYW4ndCBhc3NpZ24gcmVzb3VyY2Vz CnVua25vd246IDxQTlAwMzAzPiBjYW4ndCBhc3NpZ24gcmVzb3VyY2VzCnVu a25vd246IDxJQk0zNzgxPiBjYW4ndCBhc3NpZ24gcmVzb3VyY2VzCnVua25v d246IDxQTlAwNzAwPiBjYW4ndCBhc3NpZ24gcmVzb3VyY2VzCnBwYzE6IDxT dGFuZGFyZCBwYXJhbGxlbCBwcmludGVyIHBvcnQ+IGF0IHBvcnQgMHgzYmMt MHgzYmYgaXJxIDcgb24gaXNhMApwcGMxOiBHZW5lcmljIGNoaXBzZXQgKE5J QkJMRS1vbmx5KSBpbiBDT01QQVRJQkxFIG1vZGUKcGxpcDA6IDxQTElQIG5l dHdvcmsgaW50ZXJmYWNlPiBvbiBwcGJ1czAKbHB0MDogPFByaW50ZXI+IG9u IHBwYnVzMApscHQwOiBJbnRlcnJ1cHQtZHJpdmVuIHBvcnQKcHBpMDogPFBh cmFsbGVsIEkvTz4gb24gcHBidXMwCnVua25vd246IDxQTlAwNTAxPiBjYW4n dCBhc3NpZ24gcmVzb3VyY2VzCnBjbTA6IDxDUzQyM3g+IGF0IHBvcnQgMHg1 MzAtMHg1MzcsMHgzODgtMHgzOGIsMHgyMjAtMHgyMzMgaXJxIDUgZHJxIDEs MCBvbiBpc2EwCnVua25vd246IDxDU0MwMDAzPiBjYW4ndCBhc3NpZ24gcmVz b3VyY2VzCnVua25vd246IDxJQk0wMDcxPiBjYW4ndCBhc3NpZ24gcmVzb3Vy Y2VzCnVua25vd246IDxQTlAwZTAzPiBjYW4ndCBhc3NpZ24gcmVzb3VyY2Vz CklQIHBhY2tldCBmaWx0ZXJpbmcgaW5pdGlhbGl6ZWQsIGRpdmVydCBkaXNh YmxlZCwgcnVsZS1iYXNlZCBmb3J3YXJkaW5nIGVuYWJsZWQsIGRlZmF1bHQg dG8gZGVueSwgbG9nZ2luZyBkaXNhYmxlZAphZDA6IERNQSBsaW1pdGVkIHRv IFVETUEzMywgbm9uLUFUQTY2IGNhYmxlIG9yIGRldmljZQphZDA6IDM4MTU0 TUIgPElDMjVOMDQwQVRDUzA1LTA+IFs3NzUyMC8xNi82M10gYXQgYXRhMC1t YXN0ZXIgVURNQTMzCmFjZDA6IENEUk9NIDxTQU5ZTyBDUkQtUzM3MkI+IGF0 IGF0YTAtc2xhdmUgUElPNApNb3VudGluZyByb290IGZyb20gdWZzOi9kZXYv YWQwczFhCnBjY2FyZDogY2FyZCBpbnNlcnRlZCwgc2xvdCAxCnBjY2FyZDog Y2FyZCByZW1vdmVkLCBzbG90IDEKcGNjYXJkOiBjYXJkIGluc2VydGVkLCBz bG90IDEKZXAwOiA8M0NvbSAzQzU3NEIsIE1lZ2FoZXJ0eiAzQ0NGRTU3NEJU IG9yIEZhc3QgRXRoZXJsaW5rIDNDNTc0LVRYPiBhdCBwb3J0IDB4MjQwLTB4 MjVmIGlycSAxMSBmbGFncyAweDEgc2xvdCAxIG9uIHBjY2FyZDEKZXAwOiBF dGhlcm5ldCBhZGRyZXNzIDAwOjUwOjA0OmU3OjFiOjg4CnVodWIxOiBHZW5l cmljIFVTQiBFbWJlZGRlZCBIdWIsIGNsYXNzIDkvMCwgcmV2IDIuMDAvMC4w MSwgYWRkciAyCnVodWIxOiAxIHBvcnQgd2l0aCAwIHJlbW92YWJsZSwgc2Vs ZiBwb3dlcmVkCnVtYXNzMDogR2VuZXJpYyBVU0IgTWFzcyBTdG9yYWdlIERl dmljZSwgcmV2IDIuMDAvMC4wMSwgYWRkciAzCmRhMCBhdCB1bWFzcy1zaW0w IGJ1cyAwIHRhcmdldCAwIGx1biAwCmRhMDogPEdlbmVyaWMgVVNCIEZsYXNo IERpc2sgMS4wMD4gUmVtb3ZhYmxlIERpcmVjdCBBY2Nlc3MgU0NTSS0wIGRl dmljZSAKZGEwOiA2NTBLQi9zIHRyYW5zZmVycwpkYTA6IDI1ME1CICg1MTIw MDAgNTEyIGJ5dGUgc2VjdG9yczogNjRIIDMyUy9UIDI1MEMpCnVtYXNzMDog VW5zdXBwb3J0ZWQgQVRBUEkgY29tbWFuZCAweDM1CihkYTA6dW1hc3Mtc2lt MDowOjA6MCk6IFN5bmNocm9uaXplIGNhY2hlIGZhaWxlZCwgc3RhdHVzID09 IDB4Niwgc2NzaSBzdGF0dXMgPT0gMHgwCnVtYXNzMDogVW5zdXBwb3J0ZWQg QVRBUEkgY29tbWFuZCAweDM1CihkYTA6dW1hc3Mtc2ltMDowOjA6MCk6IFN5 bmNocm9uaXplIGNhY2hlIGZhaWxlZCwgc3RhdHVzID09IDB4Niwgc2NzaSBz dGF0dXMgPT0gMHgwCnVodWIxOiBhdCB1aHViMCBwb3J0IDEgKGFkZHIgMikg ZGlzY29ubmVjdGVkCihkYTA6dW1hc3Mtc2ltMDowOjA6MCk6IGxvc3QgZGV2 aWNlCihkYTA6dW1hc3Mtc2ltMDowOjA6MCk6IHJlbW92aW5nIGRldmljZSBl bnRyeQp1bWFzczA6IGRldGFjaGVkCnVodWIxOiBkZXRhY2hlZApDb25uZWN0 aW9uIGF0dGVtcHQgdG8gVENQIDEyNy4wLjAuMToxNjAwMSBmcm9tIDEyNy4w LjAuMToxMzc3IGZsYWdzOjB4MDIKQ29ubmVjdGlvbiBhdHRlbXB0IHRvIFRD UCAxMjcuMC4wLjE6MTYwMDEgZnJvbSAxMjcuMC4wLjE6MTM3OCBmbGFnczow eDAyCkNvbm5lY3Rpb24gYXR0ZW1wdCB0byBUQ1AgMTI3LjAuMC4xOjE2MDAx IGZyb20gMTI3LjAuMC4xOjE0MDQgZmxhZ3M6MHgwMgpDb25uZWN0aW9uIGF0 dGVtcHQgdG8gVENQIDEyNy4wLjAuMToxNjAwMSBmcm9tIDEyNy4wLjAuMTox NDA1IGZsYWdzOjB4MDIK ------------=_1068707123-10904-0 Content-Type: application/octet-stream; name="pkg_info.20031113" Content-Disposition: attachment; filename="pkg_info.20031113" Content-Transfer-Encoding: base64 SGVybWVzLTEuMy4zICAgICAgICBGYXN0IHBpeGVsIGZvcm1hdHMgY29udmVy c2lvbiBsaWJyYXJ5Ck1lc2EtMy40LjJfMiAgICAgICAgQSBncmFwaGljcyBs aWJyYXJ5IHNpbWlsYXIgdG8gU0dJJ3MgT3BlbkdMCk9SQml0Mi0yLjguMSAg ICAgICAgSGlnaC1wZXJmb3JtYW5jZSBDT1JCQSBPUkIgd2l0aCBzdXBwb3J0 IGZvciB0aGUgQyBsYW5ndWFnZQpYRnJlZTg2LTQuMy4wLDEgICAgIFgxMS9Y RnJlZTg2IGNvcmUgZGlzdHJpYnV0aW9uIChjb21wbGV0ZSwgdXNpbmcgbWlu aS9tZXRhLXBvClhGcmVlODYtRm9udFNlcnZlci00LjMuMF8yIFhGcmVlODYt NCBmb250IHNlcnZlcgpYRnJlZTg2LVNlcnZlci00LjMuMF8xMCBYRnJlZTg2 LTQgWCBzZXJ2ZXIgYW5kIHJlbGF0ZWQgcHJvZ3JhbXMKWEZyZWU4Ni1jbGll bnRzLTQuMy4wXzMgWEZyZWU4Ni00IGNsaWVudCBwcm9ncmFtcyBhbmQgcmVs YXRlZCBmaWxlcwpYRnJlZTg2LWRvY3VtZW50cy00LjMuMCBYRnJlZTg2LTQg ZG9jdW1lbnRhdGlvbgpYRnJlZTg2LWZvbnQxMDBkcGktNC4zLjAgWEZyZWU4 Ni00IGJpdG1hcCAxMDAgZHBpIGZvbnRzClhGcmVlODYtZm9udDc1ZHBpLTQu My4wIFhGcmVlODYtNCBiaXRtYXAgNzUgZHBpIGZvbnRzClhGcmVlODYtZm9u dEN5cmlsbGljLTQuMy4wIFhGcmVlODYtNCBDeXJpbGxpYyBmb250cwpYRnJl ZTg2LWZvbnREZWZhdWx0Qml0bWFwcy00LjMuMCBYRnJlZTg2LTQgZGVmYXVs dCBiaXRtYXAgZm9udHMKWEZyZWU4Ni1mb250RW5jb2RpbmdzLTQuMy4wIFhG cmVlODYtNCBmb250IGVuY29kaW5nIGZpbGVzClhGcmVlODYtZm9udFNjYWxh YmxlLTQuMy4wIFhGcmVlODYtNCBzY2FsYWJsZSBmb250cwpYRnJlZTg2LWxp YnJhcmllcy00LjMuMF82IFhGcmVlODYtNCBsaWJyYXJpZXMgYW5kIGhlYWRl cnMKWGZ0LTIuMS4yICAgICAgICAgICBBIGNsaWVudC1zaWRlZCBmb250IEFQ SSBmb3IgWCBhcHBsaWNhdGlvbnMKYTJwcy1sZXR0ZXItNC4xM2JfMSBGb3Jt YXRzIGFuIGFzY2lpIGZpbGUgZm9yIHByaW50aW5nIG9uIGEgcG9zdHNjcmlw dCBwcmludGVyCmFjbWUtMi40LjAgICAgICAgICAgVG9vbCB0byBtYWtlIG11 bHRpbWVkaWEga2V5cyB3b3JrIG9uIGxhcHRvcHMKYXBzZmlsdGVyLTcuMi41 XzMgICBNYWdpYyBwcmludCBmaWx0ZXIgd2l0aCBmaWxlIHR5cGUgcmVjb2du aXRpb24sIHByaW50IHByZXZpZQphc3BlbGwtMC41MC4zXzEgICAgIFNwZWxs aW5nIGNoZWNrZXIgd2l0aCBiZXR0ZXIgc3VnZ2VzdGlvbiBsb2dpYyB0aGFu IGlzcGVsbAphdC1zcGktMS4zLjcgICAgICAgIEFuIEFzc2lzdGl2ZSBUZWNo bm9sb2d5IFNlcnZpY2UgUHJvdmlkZXIgSW50ZXJmYWNlCmF0ay0xLjQuMCAg ICAgICAgICAgQSBHTk9NRSBhY2Nlc3NpYmlsaXR5IHRvb2xraXQgKEFUSykK YmFzaC0yLjA1Yi4wMDcgICAgICBUaGUgR05VIEJvdXJuZSBBZ2FpbiBTaGVs bApiaXRzdHJlYW0tdmVyYS0xLjEwIEJpdHN0cmVhbSBWZXJhIFRydWVUeXBl IGZvbnQgY29sbGVjdGlvbgpic2RpZmYtNC4xICAgICAgICAgIEdlbmVyYXRl cyBhbmQgYXBwbGllcyBwYXRjaGVzIHRvIGJpbmFyeSBmaWxlcwpidWdidWRk eTItMi40LjAgICAgIEEgYnVnIHJlcG9ydGluZyB0b29sIGZvciBHTk9NRSAy CmNkcnRvb2xzLTIuMC4zICAgICAgQ2RyZWNvcmQsIG1raXNvZnMgYW5kIHNl dmVyYWwgb3RoZXIgcHJvZ3JhbXMgdG8gcmVjb3JkIENELVIKY2hrcm9vdGtp dC0wLjQxICAgICBBIHRvb2wgdG8gbG9jYWxseSBjaGVjayBmb3Igc2lnbnMg b2YgYSByb290a2l0CmRvY2Jvb2stc2stNC4xLjIgICAgWE1MIHZlcnNpb24g b2YgdGhlIERvY0Jvb2sgRFREIHZlcnNpb24gY29udHJvbGxlZCBmb3IgU2Ny b2wKZG9jYm9vay14bWwtNC4yXzEgICBYTUwgdmVyc2lvbiBvZiB0aGUgRG9j Qm9vayBEVEQKZG9jYm9vay14c2wtMS42MS4zXzEgWFNMIERvY0Jvb2sgc3R5 bGVzaGVldHMKZWVsMi0yLjQuMCAgICAgICAgICBHZW5lcmFsbHkgdXNlZnVs IGNsYXNzZXMgYW5kIGV4dGVuc2lvbnMgdG8gR05PTUUKZW9nMi0yLjQuMCAg ICAgICAgICBUaGUgRXllIE9mIEdub21lIGltYWdlIHZpZXdlcgplcGlwaGFu eS0xLjAgICAgICAgIEFuIGV4dHJlbWVseSBsaWdodHdlaWdodCBhbmQgc2lt cGxlIHdlYiBicm93c2VyIGZvciBHTk9NRSAyCmVzb3VuZC0wLjIuMzIgICAg ICAgQSBzb3VuZCBsaWJyYXJ5IGZvciBlbmxpZ2h0ZW5tZW50IHBhY2thZ2UK ZXhwYXQtMS45NS42XzEgICAgICBYTUwgMS4wIHBhcnNlciB3cml0dGVuIGlu IEMKZmlsZXJvbGxlci0yLjQuMC4xLDEgQW4gYXJjaGl2ZSBtYW5hZ2VyIGZv ciB6aXAgZmlsZXMsIHRhciwgZXRjCmZvbnRjb25maWctMi4yLjkwXzMgQW4g WE1MLWJhc2VkIGZvbnQgY29uZmlndXJhdGlvbiBBUEkgZm9yIFggV2luZG93 cwpmcmVlYnNkLXVwZGF0ZS0xLjNfMSBGZXRjaGVzIGFuZCBpbnN0YWxscyBi aW5hcnkgdXBkYXRlcyB0byBGcmVlQlNECmZyZWV0eXBlLTEuMy4xXzIgICAg QSBmcmVlIGFuZCBwb3J0YWJsZSBUcnVlVHlwZSBmb250IHJlbmRlcmluZyBl bmdpbmUKZnJlZXR5cGUyLTIuMS40XzEgICBBIGZyZWUgYW5kIHBvcnRhYmxl IFRydWVUeXBlIGZvbnQgcmVuZGVyaW5nIGVuZ2luZQpnYWlsLTEuNC4wICAg ICAgICAgIEFuIGltcGxlbWVudGF0aW9uIG9mIHRoZSBBVEsgaW50ZXJmYWNl cyBmb3IgR1RLKyB3aWRnZXRzCmdjYWxjdG9vbC00LjMuM18xICAgQSBHTk9N RSAyIGNhbGN1bGF0b3IgdG9vbCBiYXNlZCBvbiB0aGUgb2xkIGNhbGN0b29s IGZvciBPcGUKZ2NvbmYtZWRpdG9yLTIuNC4wLDEgQSBnY29uZiBkYXRhYmFz ZSBlZGl0b3IgZm9yIHRoZSBHTk9NRSAyIGVudmlyb25tZW50Cmdjb25mMi0y LjQuMC4xICAgICAgQSBjb25maWd1cmF0aW9uIGRhdGFiYXNlIHN5c3RlbSBm b3IgR05PTUUKZ2RtMi0yLjQuNC4xXzEgICAgICBHTk9NRSAyIHZlcnNpb24g b2YgeGRtIGRpc3BsYXkgbWFuYWdlcgpnZWRpdDItMi40LjAgICAgICAgIEEg c21hbGwgYnV0IHBvd2VyZnVsIHRleHQgZWRpdG9yIGZvciBHbm9tZSAyIERl c2t0b3AgRW52aXJvCmdldHRleHQtMC4xMi4xICAgICAgR05VIGdldHRleHQg cGFja2FnZQpnZ3YyLTIuNC4wLjEgICAgICAgIEdOT01FIDIgZ2hvc3RzY3Jp cHQgdmlld2VyCmdob3N0c2NyaXB0LWdudS03LjA3XzMgR05VIFBvc3RzY3Jp cHQgaW50ZXJwcmV0ZXIKZ2xlLTMuMC4zICAgICAgICAgICBBIEdMIFR1Ymlu ZyBhbmQgRXh0cnVzaW9uIExpYnJhcnkKZ2xpYi0xLjIuMTBfMTAgICAgICBT b21lIHVzZWZ1bCByb3V0aW5lcyBvZiBDIHByb2dyYW1taW5nIChwcmV2aW91 cyBzdGFibGUgdmVycwpnbGliLTIuMi4zICAgICAgICAgIFNvbWUgdXNlZnVs IHJvdXRpbmVzIG9mIEMgcHJvZ3JhbW1pbmcgKGN1cnJlbnQgc3RhYmxlIHZl cnNpCmdub21lLWljb24tdGhlbWUtMS4wLjkgQSBjb2xsZWN0aW9uIG9mIGlj b25zIGZvciB0aGUgR05PTUUgMiBkZXNrdG9wCmdub21lLXRoZW1lcy0yLjQu MCAgQSBjb2xsZWN0aW9uIG9mIHRoZW1lcyBhbmQgaWNvbnMgZm9yIEdOT01F IDIgZGVzaWduZWQgZm9yIGEKZ25vbWUyLTIuNC4wICAgICAgICBUaGUgIm1l dGEtcG9ydCIgZm9yIHRoZSBHTk9NRSAyIGludGVncmF0ZWQgWDExIGRlc2t0 b3AKZ25vbWVhcHBsZXRzMi0yLjQuMV8xIEFwcGxldHMgY29tcG9uZW50cyBm b3IgdGhlIEdub21lIDIgRGVza3RvcCBFbnZpcm9ubWVudApnbm9tZWF1ZGlv Mi0yLjAuMCAgIFNvdW5kIGZpbGVzIGZvciB1c2Ugd2l0aCBHTk9NRSAyCmdu b21lY29udHJvbGNlbnRlcjItMi40LjAgQ29udHJvbCBjZW50ZXIgZm9yIEdO T01FIDIgcHJvamVjdApnbm9tZWRlc2t0b3AtMi40LjAgIEFkZGl0aW9uYWwg VUkgQVBJIGZvciBHTk9NRSAyCmdub21lZ2FtZXMyLTIuNC4wICAgVGhlIGdh bWUgYXBwbGljYXRpb25zIHBhY2thZ2UgZm9yIHRoZSBHbm9tZSAyIERlc2t0 b3AgRW52aXIKZ25vbWVoaWVyLTEuMF84ICAgICBBbiB1dGlsaXR5IHBvcnQs IGluc3RhbGxpbmcgaGllcmFyY2h5IG9mIGNvbW1vbiBHTk9NRSBkaXJlYwpn bm9tZW1hZy0wLjEwLjMgICAgIEdOT01FIHNjcmVlbiBtYWduaWZpZXIKZ25v bWVtZWRpYTItMi40LjAgICBNdWx0aW1lZGlhIGFwcGxpY2F0aW9ucyBmb3Ig dGhlIEdOT01FIDIgZGVza3RvcApnbm9tZW1lZXRpbmctMC45OC41IEdOT01F IEgzMjMgVmlkZW8gQ29uZmVyZW5jaW5nIHByb2dyYW0sIHNpbWlsYXIgdG8g TmV0TWVldGluCmdub21lbWltZWRhdGEtMi40LjAgQSBNSU1FIGFuZCBBcHBs aWNhdGlvbiBkYXRhYmFzZSBmb3IgR05PTUUKZ25vbWVwYW5lbC0yLjQuMF8x ICBQYW5lbCBjb21wb25lbnQgZm9yIHRoZSBHTk9NRSAyIERlc2t0b3AKZ25v bWVzZXNzaW9uLTIuNC4wICBTZXNzaW9uIGNvbXBvbmVudCBmb3IgdGhlIEdO T01FIDIgZGVza3RvcApnbm9tZXNwZWVjaC0wLjIuNyAgIEdOT01FIHRleHQt dG8tc3BlZWNoIEFQSQpnbm9tZXN5c3RlbW1vbml0b3ItMi40LjAgR05PTUUg MiBzeXN0ZW0gbW9uaXRvciBwcm9ncmFtCmdub21ldGVybWluYWwtMi40LjAu MSBUZXJtaW5hbCBjb21wb25lbnQgZm9yIHRoZSBHTk9NRSAyIERlc2t0b3AK Z25vbWV1c2VyZG9jczItMi40LjAgR05PTUUgMiB1c2VycyBndWlkZQpnbm9t ZXV0aWxzMi0yLjQuMCwxIEdOT01FIDIgc3VwcG9ydCB1dGlsaXRpZXMKZ25v bWV2ZnMyLTIuNC4wICAgICBHTk9NRSBWaXJ0dWFsIEZpbGUgU3lzdGVtCmdu b3Blcm5pY3VzLTAuNy4wICAgQ29sbGVjdGlvbiBvZiBhY2Nlc3NpYmlsaXR5 IGFwcHMgZm9yIEdOT01FIDIKZ29rLTAuOC4yICAgICAgICAgICBHTk9NRSBP bi1TY3JlZW4gS2V5Ym9hcmQgKEdPSykKZ3BkZi0wLjExMCAgICAgICAgICBH Tk9NRSB2ZXJzaW9uIG9mIHhwZGYKZ3N0cmVhbWVyLTAuNi4zICAgICBEZXZl bG9wbWVudCBmcmFtZXdvcmsgZm9yIGNyZWF0aW5nIG1lZGlhIGFwcGxpY2F0 aW9ucwpnc3RyZWFtZXItcGx1Z2lucy0wLjYuMyBHU3RyZWFtZXIgd3JpdHRl biBjb2xsZWN0aW9uIG9mIHBsdWdpbnMgaGFuZGxpbmcgc2V2ZXJhbCBtZQpn dGstMS4yLjEwXzEwICAgICAgIEdpbXAgVG9vbGtpdCBmb3IgWDExIEdVSSAo cHJldmlvdXMgc3RhYmxlIHZlcnNpb24pCmd0ay0yLjIuNCAgICAgICAgICAg R2ltcCBUb29sa2l0IGZvciBYMTEgR1VJIChjdXJyZW50IHN0YWJsZSB2ZXJz aW9uKQpndGstZW5naW5lczItMi4yLjAgIFRoZW1lIGVuZ2luZSBmb3IgdGhl IGd0aystMi4wIHRvb2xraXQKZ3Rrc291cmNldmlldy0wLjYuMCBBIHRleHQg d2lkZ2V0IHRoYXQgYWRkcyBzeW50YXggaGlnaGxpZ2h0aW5nIHRvIHRoZSBH dGtUZXh0VgpndWNoYXJtYXAtZ25vbWUtMS4wLjAgQSBVbmljb2RlL0lTTzEw NjQ2IGNoYXJhY3RlciBtYXAgYW5kIGZvbnQgdmlld2VyCmd1aWxlLTEuNi40 XzIgICAgICAgR05VIFViaXF1aXRvdXMgSW50ZWxsaWdlbnQgTGFuZ3VhZ2Ug Zm9yIEV4dGVuc2lvbgpocGlqcy0xLjQuMSAgICAgICAgIERyaXZlcnMgYW5k IHN1cHBvcnQgcmVzb3VyY2VzIGZvciBIUCBJbmtqZXQgUHJpbnRlcnMKaW1h a2UtNC4zLjBfMSAgICAgICBJbWFrZSBhbmQgb3RoZXIgdXRpbGl0aWVzIGZy b20gWEZyZWU4NgppbnRsdG9vbC0wLjI3LjIgICAgIFhtbCBpbnRlcm5hdGlv bmFsaXphdGlvbiBzdXBwb3J0IGZvciBHTk9NRSwgYW5kIG90aGVycwpqcGVn LTZiXzEgICAgICAgICAgIElKRydzIGpwZWcgY29tcHJlc3Npb24gdXRpbGl0 aWVzCmxhbWUtMy45My4xICAgICAgICAgSVNPIGNvZGUgYmFzZWQgZmFzdCBN UDMgZW5jb2RlciBraXQKbGNtcy0xLjA5LDEgICAgICAgICBMaWdodCBDb2xv ciBNYW5hZ2VtZW50IFN5c3RlbSAtLSBhIGNvbG9yIG1hbmFnZW1lbnQgbGli cmFyeQpsaGEtMS4xNGlfMSAgICAgICAgIEFyY2hpdmUgZmlsZXMgdXNpbmcg TFpXIGNvbXByZXNzaW9uICgubHpoIGZpbGVzKQpsaWJJREwtMC44LjIgICAg ICAgIEEgbGlicmFyeSBmb3IgY3JlYXRpbmcgdHJlZXMgb2YgQ09SQkEgSW50 ZXJmYWNlIERlZmluaXRpb24gCmxpYmFydF9sZ3BsMi0yLjMuMTYgTGlicmFy eSBmb3IgaGlnaC1wZXJmb3JtYW5jZSAyRCBncmFwaGljcwpsaWJhdWRpb2Zp bGUtMC4yLjMgIEEgc291bmQgbGlicmFyeSBmb3IgU0dJIGF1ZGlvIGZpbGUK bGliYm9ub2JvLTIuNC4wICAgICBBIGNvbXBvbmVudCBhbmQgY29tcG91bmQg ZG9jdW1lbnQgc3lzdGVtIGZvciBHTk9NRTIKbGliYm9ub2JvdWktMi40LjAg ICBHVUkgZnJvbnRlbmQgdG8gdGhlIGxpYmJvbm9ibyBjb21wb25lbnQgb2Yg R05PTUUgMgpsaWJnYWlsLWdub21lLTEuMC4yXzIgQW4gaW1wbGVtZW50YXRp b24gb2YgdGhlIEFUSyBpbnRlcmZhY2VzIGZvciBHTk9NRSB3aWRnZXRzCmxp YmdsYWRlMi0yLjAuMV8xICAgR05PTUUgZ2xhZGUgbGlicmFyeQpsaWJnbm9t ZS0yLjQuMCAgICAgIExpYnJhcmllcyBmb3IgR05PTUUsIGEgR05VIGRlc2t0 b3AgZW52aXJvbm1lbnQKbGliZ25vbWVjYW52YXMtMi40LjAgQSBncmFwaGlj cyBsaWJyYXJ5IGZvciBHTk9NRQpsaWJnbm9tZXByaW50LTIuMy4xIEdub21l IHByaW50IHN1cHBvcnQgbGlicmFyeQpsaWJnbm9tZXByaW50dWktMi4zLjEg R25vbWUgcHJpbnQgc3VwcG9ydCBsaWJyYXJ5CmxpYmdub21ldWktMi40LjAu MV8xIExpYnJhcmllcyBmb3IgdGhlIEdOT01FIEdVSSwgYSBHTlUgZGVza3Rv cCBlbnZpcm9ubWVudApsaWJnbnVnZXRvcHQtMS4yICAgIEdOVSBnZXRvcHQg bGlicmFyeQpsaWJnc2YtMS44LjEgICAgICAgIEFuIGV4dGVuc2libGUgaS9v IGFic3RyYWN0aW9uIGZvciBkZWFsaW5nIHdpdGggc3RydWN0dXJlZCBmCmxp Ymd0a2h0bWwtMi40LjAgICAgTGlnaHR3ZWlnaHQgSFRNTCByZW5kZXJpbmcv cHJpbnRpbmcvZWRpdGluZyBlbmdpbmUKbGliZ3RvcDItMi4wLjUgICAgICBH Tk9NRSAyIHRvcCBsaWJyYXJ5CmxpYmljb252LTEuOS4xXzEgICAgQSBjaGFy YWN0ZXIgc2V0IGNvbnZlcnNpb24gbGlicmFyeQpsaWJpanMtMC4zNCAgICAg ICAgIEMgbGlicmFyeSB0aGF0IHN1cHBvcnRzIHBsdWdpbiBwcmludGVyIGRy aXZlciBmb3IgR2hvc3RzY3JpCmxpYmx0ZGwtMS41ICAgICAgICAgU3lzdGVt IGluZGVwZW5kZW50IGRsb3BlbiB3cmFwcGVyCmxpYm1uZy0xLjAuNV8xICAg ICAgTXVsdGlwbGUtaW1hZ2UgTmV0d29yayBHcmFwaGljcyAoTU5HKSByZWZl cmVuY2UgbGlicmFyeQpsaWJvZ2ctMS4wXzEsMyAgICAgIE9nZyBiaXRzdHJl YW0gbGlicmFyeQpsaWJyc3ZnMi0yLjQuMCAgICAgIExpYnJhcnkgZm9yIHBh cnNpbmcgYW5kIHJlbmRlcmluZyBTVkcgdmVjdG9yLWdyYXBoaWMgZmlsZXMK bGlidm9yYmlzLTEuMF8xLDMgICBBdWRpbyBjb21wcmVzc2lvbiBjb2RlYyBs aWJyYXJ5CmxpYnduY2stMi40LjAuMSAgICAgTGlicmFyeSB1c2VkIGZvciB3 cml0aW5nIHBhZ2VycyBhbmQgdGFza3NsaXN0cwpsaWJ4bWwyLTIuNS4xMSAg ICAgIFhtbCBwYXJzZXIgbGlicmFyeSBmb3IgR05PTUUKbGlieHNsdC0xLjAu MzMgICAgICBUaGUgWFNMVCBDIGxpYnJhcnkgZm9yIEdOT01FCmxpbmMtMS4w LjMgICAgICAgICAgQSBsaWJyYXJ5IGZvciB3cml0aW5nIG5ldHdvcmtlZCBz ZXJ2ZXJzICYgY2xpZW50cwpsaW51eF9iYXNlLTcuMV81ICAgIFRoZSBiYXNl IHNldCBvZiBwYWNrYWdlcyBuZWVkZWQgaW4gTGludXggbW9kZQpseW54LTIu OC40LjFkICAgICAgIEEgbm9uLWdyYXBoaWNhbCwgdGV4dC1iYXNlZCBXb3Js ZC1XaWRlIFdlYiBjbGllbnQKbHpvLTEuMDhfMSAgICAgICAgICBQb3J0YWJs ZSBzcGVlZHksIGxvc3NsZXNzIGRhdGEgY29tcHJlc3Npb24gbGlicmFyeQps em9wLTEuMDEgICAgICAgICAgIEZhc3QgZmlsZSBjb21wcmVzc29yIHNpbWls YXIgdG8gZ3ppcCwgdXNpbmcgdGhlIExaTyBsaWJyYXJ5Cm00LTEuNF8xICAg ICAgICAgICAgR05VIG00Cm1ldGFjaXR5LTIuNi4xICAgICAgQSB3aW5kb3cg bWFuYWdlciBmb3IgdGhlIGFkdWx0IGluIHlvdQpta2lzb2ZzLTIuMC4zICAg ICAgIENyZWF0ZSBpc285NjYwL1JvY2sgUmlkZ2UvSm9saWV0IGZpbGVzeXN0 ZW1zCm1vemlsbGEtZ3RrMi0xLjQgICAgVGhlIG9wZW4gc291cmNlLCBzdGFu ZGFyZHMgY29tcGxpYW50IHdlYiBicm93c2VyCm10b29scy0zLjkuOF8xICAg ICAgQSBjb2xsZWN0aW9uIG9mIHRvb2xzIGZvciBtYW5pcHVsYXRpbmcgTVNE T1MgZmlsZXMKbmF1dGlsdXMtY2QtYnVybmVyLTAuNS4zIENEIGJ1cm5lciB2 aWV3IGZvciBOYXV0aWx1cwpuYXV0aWx1cy1tZWRpYS0wLjMuMy4xIEdTdHJl YW1lci1iYXNlZCBtdWx0aW1lZGlhIHZpZXdzIGZvciBOYXV0aWx1cwpuYXV0 aWx1czItMi40LjBfMSAgIEdOT01FIGZpbGUgbWFuYWdlciBhbmQgZ3JhcGhp Y2FsIHNoZWxsIGRldmVsb3BlZCBieSBFYXplbApvcGVubGRhcC1jbGllbnQt Mi4wLjI3IE9wZW4gc291cmNlIExEQVAgY2xpZW50IGltcGxlbWVudGF0aW9u CnBhbmdvLTEuMi41ICAgICAgICAgQW4gb3Blbi1zb3VyY2UgZnJhbWV3b3Jr IGZvciB0aGUgbGF5b3V0IGFuZCByZW5kZXJpbmcgb2YgaTEKcGtnY29uZmln LTAuMTUuMCAgICBBIHV0aWxpdHkgdXNlZCB0byByZXRyaWV2ZSBpbmZvcm1h dGlvbiBhYm91dCBpbnN0YWxsZWQgbGlicgpwbmctMS4yLjVfMiAgICAgICAg IExpYnJhcnkgZm9yIG1hbmlwdWxhdGluZyBQTkcgaW1hZ2VzCnBvcHQtMS42 LjRfMSAgICAgICAgQSBnZXRvcHQoMykgbGlrZSBsaWJyYXJ5IHdpdGggYSBu dW1iZXIgb2YgZW5oYW5jZW1lbnRzLCBmcm8KcHN1dGlscy1sZXR0ZXItMS4x N18xIFV0aWxpdGllcyBmb3IgbWFuaXB1bGF0aW5nIFBvc3RTY3JpcHQgZG9j dW1lbnRzCnB5MjMtZXhwYXQtMi4zXzIgICAgUHl0aG9uIGludGVyZmFjZSB0 byB0aGUgRXhwYXQgWE1MIHBhcnNlcgpweXRob24tMi4zXzEgICAgICAgIEFu IGludGVycHJldGVkIG9iamVjdC1vcmllbnRlZCBwcm9ncmFtbWluZyBsYW5n dWFnZQpzY3JvbGxrZWVwZXItMC4zLjEyXzIsMSBBbiBPcGVuIERvY3VtZW50 IENhdGFsb2dpbmcgUHJvamVjdApzZG9jYm9vay14bWwtNC4xLjIuNV8xICJT aW1wbGlmaWVkIiBEb2NCb29rIFhNTCBEVEQKc294LTEyLjE3LjQgICAgICAg ICBTT3VuZCBlWGNoYW5nZSAtIHVuaXZlcnNhbCBzb3VuZCBzYW1wbGUgdHJh bnNsYXRvcgpzdGFydHVwLW5vdGlmaWNhdGlvbi0wLjVfMSBMaWJyYXJ5IHRo YXQgc3VwcG9ydHMgc3RhcnR1cCBub3RpZmljYXRpb24gc3BlYyBmcm9tIGZy ZWVkZQpzdWRvLTEuNi43LjUgICAgICAgIEFsbG93IG90aGVycyB0byBydW4g Y29tbWFuZHMgYXMgcm9vdAp0aWZmLTMuNS43XzEgICAgICAgIFRvb2xzIGFu ZCBsaWJyYXJ5IHJvdXRpbmVzIGZvciB3b3JraW5nIHdpdGggVElGRiBpbWFn ZXMKdW56aXAtNS41MF8yICAgICAgICBMaXN0LCB0ZXN0IGFuZCBleHRyYWN0 IGNvbXByZXNzZWQgZmlsZXMgaW4gYSBaSVAgYXJjaGl2ZQp2c2Z0cGQtMS4y LjAgICAgICAgIEEgRlRQIGRhZW1vbiB0aGF0IGFpbXMgdG8gYmUgInZlcnkg c2VjdXJlIgp2dGUtMC4xMS4xMCAgICAgICAgIFRlcm1pbmFsIHdpZGdldCB3 aXRoIGltcHJvdmVkIGFjY2Vzc2liaWxpdHkgYW5kIEkxOE4gc3VwcG9yCndy YXBwZXItMS4wXzMgICAgICAgV3JhcHBlciBmb3IgWEZyZWU4Ni00IHNlcnZl cgp4Y2hhdDItMi4wLjRfMSAgICAgIEFuIFgxMSBJUkMgY2xpZW50IHVzaW5n IHRoZSBHVEsrIDIgdG9vbGtpdAp4ZWFydGgtMS4xICAgICAgICAgIFNldCB0 aGUgcm9vdCB3aW5kb3cgdG8gdGhlIGltYWdlIG9mIGVhcnRoCnhtbGNhdG1n ci0wLjJfMSAgICAgU0dNTC9YTUwgY2F0YWxvZyBtYW5hZ2VyCnhzY3JlZW5z YXZlci1nbm9tZS00LjEzIFNhdmUgeW91ciBzY3JlZW4gd2hpbGUgeW91IGVu dGVydGFpbiB5b3VyIGNhdCAoZm9yIEdOT01FIHVzCnllbHAtMi40LjAgICAg ICAgICAgQSBoZWxwIGJyb3dzZXIgZm9yIHRoZSBHTk9NRSAyIGRlc2t0b3AK emVuaXR5LTEuNiAgICAgICAgICBEaXNwbGF5IEdOT01FIGRpYWxvZ3MgZnJv bSB0aGUgY29tbWFuZCBsaW5lCnpoLXR0Zm0tMC45LjNfMyAgICAgQSBCaWc1 L0dCIGVuaGFuY2VkIFRydWVUeXBlIEZvbnQgTWFuYWdlcgp6aXAtMi4zXzEg ICAgICAgICAgIENyZWF0ZS91cGRhdGUgWklQIGZpbGVzIGNvbXBhdGlibGUg d2l0aCBwa3ppcAp6b28tMi4xMC4xICAgICAgICAgIE1hbmlwdWxhdGUgYXJj aGl2ZXMgb2YgZmlsZXMgaW4gY29tcHJlc3NlZCBmb3JtCg== ------------=_1068707123-10904-0 Content-Type: application/octet-stream; name="uname-a.20031113" Content-Disposition: attachment; filename="uname-a.20031113" Content-Transfer-Encoding: base64 RnJlZUJTRCBmcmVlMzgwei50ZWxrb20ubmV0LmlkIDQuOS1SRUxFQVNFIEZy ZWVCU0QgNC45LVJFTEVBU0UgIzA6IFRodSBOb3YgMTMgMTE6MTI6MDAgU0dU IDIwMDMgICAgIHJvb3RAOi91c3Ivb2JqL3Vzci9zcmMvc3lzL0ZSRUUzODBa ICBpMzg2Cg== ------------=_1068707123-10904-0-- From owner-freebsd-security@FreeBSD.ORG Thu Nov 13 01:34:37 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E0DD416A4CE for ; Thu, 13 Nov 2003 01:34:36 -0800 (PST) Received: from smtp-slave1.fsdata.se (smtp-gw.fsdata.se [195.35.82.150]) by mx1.FreeBSD.org (Postfix) with ESMTP id 64C9843FDD for ; Thu, 13 Nov 2003 01:34:35 -0800 (PST) (envelope-from nisse@imtech.se) Received: from www16.aname.net (www16.aname.net [62.119.28.116]) by smtp-slave1.fsdata.se (8.12.10/8.12.0) with ESMTP id hAD9YS84001125 for ; Thu, 13 Nov 2003 10:34:29 +0100 Received: from nisse ([62.95.38.98]) by www16.aname.net (8.12.10/8.12.10) with ESMTP id hAD9YTAZ027082 for ; Thu, 13 Nov 2003 10:34:29 +0100 From: "Nils von Greyerz" To: Date: Thu, 13 Nov 2003 10:34:31 +0100 Message-ID: <001601c3a9c9$5732e620$640aa8c0@nisse> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4510 Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Subject: SSHD password authentication issue in 4.9-RELEASE and 5.1-RELEASE X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Nov 2003 09:34:37 -0000 Wonder if you guys could help me out...have a security problem with sshd wich enables a user to do a password login tough the sshd_config states PasswordAuthentication no My config works fine in both gentoo and openbsd 3.3 but users are able to login with tunneled clear text passwords in both 4.9 and 5.1 Im lost.tried everything I can think of. Here is the config: ------------------------------------------------------------------- # $OpenBSD: sshd_config,v 1.59 2002/09/25 11:17:16 markus Exp $ # $FreeBSD: src/crypto/openssh/sshd_config,v 1.32 2003/04/23 17:10:53 des Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin # The strategy used for options in the default sshd_config shipped with # OpenSSH is to specify options with their default value where # possible, but leave them commented. Uncommented options change a # default value. # Note that some of FreeBSD's defaults differ from OpenBSD's, and # FreeBSD has a few additional options. #VersionAddendum FreeBSD-20030423 Port 22 Protocol 2 #ListenAddress 0.0.0.0 #ListenAddress :: # HostKey for protocol version 1 #HostKey /etc/ssh/ssh_host_key # HostKeys for protocol version 2 #HostKey /etc/ssh/ssh_host_dsa_key # Lifetime and size of ephemeral version 1 server key #KeyRegenerationInterval 3600 #ServerKeyBits 768 # Logging #obsoletes QuietMode and FascistLogging SyslogFacility AUTH LogLevel INFO # Authentication: #LoginGraceTime 120 PermitRootLogin no StrictModes yes RSAAuthentication yes PubkeyAuthentication yes AuthorizedKeysFile .ssh/authorized_keys # rhosts authentication should not be used #RhostsAuthentication no # Don't read the user's ~/.rhosts and ~/.shosts files IgnoreRhosts yes # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts #RhostsRSAAuthentication no # similar for protocol version 2 #HostbasedAuthentication no # Change to yes if you don't trust ~/.ssh/known_hosts for # RhostsRSAAuthentication and HostbasedAuthentication #IgnoreUserKnownHosts no # To disable tunneled clear text passwords, change to no here! PasswordAuthentication no PermitEmptyPasswords no # Change to no to disable PAM authentication #ChallengeResponseAuthentication yes # Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes #AFSTokenPassing no # Kerberos TGT Passing only works with the AFS kaserver #KerberosTgtPassing no #X11Forwarding yes #X11DisplayOffset 10 #X11UseLocalhost yes #PrintMotd yes #PrintLastLog yes #KeepAlive yes #UseLogin no #UsePrivilegeSeparation yes #PermitUserEnvironment no #Compression yes #MaxStartups 10 # no default banner path #Banner /some/path #VerifyReverseMapping no # override default of no subsystems Subsystem sftp /usr/libexec/sftp-server ------------------------------------------------------------------- Everything else is default.I'm not starting SSHD with any additional parameters than the defaults in /etc/defaults/rc.conf and just added sshd_enable="YES" in /etc/rc.conf I have of course restarted sshd after changes in the config. Nothing is patched or updated in any ways, its from the stock install from the ISOs. Any ideas? Regards /Nils Nils von Greyerz Senior Network Consultant, Juniper Certified Internet Associate: JNCIA-M #0090 From owner-freebsd-security@FreeBSD.ORG Thu Nov 13 01:42:44 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 69E0816A4CE for ; Thu, 13 Nov 2003 01:42:44 -0800 (PST) Received: from relay.netbox.cz (relay.netbox.cz [212.96.166.9]) by mx1.FreeBSD.org (Postfix) with ESMTP id D597D43FCB for ; Thu, 13 Nov 2003 01:42:42 -0800 (PST) (envelope-from unix_list@post.cz) Received: from localhost (localhost [127.0.0.1]) by localhost.netbox.cz (Postfix) with ESMTP id 1636837BA4 for ; Thu, 13 Nov 2003 10:42:41 +0100 (CET) Received: from relay.netbox.cz ([127.0.0.1]) by localhost (relay [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 12054-01-30 for ; Thu, 13 Nov 2003 10:42:40 +0100 (CET) Received: from daemon (r71s11p19.home.nbox.cz [213.211.37.145]) by relay.netbox.cz (Postfix) with SMTP id F069137BA3 for ; Thu, 13 Nov 2003 10:42:39 +0100 (CET) Date: Thu, 13 Nov 2003 10:42:39 +0100 From: unix_list To: freebsd-security@freebsd.org Message-Id: <20031113104239.453f9019.unix_list@post.cz> In-Reply-To: <001601c3a9c9$5732e620$640aa8c0@nisse> References: <001601c3a9c9$5732e620$640aa8c0@nisse> X-Mailer: Sylpheed version 0.9.6 (GTK+ 1.2.10; i386-portbld-freebsd5.1) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-new-20030616-p5 (Debian) at netbox.cz Subject: Re: SSHD password authentication issue in 4.9-RELEASE and 5.1-RELEASE X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Nov 2003 09:42:44 -0000 Hello, try disable PAM auth. ChallengeResponseAuthentication no -=Snoopy=- On Thu, 13 Nov 2003 10:34:31 +0100 "Nils von Greyerz" wrote: > Wonder if you guys could help me out...have a security problem with sshd > wich enables a user to do a password login tough the sshd_config states > PasswordAuthentication no > My config works fine in both gentoo and openbsd 3.3 but users are able to > login with tunneled clear text passwords in both 4.9 and 5.1 > Im lost.tried everything I can think of. > Here is the config: > > ------------------------------------------------------------------- > # $OpenBSD: sshd_config,v 1.59 2002/09/25 11:17:16 markus Exp $ > # $FreeBSD: src/crypto/openssh/sshd_config,v 1.32 2003/04/23 17:10:53 > des > Exp $ > # This is the sshd server system-wide configuration file. See > # sshd_config(5) for more information. > # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin > # The strategy used for options in the default sshd_config shipped with > # OpenSSH is to specify options with their default value where > # possible, but leave them commented. Uncommented options change a > # default value. > # Note that some of FreeBSD's defaults differ from OpenBSD's, and > # FreeBSD has a few additional options. > > #VersionAddendum FreeBSD-20030423 > > Port 22 > Protocol 2 > #ListenAddress 0.0.0.0 > #ListenAddress :: > > # HostKey for protocol version 1 > #HostKey /etc/ssh/ssh_host_key > # HostKeys for protocol version 2 > #HostKey /etc/ssh/ssh_host_dsa_key > > # Lifetime and size of ephemeral version 1 server key > #KeyRegenerationInterval 3600 > #ServerKeyBits 768 > > # Logging > #obsoletes QuietMode and FascistLogging > SyslogFacility AUTH > LogLevel INFO > > # Authentication: > > #LoginGraceTime 120 > PermitRootLogin no > StrictModes yes > > RSAAuthentication yes > PubkeyAuthentication yes > AuthorizedKeysFile .ssh/authorized_keys > > # rhosts authentication should not be used > #RhostsAuthentication no > # Don't read the user's ~/.rhosts and ~/.shosts files > IgnoreRhosts yes > # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts > #RhostsRSAAuthentication no > # similar for protocol version 2 > #HostbasedAuthentication no > # Change to yes if you don't trust ~/.ssh/known_hosts for > # RhostsRSAAuthentication and HostbasedAuthentication > #IgnoreUserKnownHosts no > > # To disable tunneled clear text passwords, change to no here! > PasswordAuthentication no > PermitEmptyPasswords no > > # Change to no to disable PAM authentication > #ChallengeResponseAuthentication yes > > # Kerberos options > #KerberosAuthentication no > #KerberosOrLocalPasswd yes > #KerberosTicketCleanup yes > > #AFSTokenPassing no > > # Kerberos TGT Passing only works with the AFS kaserver > #KerberosTgtPassing no > > #X11Forwarding yes > #X11DisplayOffset 10 > #X11UseLocalhost yes > #PrintMotd yes > #PrintLastLog yes > #KeepAlive yes > #UseLogin no > #UsePrivilegeSeparation yes > #PermitUserEnvironment no > #Compression yes > > #MaxStartups 10 > # no default banner path > #Banner /some/path > #VerifyReverseMapping no > > # override default of no subsystems > Subsystem sftp /usr/libexec/sftp-server > ------------------------------------------------------------------- > > Everything else is default.I'm not starting SSHD with any additional > parameters than the defaults in /etc/defaults/rc.conf and just added > sshd_enable="YES" in /etc/rc.conf > I have of course restarted sshd after changes in the config. > Nothing is patched or updated in any ways, its from the stock install from > the ISOs. > Any ideas? > Regards /Nils > > Nils von Greyerz > Senior Network Consultant, > Juniper Certified Internet Associate: JNCIA-M #0090 > > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" > From owner-freebsd-security@FreeBSD.ORG Thu Nov 13 02:26:22 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A10DC16A4CE for ; Thu, 13 Nov 2003 02:26:22 -0800 (PST) Received: from munk.nu (mail.munk.nu [213.152.51.194]) by mx1.FreeBSD.org (Postfix) with ESMTP id CD3AA43FAF for ; Thu, 13 Nov 2003 02:26:21 -0800 (PST) (envelope-from munk@munk.nu) Received: from munk by munk.nu with local (Exim 4.24; FreeBSD 4.8) id 1AKEg7-000FUB-UH for security@freebsd.org; Thu, 13 Nov 2003 10:26:19 +0000 Date: Thu, 13 Nov 2003 10:26:19 +0000 From: Jez Hancock To: FreeBSD Security List Message-ID: <20031113102619.GB58969@users.munk.nu> Mail-Followup-To: FreeBSD Security List Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.1i Sender: User Munk Subject: Apache leaks sensitive info in PHP phpinfo() calls X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Nov 2003 10:26:22 -0000 Hi, I wanted to get some opinions on this subject before I submit a PR about it. I don't know if there are any pitfalls with the 'fix' I suggested and though it best to run it past people here before submitting. If there's a better place to post this please let me know (freebsd-ports?). The send-pr output I was about to send explains everything so I'll just paste it here: -snip- To: FreeBSD-gnats-submit@freebsd.org From: Jez Hancock Reply-To: Jez Hancock >Submitter-Id: current-users >Originator: Jez Hancock >Organization: n/a >Confidential: no >Synopsis: Apache httpd leaks environment information in PHP phpinfo() calls >Severity: non-critical >Priority: low >Category: ports >Class: change-request >Release: FreeBSD 4.8-STABLE i386 >Environment: System: FreeBSD users.munk.nu 4.8-STABLE FreeBSD 4.8-STABLE #1: Fri Apr 18 14:38:46 BST 2003 root@users.munk.nu:/usr/obj/usr/src/sys/MUNKBOXEN i386 >Description: The apache13 port control script /usr/local/sbin/apachectl is used to control the apache httpd daemon. However the apachectl script does not start with a clean environment, inheriting the environment of the user that invokes the script. As a consequence the environment variables set by the shell of the user that invokes apachectl (usually a UID 0 user) are visible to users when executing a command such as phpinfo() in the PHP $_ENV superglobal array. >How-To-Repeat: Invoke the apachectl control script as a user who has shell environment variables set. Browse to a web page served by the httpd that contains a PHP phpinfo() call and observe the environment of the user in the $_ENV superglobal array. >Fix: Add a single line to the apachectl control script to ensure apache runs with a clean environment: *** /usr/local/sbin/apachectl Thu Nov 13 06:59:05 2003 --- /usr/local/sbin/apachectl.bak Thu Nov 13 06:58:54 2003 *************** *** 26,32 **** # # the path to your httpd binary, including options if necessary HTTPD=/usr/local/sbin/httpd - HTTPD=`echo /usr/bin/env -i $HTTPD` # # a command that outputs a formatted text version of the HTML at the # url given on the command line. Designed for lynx, however other --- 26,31 ---- -snip- This appears to work as required, removing any details about the apachectl-invoking user's environment from the $_ENV array. Are there any pitfalls of using env in this way though? -- Jez Hancock - System Administrator / PHP Developer http://munk.nu/ From owner-freebsd-security@FreeBSD.ORG Thu Nov 13 02:37:58 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6BB8F16A4CE for ; Thu, 13 Nov 2003 02:37:58 -0800 (PST) Received: from gandalf.online.bg (gandalf.online.bg [217.75.128.9]) by mx1.FreeBSD.org (Postfix) with SMTP id 9BB7243FDF for ; Thu, 13 Nov 2003 02:37:56 -0800 (PST) (envelope-from roam@ringlet.net) Received: (qmail 11438 invoked from network); 13 Nov 2003 10:36:37 -0000 Received: from office.sbnd.net (HELO straylight.ringlet.net) (217.75.140.130) by gandalf.online.bg with SMTP; 13 Nov 2003 10:36:36 -0000 Received: (qmail 76021 invoked by uid 1000); 13 Nov 2003 10:37:51 -0000 Date: Thu, 13 Nov 2003 12:37:51 +0200 From: Peter Pentchev To: FreeBSD Security List Message-ID: <20031113103751.GM453@straylight.oblivion.bg> Mail-Followup-To: FreeBSD Security List References: <20031113102619.GB58969@users.munk.nu> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="DrWhICOqskFTAXiy" Content-Disposition: inline In-Reply-To: <20031113102619.GB58969@users.munk.nu> User-Agent: Mutt/1.5.5.1i Subject: Re: Apache leaks sensitive info in PHP phpinfo() calls X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Nov 2003 10:37:58 -0000 --DrWhICOqskFTAXiy Content-Type: text/plain; charset=windows-1251 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Nov 13, 2003 at 10:26:19AM +0000, Jez Hancock wrote: > Hi, >=20 > I wanted to get some opinions on this subject before I submit a PR about > it. I don't know if there are any pitfalls with the 'fix' I suggested > and though it best to run it past people here before submitting. If > there's a better place to post this please let me know (freebsd-ports?). >=20 > The send-pr output I was about to send explains everything so I'll just > paste it here: [snip] > The apache13 port control script /usr/local/sbin/apachectl is used to > control the apache httpd daemon. However the apachectl script does not > start with a clean environment, inheriting the environment of the user > that invokes the script. As a consequence the environment variables set > by the shell of the user that invokes apachectl (usually a UID 0 user) > are visible to users when executing a command such as phpinfo() in the > PHP $_ENV superglobal array. [snip] > HTTPD=3D/usr/local/sbin/httpd > - HTTPD=3D`echo /usr/bin/env -i $HTTPD` This would be a nice solution; by the way, the problem is not limited to PHP - it extends to any and all server-side scripting components/languages, including plain vanilla CGI executables, mod_perl, and many more. I wonder if this should not be brought up with the Apache developers though - it is not really FreeBSD-specific, and a fix to the FreeBSD port would not address the same problem in any of the other environments that Apache supports :) G'luck, Peter --=20 Peter Pentchev roam@ringlet.net roam@sbnd.net roam@FreeBSD.org PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 =2Esiht ekil ti gnidaer eb d'uoy ,werbeH ni erew ecnetnes siht fI --DrWhICOqskFTAXiy Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/s17/7Ri2jRYZRVMRAjjOAJ9zd8N5AumdeOqOeRFk+6aITDSflACeK0o9 6mBV95jMVu+q2Xenz6ySi4w= =+JYh -----END PGP SIGNATURE----- --DrWhICOqskFTAXiy-- From owner-freebsd-security@FreeBSD.ORG Thu Nov 13 02:56:08 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B6D1F16A4CE for ; Thu, 13 Nov 2003 02:56:08 -0800 (PST) Received: from munk.nu (mail.munk.nu [213.152.51.194]) by mx1.FreeBSD.org (Postfix) with ESMTP id B572743FE0 for ; Thu, 13 Nov 2003 02:56:07 -0800 (PST) (envelope-from munk@munk.nu) Received: from munk by munk.nu with local (Exim 4.24; FreeBSD 4.8) id 1AKF8w-000G53-JT for security@freebsd.org; Thu, 13 Nov 2003 10:56:06 +0000 Date: Thu, 13 Nov 2003 10:56:06 +0000 From: Jez Hancock To: FreeBSD Security List Message-ID: <20031113105606.GA61022@users.munk.nu> Mail-Followup-To: FreeBSD Security List References: <20031113102619.GB58969@users.munk.nu> <20031113103751.GM453@straylight.oblivion.bg> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20031113103751.GM453@straylight.oblivion.bg> User-Agent: Mutt/1.4.1i Sender: User Munk Subject: Re: Apache leaks sensitive info in PHP phpinfo() calls X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Nov 2003 10:56:08 -0000 On Thu, Nov 13, 2003 at 12:37:51PM +0200, Peter Pentchev wrote: > On Thu, Nov 13, 2003 at 10:26:19AM +0000, Jez Hancock wrote: > [snip] > > The apache13 port control script /usr/local/sbin/apachectl is used to > > control the apache httpd daemon. However the apachectl script does not > > start with a clean environment, inheriting the environment of the user > > that invokes the script. As a consequence the environment variables set > > by the shell of the user that invokes apachectl (usually a UID 0 user) > > are visible to users when executing a command such as phpinfo() in the > > PHP $_ENV superglobal array. > [snip] > > HTTPD=/usr/local/sbin/httpd > > - HTTPD=`echo /usr/bin/env -i $HTTPD` > > This would be a nice solution; by the way, the problem is not limited to > PHP - it extends to any and all server-side scripting > components/languages, including plain vanilla CGI executables, mod_perl, > and many more. Yes this is partly why I thought I should ask on some lists first before submitting a PR - for example with mod_perl - I wasn't sure if there was anything that might become broken by completely sanitizing the environment like I have (I don't use mod_perl on my server). > I wonder if this should not be brought up with the Apache developers > though - it is not really FreeBSD-specific, and a fix to the FreeBSD > port would not address the same problem in any of the other environments > that Apache supports :) Again yes! I wasn't sure why some kind of environment cleansing wasn't already done by the apachectl script and was wondering if perhaps I'd missed something - after searching for info on the subject I didn't find a lot of results so thought it was perhaps just me and the way I do things that was the problem :) I'll perhaps shoot off a mail to an apache list as well then. Thanks for the input Peter :) -- Jez Hancock - System Administrator / PHP Developer http://munk.nu/ From owner-freebsd-security@FreeBSD.ORG Wed Nov 5 09:41:57 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4114D16A4CE for ; Wed, 5 Nov 2003 09:41:57 -0800 (PST) Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by mx1.FreeBSD.org (Postfix) with ESMTP id 877B543FEA for ; Wed, 5 Nov 2003 09:41:55 -0800 (PST) (envelope-from wollman@khavrinen.lcs.mit.edu) Received: from khavrinen.lcs.mit.edu (localhost.nic.fr [IPv6:::1]) by khavrinen.lcs.mit.edu (8.12.9/8.12.9) with ESMTP id hA5HfrDa074768 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK CN=khavrinen.lcs.mit.edu issuer=SSL+20Client+20CA); Wed, 5 Nov 2003 12:41:54 -0500 (EST) (envelope-from wollman@khavrinen.lcs.mit.edu) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.12.9/8.12.9/Submit) id hA5HfrBJ074765; Wed, 5 Nov 2003 12:41:53 -0500 (EST) (envelope-from wollman) Date: Wed, 5 Nov 2003 12:41:53 -0500 (EST) From: Garrett Wollman Message-Id: <200311051741.hA5HfrBJ074765@khavrinen.lcs.mit.edu> To: Kim Needham In-Reply-To: <5.2.0.9.0.20031105114806.00b34b98@mail.chariot.net.au> References: <20031104180932.GA70958@rot13.obsecurity.org> <001901c3a2de$7ab72c10$6855cd80@dhcp.hwi.buffalo.edu> <4529.141.149.242.190.1067993236.squirrel@mail.hwi.buffalo. edu> <5.2.0.9.0.20031105114806.00b34b98@mail.chariot.net.au> X-Spam-Score: -6.6 () IN_REP_TO,QUOTED_EMAIL_TEXT X-Scanned-By: MIMEDefang 2.37 X-Mailman-Approved-At: Thu, 13 Nov 2003 03:12:52 -0800 cc: freebsd-security@freebsd.org Subject: Re: Veractiy and FreeBSD X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Nov 2003 17:41:57 -0000 < said: > This is caused by a check that determines if the /proc filesystem is on > the same device as the file being read to prevent reading in files of > infinite length. The correct way to perform this check is to call fstatfs() on the file descriptor and examine f_fstypename[] to see what it is. You probably shouldn't look explicitly at the type name; use getvfsbyname() on the type name; if (vfc_flags & VFCF_SYNTHETIC) then the contents of the file system are generated by the kernel. -GAWollman From owner-freebsd-security@FreeBSD.ORG Thu Nov 13 04:31:05 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 322B216A4CE for ; Thu, 13 Nov 2003 04:31:05 -0800 (PST) Received: from a2.scoop.co.nz (aurora.scoop.co.nz [203.96.152.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3671443FE0 for ; Thu, 13 Nov 2003 04:31:01 -0800 (PST) (envelope-from andrew@scoop.co.nz) Received: from localhost (localhost [127.0.0.1]) by a2.scoop.co.nz (8.12.10/8.12.10) with ESMTP id hADCUxto012974; Fri, 14 Nov 2003 01:30:59 +1300 (NZDT) (envelope-from andrew@scoop.co.nz) Date: Fri, 14 Nov 2003 01:30:59 +1300 (NZDT) From: Andrew McNaughton To: Jez Hancock In-Reply-To: <20031113105606.GA61022@users.munk.nu> Message-ID: <20031114011226.O10854@a2.scoop.co.nz> References: <20031113102619.GB58969@users.munk.nu> <20031113103751.GM453@straylight.oblivion.bg> <20031113105606.GA61022@users.munk.nu> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: FreeBSD Security List Subject: Re: Apache leaks sensitive info in PHP phpinfo() calls X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Nov 2003 12:31:05 -0000 On Thu, 13 Nov 2003, Jez Hancock wrote: > Date: Thu, 13 Nov 2003 10:56:06 +0000 > From: Jez Hancock > To: FreeBSD Security List > Subject: Re: Apache leaks sensitive info in PHP phpinfo() calls > > On Thu, Nov 13, 2003 at 12:37:51PM +0200, Peter Pentchev wrote: > > On Thu, Nov 13, 2003 at 10:26:19AM +0000, Jez Hancock wrote: > > [snip] > > > The apache13 port control script /usr/local/sbin/apachectl is used to > > > control the apache httpd daemon. However the apachectl script does not > > > start with a clean environment, inheriting the environment of the user > > > that invokes the script. As a consequence the environment variables set > > > by the shell of the user that invokes apachectl (usually a UID 0 user) > > > are visible to users when executing a command such as phpinfo() in the > > > PHP $_ENV superglobal array. > > [snip] > > > HTTPD=/usr/local/sbin/httpd > > > - HTTPD=`echo /usr/bin/env -i $HTTPD` > > > > This would be a nice solution; by the way, the problem is not limited to > > PHP - it extends to any and all server-side scripting > > components/languages, including plain vanilla CGI executables, mod_perl, > > and many more. > Yes this is partly why I thought I should ask on some lists first before > submitting a PR - for example with mod_perl - I wasn't sure if there was > anything that might become broken by completely sanitizing the > environment like I have (I don't use mod_perl on my server). There are a number of very useful things you can do by passing environment variables to apache. eg setting PERL5_LIBS. These things can often be done as well from within apache's httpd.conf, but there will be a lot of installations out there that will break in various ways when you block environment variables. Not necessarily enough reason not to make the change, but something to be aware of and to alert people to. And perhaps enough to give people time to adapt to. I suspect it would be better to have the apache executable clean the environment or not depending on a configuration directive. This should probably default to the current behaviour for a while with notification that this will change in future. Andrew -- No added Sugar. Not tested on animals. May contain traces of Nuts. If irritation occurs, discontinue use. ------------------------------------------------------------------- Andrew McNaughton Currently in Boomer Bay, Tasmania andrew@scoop.co.nz Mobile: +61 422 753 792 http://staff.scoop.co.nz/andrew/cv.doc From owner-freebsd-security@FreeBSD.ORG Thu Nov 13 04:40:09 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A80FA16A4CE for ; Thu, 13 Nov 2003 04:40:09 -0800 (PST) Received: from pcwin002.win.tue.nl (pcwin002.win.tue.nl [131.155.71.72]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1C83B43F3F for ; Thu, 13 Nov 2003 04:40:08 -0800 (PST) (envelope-from stijn@pcwin002.win.tue.nl) Received: from pcwin002.win.tue.nl (orb_rules@localhost [127.0.0.1]) by pcwin002.win.tue.nl (8.12.10/8.12.10) with ESMTP id hADCejqv045492 for ; Thu, 13 Nov 2003 13:40:45 +0100 (CET) (envelope-from stijn@pcwin002.win.tue.nl) Received: (from stijn@localhost) by pcwin002.win.tue.nl (8.12.10/8.12.10/Submit) id hADCejDW045490 for security@freebsd.org; Thu, 13 Nov 2003 13:40:45 +0100 (CET) (envelope-from stijn) Date: Thu, 13 Nov 2003 13:40:45 +0100 From: Stijn Hoop To: FreeBSD Security List Message-ID: <20031113124045.GG8993@pcwin002.win.tue.nl> References: <20031113102619.GB58969@users.munk.nu> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="E/DnYTRukya0zdZ1" Content-Disposition: inline In-Reply-To: <20031113102619.GB58969@users.munk.nu> User-Agent: Mutt/1.4.1i X-Bright-Idea: Let's abolish HTML mail! Subject: Re: Apache leaks sensitive info in PHP phpinfo() calls X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Nov 2003 12:40:09 -0000 --E/DnYTRukya0zdZ1 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Nov 13, 2003 at 10:26:19AM +0000, Jez Hancock wrote: > I wanted to get some opinions on this subject before I submit a PR about > it. I don't know if there are any pitfalls with the 'fix' I suggested > and though it best to run it past people here before submitting. If > there's a better place to post this please let me know (freebsd-ports?). FWIW, I have been doing a variation on this for a long time, no ill effects. I also think it is unwise to propagate every environment variable, but the solution should be implemented by the Apache people I think. Just a quick 'me too', --Stijn --=20 This sentence contradicts itself -- no actually it doesn't. -- Hofstadter --E/DnYTRukya0zdZ1 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/s3vNY3r/tLQmfWcRApi+AJ9EWGzzZ9L/qWqO4d9zhfSpcogUQgCdGHZr GUxiJgrLRYc8vTKEQp1E75s= =kbI6 -----END PGP SIGNATURE----- --E/DnYTRukya0zdZ1-- From owner-freebsd-security@FreeBSD.ORG Thu Nov 13 10:11:12 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8DCE016A4CE for ; Thu, 13 Nov 2003 10:11:12 -0800 (PST) Received: from cliff.cs.athabascau.ca (cliff.cs.athabascau.ca [131.232.10.7]) by mx1.FreeBSD.org (Postfix) with ESMTP id C1EF843FEC for ; Thu, 13 Nov 2003 10:11:11 -0800 (PST) (envelope-from dmitry@athabascau.ca) Received: from CONVERSION-DAEMON.local.athabascau.ca by local.athabascau.ca (PMDF V6.1-1 #30658) id <0HOA00B01YINVJ@local.athabascau.ca> for freebsd-security@freebsd.org; Thu, 13 Nov 2003 11:11:11 -0700 (MST) Received: from cs36.pc.athabascau.ca ([131.232.4.81]) by local.athabascau.ca (PMDF V6.1-1 #30658) with ESMTPS id <0HOA00IMXYIL2X@local.athabascau.ca> for freebsd-security@freebsd.org; Thu, 13 Nov 2003 11:11:11 -0700 (MST) Date: Thu, 13 Nov 2003 11:12:10 -0700 From: "Dmitry S. Makovey" To: freebsd-security@freebsd.org Message-id: <200311131112.18246.dmitry@athabascau.ca> Organization: Athabasca Open University MIME-version: 1.0 Content-type: Text/Plain; charset=koi8-r Content-transfer-encoding: QUOTED-PRINTABLE Content-disposition: inline Content-description: clearsigned data User-Agent: KMail/1.5.4 Subject: What could be on udp:48152 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Nov 2003 18:11:12 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, I'm running stock FreeBSD with services running: samba (connectio= ns=20 allowed only from local network), lpd (same), bind (all interfaces), = apache=20 (all), zope (local) This machine is home gateway/http/printserver. Recently some strange things happened as my printer all of sudden sta= rted to=20 print stuff when nobody prints... luckily (or unluckily) it ran out o= f ink so=20 I can't tell what's printed. Checked programs running, ports opened a= nd found=20 one unidentified: udp4 0 0 *.49152 *.* dimon@gateway ~ > sockstat | grep 49152 bind named 270 4 udp4 *:49152 *:* Now', is there any reason for bind to use this port? Googling for that subject didn't bring any results other than usualy = this port=20 is first available for dynamic ports. Which doesn't make sence to me. System: FreeBSD 5.1 - --=20 Dmitry Makovey Web Systems Administrator Athabasca University (780) 675-6245 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/s8mAyDrVuGfS98QRAlo6AJ9Miz8bbYjkldiTvSGOd+LfwY/3CACcCQAj eNMb97scSLfQDvoHE6nx+L8=3D =3Dp4RL -----END PGP SIGNATURE----- From owner-freebsd-security@FreeBSD.ORG Thu Nov 13 10:20:46 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A157B16A4CE for ; Thu, 13 Nov 2003 10:20:46 -0800 (PST) Received: from worf.kerna.com (worf.kerna.com [194.106.143.118]) by mx1.FreeBSD.org (Postfix) with SMTP id 4FC2743FB1 for ; Thu, 13 Nov 2003 10:20:42 -0800 (PST) (envelope-from james@kerna.ie) Received: (qmail 55639 invoked by uid 1001); 13 Nov 2003 18:20:48 -0000 Date: Thu, 13 Nov 2003 18:20:48 +0000 From: James Raftery To: freebsd-security@freebsd.org Message-ID: <20031113182048.GV45398@bender.kerna.ie> Mail-Followup-To: freebsd-security@freebsd.org References: <200311131112.18246.dmitry@athabascau.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200311131112.18246.dmitry@athabascau.ca> Subject: Re: What could be on udp:48152 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Nov 2003 18:20:46 -0000 On Thu, Nov 13, 2003 at 11:12:10AM -0700, Dmitry S. Makovey wrote: > dimon@gateway ~ > sockstat | grep 49152 > bind named 270 4 udp4 *:49152 *:* > > Now', is there any reason for bind to use this port? Googling for > that subject didn't bring any results other than usualy this port is > first available for dynamic ports. Which doesn't make sence to me. It's the port it uses for sysqueries. You can tell named to use a specific port using the query-source option. ATB, james From owner-freebsd-security@FreeBSD.ORG Thu Nov 13 10:23:10 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5C16A16A4CE for ; Thu, 13 Nov 2003 10:23:10 -0800 (PST) Received: from relay.pair.com (relay.pair.com [209.68.1.20]) by mx1.FreeBSD.org (Postfix) with SMTP id 5AB7543FA3 for ; Thu, 13 Nov 2003 10:23:09 -0800 (PST) (envelope-from silby@silby.com) Received: (qmail 79111 invoked from network); 13 Nov 2003 18:23:08 -0000 Received: from niwun.pair.com (HELO localhost) (209.68.2.70) by relay.pair.com with SMTP; 13 Nov 2003 18:23:08 -0000 X-pair-Authenticated: 209.68.2.70 Date: Thu, 13 Nov 2003 12:23:07 -0600 (CST) From: Mike Silbersack To: "Dmitry S. Makovey" In-Reply-To: <200311131112.18246.dmitry@athabascau.ca> Message-ID: <20031113122147.L558@odysseus.silby.com> References: <200311131112.18246.dmitry@athabascau.ca> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-security@freebsd.org Subject: Re: What could be on udp:48152 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Nov 2003 18:23:10 -0000 On Thu, 13 Nov 2003, Dmitry S. Makovey wrote: > dimon@gateway ~ > sockstat | grep 49152 > bind named 270 4 udp4 *:49152 *:* > > Now', is there any reason for bind to use this port? > Googling for that subject didn't bring any results other than usualy this port > is first available for dynamic ports. Which doesn't make sence to me. > > System: > FreeBSD 5.1 > > - -- > Dmitry Makovey Bind uses a dynamically bound port for outbound DNS queries. 5.1 uses a different range of ports (49152-65535) for dynamic ports than 4.x did (1024-5000). If you search for bind and port 1024, you'll find hundreds of people asking the same question. :) Mike "Silby" Silbersack From owner-freebsd-security@FreeBSD.ORG Thu Nov 13 10:25:28 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7616C16A4CE for ; Thu, 13 Nov 2003 10:25:28 -0800 (PST) Received: from eterna.binary.net (eterna.binary.net [216.229.0.25]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8EA7F43FBF for ; Thu, 13 Nov 2003 10:25:27 -0800 (PST) (envelope-from blaine@binary.net) Received: from matrix.binary.net (matrix.binary.net [216.229.0.2]) by eterna.binary.net (Postfix) with ESMTP id 007CCB45C2; Thu, 13 Nov 2003 12:25:18 -0600 (CST) Received: by matrix.binary.net (Postfix, from userid 1021) id BA41E102A25; Thu, 13 Nov 2003 12:25:17 -0600 (CST) Date: Thu, 13 Nov 2003 12:25:17 -0600 From: Blaine Kahle To: 88 beastie Message-ID: <20031113182517.GA60015@binary.net> Mail-Followup-To: 88 beastie , freebsd-security@freebsd.org References: <20031113070256.569.qmail@bsdmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20031113070256.569.qmail@bsdmail.com> User-Agent: Mutt/1.4.1i cc: freebsd-security@freebsd.org Subject: Re: really clean install? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Nov 2003 18:25:28 -0000 On Thu, Nov 13, 2003 at 03:02:55PM +0800, 88 beastie wrote: > Good evening, I was finish the FreeBSD4.9 installation from CD, and > only do some edit with the /etc/rc.firewall, /etc/rc.conf, > /boot/defaults/loader.conf, and recompiling the kernel to support my > ext2 backup harddisk, with sndcard support too. > > This's a old laptop (ibm380z), i have chkrootkit warning after all > finished, i attached my uname -a, dmesg, pkg_info and chkrootkit > result, please guide me whether my machine have problem? or it's a > bug? > chkrootkit-0.41 A tool to locally check for signs of a rootkit Try using chkrootkit-0.42b from http://www.chkrootkit.org/. I suspect what you're seeing is just a bug in 0.41 . 0.42b on a new FreeBSD 4.9 install of mine finds no problems. -- Blaine Kahle blaine@binary.net 0x178AA0E0 From owner-freebsd-security@FreeBSD.ORG Thu Nov 13 11:00:39 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 495ED16A4CF for ; Thu, 13 Nov 2003 11:00:39 -0800 (PST) Received: from cliff.cs.athabascau.ca (cliff.cs.athabascau.ca [131.232.10.7]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7C64243F85 for ; Thu, 13 Nov 2003 11:00:38 -0800 (PST) (envelope-from dmitry@athabascau.ca) Received: from CONVERSION-DAEMON.local.athabascau.ca by local.athabascau.ca (PMDF V6.1-1 #30658) id <0HOB00N010SEGG@local.athabascau.ca> for freebsd-security@freebsd.org; Thu, 13 Nov 2003 12:00:14 -0700 (MST) Received: from cs36.pc.athabascau.ca ([131.232.4.81]) by local.athabascau.ca (PMDF V6.1-1 #30658) with ESMTPS id <0HOB00N0U0SE2Z@local.athabascau.ca> for freebsd-security@freebsd.org; Thu, 13 Nov 2003 12:00:14 -0700 (MST) Date: Thu, 13 Nov 2003 12:01:23 -0700 From: "Dmitry S. Makovey" In-reply-to: <20031113182048.GV45398@bender.kerna.ie> To: freebsd-security@freebsd.org Message-id: <200311131201.24788.dmitry@athabascau.ca> Organization: Athabasca Open University MIME-version: 1.0 Content-type: Text/Plain; charset=koi8-r Content-transfer-encoding: QUOTED-PRINTABLE Content-disposition: inline Content-description: clearsigned data User-Agent: KMail/1.5.4 References: <200311131112.18246.dmitry@athabascau.ca> <20031113182048.GV45398@bender.kerna.ie> Subject: Re: What could be on udp:48152 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Nov 2003 19:00:39 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On November 13, 2003 11:20 am, James Raftery wrote: > On Thu, Nov 13, 2003 at 11:12:10AM -0700, Dmitry S. Makovey wrote: > > dimon@gateway ~ > sockstat | grep 49152 > > bind named 270 4 udp4 *:49152 *:* > > > > Now', is there any reason for bind to use this port? Googling fo= r > > that subject didn't bring any results other than usualy this port= is > > first available for dynamic ports. Which doesn't make sence to me= . > > It's the port it uses for sysqueries. You can tell named to use a s= pecific > port using the query-source option. Tahnks for replies. Now I can sleep better :) - --=20 Dmitry Makovey Web Systems Administrator Athabasca University (780) 675-6245 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/s9UDyDrVuGfS98QRAlvnAKCMSYIT1DOG13eexGG6CyOOY4mjzACeJRbK 2Huu3cRmEGAjnvM07g5Z60k=3D =3Dnm0Y -----END PGP SIGNATURE----- From owner-freebsd-security@FreeBSD.ORG Fri Nov 14 01:36:13 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 08A9B16A4CE for ; Fri, 14 Nov 2003 01:36:13 -0800 (PST) Received: from smtp.des.no (flood.des.no [217.116.83.31]) by mx1.FreeBSD.org (Postfix) with ESMTP id B035C43FBD for ; Fri, 14 Nov 2003 01:36:11 -0800 (PST) (envelope-from des@des.no) Received: by smtp.des.no (Pony Express, from userid 666) id 75B2F530C; Fri, 14 Nov 2003 10:36:10 +0100 (CET) Received: from dwp.des.no (des.no [80.203.228.37]) by smtp.des.no (Pony Express) with ESMTP id E49305308; Fri, 14 Nov 2003 10:36:02 +0100 (CET) Received: by dwp.des.no (Postfix, from userid 2602) id 6DF3F33C65; Fri, 14 Nov 2003 10:36:02 +0100 (CET) To: unix_list References: <001601c3a9c9$5732e620$640aa8c0@nisse> <20031113104239.453f9019.unix_list@post.cz> From: des@des.no (Dag-Erling =?iso-8859-1?q?Sm=F8rgrav?=) Date: Fri, 14 Nov 2003 10:36:02 +0100 In-Reply-To: <20031113104239.453f9019.unix_list@post.cz> (unix list's message of "Thu, 13 Nov 2003 10:42:39 +0100") Message-ID: User-Agent: Gnus/5.090024 (Oort Gnus v0.24) Emacs/21.3 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on flood.des.no X-Spam-Level: ss X-Spam-Status: No, hits=2.5 required=5.0 tests=RCVD_IN_DYNABLOCK autolearn=no version=2.60 cc: freebsd-security@freebsd.org Subject: Re: SSHD password authentication issue in 4.9-RELEASE and 5.1-RELEASE X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 Nov 2003 09:36:13 -0000 unix_list writes: > try disable PAM auth. There's no need for that. Just comment out the 'sshd auth required pam_unix.so' line in /etc/pam.conf (4.9) or the 'auth required pam_unix.so' line in /etc/pam.d/sshd (5.1). Beware that if you have uncommented any of the "sufficient" lines you should make sure that there is a "required" or "requisite" line after them (pan_deny.so is good for this) or you might be surprised. DES --=20 Dag-Erling Sm=F8rgrav - des@des.no