I disagree; in a work environment where there's a server room with a bunch of machines with a KVM attached but no physical access, this opens up the machines to attacks from insiders that don't have access.
I mean, shit, when it comes to security it's always better to be safe than sorry.
It probably is a real buffer overflow; the problem though is injecting executable code into the textbox. Manually entering in the "sh" program would be a little tricky, but it still sounds like an overflow.
In a graphical multi-user OS, a screensaver exploit is pretty bad. If the root user leaves the machine screen-locked then anyone can access the system. How is this not bad?
I'm running a huge ReiserFS slab of space over an LVM IDE cluster using cheap drives and Promise cards, and it's perfect - totally stable and the box has lots of traffic with uptime approaching 6 months.
But, it's looking as if the LVM code isn't actually included in the 2.5/2.6 series of kernel (I could be wrong). If you plan on upgrading to this eventually, stay away from LVM. If you don't care just dive in.
Wow, three replies with good points. Again, I've never found a worthwhile reason for me to activate it - luckily I've yet to have a box r00ted (knock on wood).
I had the same problem. Disable access time in your fstab file and the drive will not be so frequent - apparently ReiserFS spools and flushes the atime data, keeping everything spun up. Make a line in fstab like this:
It's not that I don't like improvments in the product line - progressive scan playing for DVD's and backlit LCDs both existed when the GBA and PS2 systems originally came out.
I don't like no easy upgrade path - at least have a trade-in program or something.
Why did Sony charge more here in Japan for the color-cased PS2s? Because they can!
Of course a small hardware revision shouldn't cost the consumer anything, but I'm positive it'll be slightly more expensive at first. Sony, unlike Microsoft, does make a profit off of their systems and usually prices them accordingly.
Regardless of stupidity, they've done it before. Look at the most recent version of Visual Basic.NET - no old projects will compile. AFAIK many language-specific features like dynamic arrays are now gone since they weren't shoehorned into the.NET architecture.
Um, if the authentication is standardized wouldn't it be easier for a spammer to get authorized? I'd prefer a different authentication method for every e-mail account, kinda like a spam Turing test.
First of all, I really enjoy FFX-2. Got it on the first day and I love it, hell of a lot of fun. It's a very Japanese RPG game and you're right, there's a j-POP theme song - oh no! That didn't hurt the sales of Kingdom Hearts. And it's not as short as the rumors, you can beat it in 10 hours if you really try, or take 100 - it's up to you, just like FFX.
Secondly, they shipped 1.8 million copies here on the first day and sold an unbelievable 1.2 million copies. If that's slipping down a mountain, I don't know what the hell you'd call a success.
That's up for debate. If IIS requires iexplore.exe to be loaded for it's own operation, and iexplore.exe has it's claws into kernel space, than doesn't IIS use kernel space?
You can run IIS6 as "nobody", but try running it without Internet Explorer installed.
The kernel webserver is a very optional module, and I don't think a single distribution ships kernels with it enabled. With IIS, you don't have the choice.
If the site is already Slashdotted and subscribes to this technology, I'd imagine quite a few readers of this site would install the plugin to get the content.
Am I the only one who laughed my ass off at those "cutting-edge" graphics? And it requires a sick machine too (with 3D acceleration)! God, I've had video games on the PC and PS2 for years that blow the shit out of this thing.
Thanks for the offer guys, but I'll keep not buying Nike in the real world;-)
Read my post again - I've setup both Outlook and Exchange, many times. The protocol for Exchange is absolutely brutal. I really don't need a retarded monkey (otherwise known as an MCSE) to walk me through it.
On the other hand, I'd love to see an MCSE trying to configure Sendmail.
Slashdot Mirror
I mean, shit, when it comes to security it's always better to be safe than sorry.
It probably is a real buffer overflow; the problem though is injecting executable code into the textbox. Manually entering in the "sh" program would be a little tricky, but it still sounds like an overflow.
In a graphical multi-user OS, a screensaver exploit is pretty bad. If the root user leaves the machine screen-locked then anyone can access the system. How is this not bad?
But, it's looking as if the LVM code isn't actually included in the 2.5/2.6 series of kernel (I could be wrong). If you plan on upgrading to this eventually, stay away from LVM. If you don't care just dive in.
Wow, three replies with good points. Again, I've never found a worthwhile reason for me to activate it - luckily I've yet to have a box r00ted (knock on wood).
In fact, I disable access time tracking on every box I work with. I haven't found a worthwhile reason to ever enable it. And that's my 2 cents!
Midnight Club 2 rules for network play. Lots of cool modes of playing and a kick-ass game to boot, I highly recommend it.
SOCOM is supposed to be good too, but I have yet to try it.
Uh, any source package that uses the GNU autoconf/automake system (read: probably 99% of them) have a built-in make uninstall target.
So far this is the best way I've found to speed up KDE.
Try out SpamGourmet. They do all this for you without the hassle.
I don't like no easy upgrade path - at least have a trade-in program or something.
Of course a small hardware revision shouldn't cost the consumer anything, but I'm positive it'll be slightly more expensive at first. Sony, unlike Microsoft, does make a profit off of their systems and usually prices them accordingly.
Sony's upgrade path is the same as Nintendo's upgrade path for the Game Boy SP: a big fuck you.
1. Yes, at first.
2. No.
3. No.
4. No.
5. No.
These are guesses, but I'm betting these answers are correct.
Regardless of stupidity, they've done it before. Look at the most recent version of Visual Basic .NET - no old projects will compile. AFAIK many language-specific features like dynamic arrays are now gone since they weren't shoehorned into the .NET architecture.
Um, if the authentication is standardized wouldn't it be easier for a spammer to get authorized? I'd prefer a different authentication method for every e-mail account, kinda like a spam Turing test.
Secondly, they shipped 1.8 million copies here on the first day and sold an unbelievable 1.2 million copies. If that's slipping down a mountain, I don't know what the hell you'd call a success.
You can run IIS6 as "nobody", but try running it without Internet Explorer installed.
Whoah, modern-day equivalent of sugar in the gas tank.
The kernel webserver is a very optional module, and I don't think a single distribution ships kernels with it enabled. With IIS, you don't have the choice.
Dude, that rules.
If the site is already Slashdotted and subscribes to this technology, I'd imagine quite a few readers of this site would install the plugin to get the content.
Should have previewed my post, you're right - way too many spritual words.
Thanks for the offer guys, but I'll keep not buying Nike in the real world ;-)
On the other hand, I'd love to see an MCSE trying to configure Sendmail.