[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-users] Re: cobalt-users digest, Vol 1 #1386 - 25 msgs
- Subject: [cobalt-users] Re: cobalt-users digest, Vol 1 #1386 - 25 msgs
- From: Brendon Llewellyn <brendon@xxxxxxxxxx>
- Date: Fri Sep 22 16:51:46 2000
- Organization: eis.net
cobalt-users-admin@xxxxxxxxxxxxxxx wrote:
>
> Send cobalt-users mailing list submissions to
> cobalt-users@xxxxxxxxxxxxxxx
>
> To subscribe or unsubscribe via the web, visit
> http://list.cobalt.com/mailman/listinfo/cobalt-users
> or, via email, send a message with subject or body 'help' to
> cobalt-users-request@xxxxxxxxxxxxxxx
> You can reach the person managing the list at
> cobalt-users-admin@xxxxxxxxxxxxxxx
>
> When replying, please edit your Subject line so it is more specific than
> "Re: Contents of cobalt-users digest..."
>
> Today's Topics:
>
> 1. Re: using Webmin-0.81 or phpmysql (Steven Werby)
> 2. Re: Raq2 - SSL and PHP4.02 (Owen Lees)
> 3. Re: using Webmin-0.81 or phpmysql (Steven Werby)
> 4. RE: Help! : Raq2 Broken Control Panel (Dan Kriwitsky)
> 5. Re: 6650 Upgrade (Nick Voth)
> 6. Re: using Webmin-0.81 or phpmysql (Brad Rathbun)
> 7. Re: Sun Micro to buy Cobalt in $2 billion stock deal (Rik Thomas)
> 8. Re: Name Based accounts (Arsalan Mahmud)
> 9. "old" perl (Florian Effenberger)
> 10. .htaccess question (Florian Effenberger)
> 11. suggestion to Cobalt: vacation program (Florian Effenberger)
> 12. Re: Re[3]: [cobalt-users] wish to Cobalt: suppressing
> "sensitive"information (Kris Dahl)
> 13. Re: "old" perl (Fabrice Prémel)
> 14. Re: wish to Cobalt: suppressing "sensitive"
> information (Kris Dahl)
> 15. Re[2]: [cobalt-users] "old" perl (Florian Effenberger)
> 16. Re[2]: [cobalt-users] wish to Cobalt: suppressing "sensitive" information (Florian Effenberger)
> 17. Re: .htaccess question (Brian Curtis)
> 18. Re: .htaccess question (Kris Dahl)
> 19. Re[2]: [cobalt-users] .htaccess question (Florian Effenberger)
> 20. RE: suggestion to Cobalt: vacation program (Dan Kriwitsky)
> 21. RE: Help! : Raq2 Broken Control Panel (Dan Kriwitsky)
> 22. Would someone unsubscribe cedryc? (Dan Kriwitsky)
> 23. Re[2]: [cobalt-users] "old" perl (Geoff Baysinger)
>
> --__--__--
>
> Message: 1
> From: "Steven Werby" <steven-lists@xxxxxxxxxxxx>
> To: <cobalt-users@xxxxxxxxxxxxxxx>
> Subject: Re: [cobalt-users] using Webmin-0.81 or phpmysql
> Date: Thu, 21 Sep 2000 10:52:51 -0400
> charset="iso-8859-1"
> Reply-To: cobalt-users@xxxxxxxxxxxxxxx
>
> "John Cordeiro" <jcordeiro@xxxxxxxx> wrote:
> > Has anyone installed webmin-0.81 on a RAQ3. I am trying to figure out if I
> > should use phpmysql or webmin for mysql interactions.
>
> I wasn't even aware that webmin had a MySQL admin tool. I recall that Brad
> Rathbun has been using webmin on a RaQ (RaQ3 if I recall correctly). You
> may want to search the archives or email him directly to find out what
> version and if he's still having success with it. I'm not familiar with
> "phpmysql" - do you have a URL for it?
>
> If phpmysql then is
> > there a version for the raq anywhere, none at cobalt I looked.
> >
> > I've tried to install phpmysql but its the wrong version for the mysql
> > cobalt has posted on their site.
>
> I like phpMyAdmin as a web-based MySQL admin interface. I rarely use it
> myself (prefer using the MySQL commandline), but my employees use it and
> some of our clients swear by it. You can grab it from www.phpwizards.net.
>
> Steven Werby (steven-lists@xxxxxxxxxxxx)
>
> --__--__--
>
> Message: 2
> Reply-To: "Owen Lees" <owen@xxxxxxxxxxxxxxxx>
> From: "Owen Lees" <owen@xxxxxxxxxxxxxxxx>
> To: <cobalt-users@xxxxxxxxxxxxxxx>
> Date: Thu, 21 Sep 2000 16:01:15 +0100
> charset="iso-8859-1"
> Subject: [cobalt-users] Re: Raq2 - SSL and PHP4.02
> Reply-To: cobalt-users@xxxxxxxxxxxxxxx
>
> Ok... I actually dont care WHAT it is! I just need to solve the SSL riddle
> before I swallow my gizzard...
>
> Owen!
>
> > I want to put an ssl server on my (steam driven) Raq2 which I have
>
> > 1. Does the ssl modules (whether from brosoft or anyone else) work with
> PHP?
>
> But as I recall the SSL on RaQ2 is not a module, but a separate daemon
>
I wouls love to get php working with brosoft ssl.
Have tried for days. error not a module?
Brendon LLewellyn
brendon@xxxxxxxxxx
> Message: 3
> From: "Steven Werby" <steven-lists@xxxxxxxxxxxx>
> To: <cobalt-users@xxxxxxxxxxxxxxx>
> Subject: Re: [cobalt-users] using Webmin-0.81 or phpmysql
> Date: Thu, 21 Sep 2000 11:07:47 -0400
> charset="iso-8859-1"
> Reply-To: cobalt-users@xxxxxxxxxxxxxxx
>
> "Cody Watkins" <codyw@xxxxxxxxxxxxxxxxx> wrote:
> > I installed the phpmyadmin v. 2.0.5 on my raq3, and it runs fine with PHP3
> > and Mysql 3.22.32-1
>
> Also works well with PHP4.0.x on RaQ2/3/4 with MySQL 3.22.32. Probably
> works fine with other combinations, but those are the only RaQ-MySQL combos
> I've tested. It installs out of the box with no special tweaks for the
> RaQs.
>
> Steven Werby (steven-lists@xxxxxxxxxxxx)
>
> --__--__--
>
> Message: 4
> Reply-To: <dan@xxxxxxxxxxxxx>
> From: "Dan Kriwitsky" <dan@xxxxxxxxxxxxx>
> To: <cobalt-users@xxxxxxxxxxxxxxx>
> Subject: RE: [cobalt-users] Help! : Raq2 Broken Control Panel
> Date: Thu, 21 Sep 2000 11:10:12 -0400
> charset="iso-8859-1"
> Reply-To: cobalt-users@xxxxxxxxxxxxxxx
>
> > dan someone posted a raq gui regenerator. It regenerates the interface for
> > you. Look for it. I have used it once or twice.
> >
>
> Check the thread. I'm not having a problem. I was replying to someone else.
>
> --
> Dan Kriwitsky
>
>
>
> --__--__--
>
> Message: 5
> Date: Thu, 21 Sep 2000 09:11:49 -0600
> From: "Nick Voth" <nvoth@xxxxxxxxxxx>
> To: cobalt-users@xxxxxxxxxxxxxxx
> Subject: [cobalt-users] Re: 6650 Upgrade
> Reply-To: cobalt-users@xxxxxxxxxxxxxxx
>
> We installed it last night on several RaQ3's and everything seems to be
> working fine.
>
> -Nick Voth
>
> > Message: 18
> > Date: Thu, 21 Sep 2000 10:30:35 -0400
> > From: Keith <keith@xxxxxxxxx>
> > To: <cobalt-users@xxxxxxxxxxxxxxx>
> > Subject: [cobalt-users] 6650 Upgrade
> > Reply-To: cobalt-users@xxxxxxxxxxxxxxx
> >
> > Has anyone experienced any problems with this update?
> >
> > Keith
> > ----------------------
> > CyberSailing LLC
> > Suite #246
> > 297-101 Kinderkamack Rd.
> > Oradell, NJ 07649
> > www.csail.com
> > keith@xxxxxxxxx
> > Fax: 201-487-7245
> > ----------------------
>
> --__--__--
>
> Message: 6
> From: "Brad Rathbun" <brad@xxxxxxxxxxxxxxx>
> To: <cobalt-users@xxxxxxxxxxxxxxx>
> Subject: Re: [cobalt-users] using Webmin-0.81 or phpmysql
> Date: Thu, 21 Sep 2000 08:35:18 -0700
> Organization: CompuTech Internet Services
> charset="iso-8859-1"
> Reply-To: cobalt-users@xxxxxxxxxxxxxxx
>
> > I wasn't even aware that webmin had a MySQL admin tool. I recall that
> Brad
> > Rathbun has been using webmin on a RaQ (RaQ3 if I recall correctly). You
> > may want to search the archives or email him directly to find out what
> > version and if he's still having success with it. I'm not familiar with
> > "phpmysql" - do you have a URL for it?
> >
>
> Yes, we still use it and we still like it. In fact, we grow more reliant on
> it every day. They just released version 0.81 but we haven't upgraded from
> 0.80 yet. It *does* have a MySQL module in it and it works wonderfully. I
> have been using it extensively to check my data and queries while developing
> my PHP apps.
>
> -----------------------------------------------
> Brad Rathbun
> Follow the Leader! CompuTech Internet Services
>
> --__--__--
>
> Message: 7
> Date: Thu, 21 Sep 2000 12:20:42 -0400 (EDT)
> From: Rik Thomas <rikt@xxxxxxxxxxxx>
> To: cobalt-users@xxxxxxxxxxxxxxx
> Subject: Re: [cobalt-users] Sun Micro to buy Cobalt in $2 billion stock deal
> Reply-To: cobalt-users@xxxxxxxxxxxxxxx
>
> Sun is as slow, if not slower, than Microsoft fixing problems with their
> code. I'll stay with redhat on my sun boxen
>
> On Tue, 19 Sep 2000, David Reid wrote:
>
> > I think all vendors could probably make improvements in their support
> > but generally speaking, I have found Sun to be better than most.
> >
> > David Reid
> >
> >
> > Rik Thomas wrote:
> >
> > > You don't know Sun's reputation with Solaris then.
> > >
> > > On Tue, 19 Sep 2000, Vachon, Scott wrote:
> > >
> > > > >I think us early adopters should be considered investors
> > > > >and given a stake...
> > > >
> > > >
>
> --
> Rik Thomas CTO rikt@xxxxxxxxxxxx
> Delaware.Net, Inc. http://www.delaware.net
> P:302.736.5515 F:302.736.5945 ICQ:879956
> --
> $20 Domains!!! http://register.delaware.net
>
> --__--__--
>
> Message: 8
> From: "Arsalan Mahmud" <arsalan@xxxxxxxxxxxx>
> To: <cobalt-users@xxxxxxxxxxxxxxx>
> Subject: Re: [cobalt-users] Name Based accounts
> Date: Thu, 21 Sep 2000 22:00:42 +0500
> charset="iso-8859-1"
> Reply-To: cobalt-users@xxxxxxxxxxxxxxx
>
> Does that mean that you can only setup 32 site per ip ? I already have about
> 130 accounts on my raq.
>
> Arsalan
>
> ----- Original Message -----
> From: "John Cordeiro" <jcordeiro@xxxxxxxx>
> To: <cobalt-users@xxxxxxxxxxxxxxx>
> Sent: Thursday, September 21, 2000 5:54 PM
> Subject: RE: [cobalt-users] Name Based accounts
>
> > the Admin can only belong to 32 groups. So if you set up 200 sites you'll
> > have trouble way before that point. There are list articles that explain
> > this better search for admin group limit.
> >
> > John Cordeiro
> >
> > -----Original Message-----
> > From: cobalt-users-admin@xxxxxxxxxxxxxxx
> > [mailto:cobalt-users-admin@xxxxxxxxxxxxxxx]On Behalf Of Arsalan Mahmud
> > Sent: Thursday, September 21, 2000 8:13 AM
> > To: cobalt-users@xxxxxxxxxxxxxxx
> > Subject: Re: [cobalt-users] Name Based accounts
> >
> >
> > Hi,
> > As far as I know there is 200 site limit on a raq3. If their is some
> other
> > limit please also let me know.
> >
> > Arsalan Mahmud
> >
> >
> > ----- Original Message -----
> > From: "Andre Roodt" <aroodt@xxxxxxxxxx>
> > To: <cobalt-users@xxxxxxxxxxxxxxx>
> > Sent: Thursday, September 21, 2000 4:02 PM
> > Subject: [cobalt-users] Name Based accounts
> >
> >
> > > I plan to offer name based hosting, and would like to know from other
> > users
> > > what the practical limit is per server for the number of name based
> > accounts
> > > (Raq3,4). I know there can be 250 accounts per I.P., but at what point
> > does
> > > the Raq start struggling performance wise. I will install 512mb of Ram
> per
> > > server. I am hoping to offer upwards of 500 accounts per server to make
> my
> > > low pricing feasible.
> > >
> > > Thanks
> > > Andre Roodt
> > >
> > >
> > > _______________________________________________
> > > cobalt-users mailing list
> > > cobalt-users@xxxxxxxxxxxxxxx
> > > To Subscribe or Unsubscribe, please go to:
> > > http://list.cobalt.com/mailman/listinfo/cobalt-users
> > >
> >
> >
> > _______________________________________________
> > cobalt-users mailing list
> > cobalt-users@xxxxxxxxxxxxxxx
> > To Subscribe or Unsubscribe, please go to:
> > http://list.cobalt.com/mailman/listinfo/cobalt-users
> >
> >
> > _______________________________________________
> > cobalt-users mailing list
> > cobalt-users@xxxxxxxxxxxxxxx
> > To Subscribe or Unsubscribe, please go to:
> > http://list.cobalt.com/mailman/listinfo/cobalt-users
> >
> >
>
> --__--__--
>
> Message: 9
> Date: Thu, 21 Sep 2000 17:56:04 +0200
> From: Florian Effenberger <florian.effenberger@xxxxxxxxxxxxx>
> To: cobalt-users@xxxxxxxxxxxxxxx
> Subject: [cobalt-users] "old" perl
> Reply-To: cobalt-users@xxxxxxxxxxxxxxx
>
> Hi,
>
> why uses the RaQ3 such an "old" version of Perl? 5.6 is current, and
> 5.005 or so is installed
>
> --
> Florian Effenberger
>
> --__--__--
>
> Message: 10
> Date: Thu, 21 Sep 2000 17:59:40 +0200
> From: Florian Effenberger <florian.effenberger@xxxxxxxxxxxxx>
> To: cobalt-users@xxxxxxxxxxxxxxx
> Subject: [cobalt-users] .htaccess question
> Reply-To: cobalt-users@xxxxxxxxxxxxxxx
>
> Hello,
>
> some services who authenticiate via .htaccess offer the option to log
> out again. Meaning, you click on "Logout" and the next time you visit
> the site, the user information from the browser cache is not re-read,
> so you have to enter it again.
>
> They do NOT use different, randomly-generated "realms" for that.
>
> Any hints what this could be? How can I implement such a logout
> option myself?
>
> Thanks,
> Florian
>
> --
> Florian Effenberger
>
> --__--__--
>
> Message: 11
> Date: Thu, 21 Sep 2000 19:05:46 +0200
> From: Florian Effenberger <florian.effenberger@xxxxxxxxxxxxx>
> To: jlovell@xxxxxxxxxx, cobalt-users@xxxxxxxxxxxxxxx
> Subject: [cobalt-users] suggestion to Cobalt: vacation program
> Reply-To: cobalt-users@xxxxxxxxxxxxxxx
>
> Hi,
>
> I have a suggestion to Cobalt regarding the vacation program. PLEASE
> PLEASE PLEASE make it more comfortable!!
>
> I want customizable subjects, sending addresses (leave out that damn
> hostname 'www'!! :) and time until a new one is sent.
>
> thanks,
> Florian
>
> --
> Florian Effenberger
>
> --__--__--
>
> Message: 12
> Date: Thu, 21 Sep 2000 10:09:33 -0700
> Subject: Re: Re[3]: [cobalt-users] wish to Cobalt: suppressing
> "sensitive"information
> From: Kris Dahl <krislists@xxxxxxxxxxxxx>
> To: <cobalt-users@xxxxxxxxxxxxxxx>
> Reply-To: cobalt-users@xxxxxxxxxxxxxxx
>
> on 9/21/00 2:38 AM, Jerome Tytgat at j.tytgat@xxxxxxxx wrote:
>
> >
> >> I agree, its NOT a good idea. But neither is running software with an
> >> exploit available. Patching the the software is the solution.
> >> Also, there
> >> are many ways of fingerprinting a system, software, etc. not just
> >> based upon
> >> those messages.
>
> > Right but why making the hacker life simplier ???? As really easy
> > to suppress theses informations...
>
> It is also really easy just to update the packages. I guess I am saying
> that keeping up to date on security is not as simple as being in 'shy' mode.
> You have to update software--and if you think that not announcing version
> numbers, etc., is a good way of making a hacker's life more difficult, then
> you'd be wrong.
>
> Turning of 'identifying' features is only a small effect.
>
> >> It is a publicly readable file, for Christ's sake! On a shared
> >> server! You
> >> don't put sensitive information or code, or *anything* on a
> >> server with such
> >> circumstances!
>
> > It depends... maybe we want to have A PHP3 server shared by several
> > customers, they may have user/password database...
>
> No, it doesn't depend. I am saying if you are on a shared server, and you
> have files that are publicly accessible then of course they'll be readable
> by other users. Its not a problem--its how file permissions work.
>
> That's one reason why we a) use different passwords for the db read, stored
> in a non publicly visible folder and b) don't let anyone onto our servers,
> period.
>
> If you want to have files that are not accessible to other people, you
> pretty much need to get your own server.
>
> There aren't too many sys admins that are going to want to come up with
> method for access control on machines.
>
> > Any way it's not a good idea to show a complete Web directory structure !!!!
> > Think of whose your are trying to protect using .htacces...
> >
> > USELESS !!!!
>
> That is what .htaccess is: virtually useless. It is NOT a substitution for
> other methods of securing data. It is simply a high level (as in simple)
> method for restricting access to certain documents (that are normally 644)
> via httpd. Nothing more. Even that can be worked around in some
> situations.
>
> Let me repeat this. .htaccess is NOT a substitution for securing data. It
> is a simple tool that can help you restrict access to certain resources via
> http. It is neither a security method or an authentication tool. It is a
> tool to control web server configurations on the file. Just because an
> .htaccess file is most commonly used for htpasswd stuff doesn't make it a
> best practice tool. It is not a substitution for a true authentication
> system.
>
> If you are concerned with security you can not afford to be on a shared
> server. Bottom line.
>
> >> I also wish that people would get the terminology right--that is not
> >> 'telnet' access, but 'shell' access you are talking about. Telnet is a
> >> client, server, & protocol. The shell is the actual command line
> >> interface
> >> that is commonly accesses with telnet, serial, or SSH. Telnet should not
> >> even be enabled or allowed or supported, especially now that the
> >> RSA patent
> >> has expired.
> >
> > The use of Telnet or SSH is out of word here... if we accord Telnet access
> > or SSH acces to all our customers, the problem is rather the same...
> > THEY CAN ACCESS OTHER PEOPLE DIRECTORIES !
>
> I am saying that the proper term is 'shell' access. Shell access can be
> obtained by using a telnet or ssh client.
>
> But again, its not that you can see other peoples directories, its that you
> can see other peoples WORLD READBLE FILES. You understand what that means,
> right? It means that the owner of the file has said "Here, everyone on this
> system can read this file if they want to."
>
> There are ways of engineering a better way to do this stuff--like storing
> passwords in non public readable directories and have scripts suid or sudo
> to read them, etc. I guess I am saying that if you are concerned with
> security you need to come up with an actual authentication system and use a
> private non-shared server. Sure that is harder to do than say 'magically
> make all folders readable to the world, except other users on the server'.
>
> >> I'd like to see the Raq's come with IPChain management
> >> interfaces. I.e. you
> >> select the services you're running on the machine (POP, FTP, WWW, SSH) and
> >> it blocks all other ports to the external interface.
> > Yes but again that's not really necessary... As you have (i hope) a firewall
> > in front. The WWW/POP/SMTP/FTP (USE FTP OVER SSH !!!) are enough for a good
> > exploit, event WWW whith some CGI script.
>
> No, having a firewall isn't necessary. There are many issues involved with
> running a firewall in front of a web server.
>
> So running a firewall is not the only, or even the most desirable method for
> filtering packets. We use IPChains as a tcp wrapper. This software is
> commonly used in firewalls. It is quite simply a firewall to the kernel.
>
> a) latency
> Adding an additional box that filters stuff will add latency to your
> network.
>
> b) single point of failure (we can stay running if one web server catches
> fire)
> If your firewall is down you're out of business. Unless you want to have a
> firewall to each machine. Which is what we essentially have using IPChains.
>
> c) can't easily be adapted by intrusion detection systems
> We're able to detect attacks and immediately modify the firewall rules
> based on this--something that may be difficult if you had an external
> firewall
>
> d) misc. 'problems' (confirmation issues, vendor software updates, rack
> space, etc., etc. etc.)
> Most firewalls take a 2U, some take 1U, some more than 2U. That is more
> space than your server. Kind negates the effectiveness of a low form
> factor.
>
> -K
>
> --__--__--
>
> Message: 13
> From: Fabrice Prémel <fabrice@xxxxxxxxxx>
> To: <cobalt-users@xxxxxxxxxxxxxxx>
> Date: Thu, 21 Sep 2000 19:10:05 GMT
> Subject: Re: [cobalt-users] "old" perl
> Reply-To: cobalt-users@xxxxxxxxxxxxxxx
>
> >why uses the RaQ3 such an "old" version of Perl? 5.6 is current, and
> >5.005 or so is installed
> >
>
> 5.6 is reported to be quite buggy.
>
> It even sometimes miscalculates.
>
> However, if you want, updating perl is quite easy if you use CPAN.
>
> Fabrice Prémel.
>
> --__--__--
>
> Message: 14
> Date: Thu, 21 Sep 2000 10:15:11 -0700
> Subject: Re: [cobalt-users] wish to Cobalt: suppressing "sensitive"
> information
> From: Kris Dahl <krislists@xxxxxxxxxxxxx>
> To: <cobalt-users@xxxxxxxxxxxxxxx>
> Reply-To: cobalt-users@xxxxxxxxxxxxxxx
>
> on 9/21/00 2:44 AM, Jerome Tytgat at j.tytgat@xxxxxxxx wrote:
>
> >
> >> The biggest argument for this is not whether or not
> >> it is a Cobalt system because Cobalt's port 81/444 admin
> >> server is a dead giveaway. But whether or not the box is
> >> x86 or mips, since most remote root sploits use shell code. If
> >> someone is smashing the stack and using the wrong shell code
> >> they are going nowhere fast, and it might leave some
> >> funk behind to aid in detection.
> >>
> >> Jeff-
> >
> > No security is really bad security...
>
> Obscurity is no obscurity. Jeff is refering to a comment that I made:
>
> >>> exploit available. Patching the the software is the solution. Also, there
> >>> are many ways of fingerprinting a system, software, etc. not just based upon
> >>> those messages.
>
> He is confirming that it is easy to fingerprint a Cobalt machine. Shutting
> off the messages does help to determine if a machine is MIPs or x86, and so
> what exploits are more likely to work.
>
> That legitimate, and I agree that if someone gets in but isn't able to
> execute get an exploit working then it will leave a trail.
>
> ONe note, I have never found these 'trails' to be that helpful--usually
> they lead back to a compromised system who's administrator is typically not
> very forthcoming on helping you locate the 'real' culprit.
>
> I'm not saying that 'shy' mode isn't a good idea. Just saying that it is
> not the solution to the problem, or even a big part of it.
>
> -k
>
> --__--__--
>
> Message: 15
> Date: Thu, 21 Sep 2000 19:21:22 +0200
> From: Florian Effenberger <florian.effenberger@xxxxxxxxxxxxx>
> To: =?ISO-8859-1?B?RmFicmljZSBQcultZWw=?= <cobalt-users@xxxxxxxxxxxxxxx>
> Subject: Re[2]: [cobalt-users] "old" perl
> Reply-To: cobalt-users@xxxxxxxxxxxxxxx
>
> Hi,
>
> > 5.6 is reported to be quite buggy.
> Oh, I didn't know that. Is 5.6 the successor of 5.005 or has there
> been a 5.1, 5.2, ...?
>
> > It even sometimes miscalculates.
> powered by Microsoft? ;-))
>
> > However, if you want, updating perl is quite easy if you use CPAN.
> Don't want to do anything "manual" on my production system, that's the
> point.
>
> --
> Florian Effenberger
>
> --__--__--
>
> Message: 16
> Date: Thu, 21 Sep 2000 19:22:35 +0200
> From: Florian Effenberger <florian.effenberger@xxxxxxxxxxxxx>
> To: Kris Dahl <cobalt-users@xxxxxxxxxxxxxxx>
> Subject: Re[2]: [cobalt-users] wish to Cobalt: suppressing "sensitive" information
> Reply-To: cobalt-users@xxxxxxxxxxxxxxx
>
> Hi,
>
> seems that my post started a long discussion :-)
>
> My opinion is, that it adds a little bit (maybe it's not much, but at
> least it's a little bit!) of security and shouldn't be too hard for
> Cobalt to implement... so why not?
>
> --
> Florian Effenberger
>
> --__--__--
>
> Message: 17
> From: "Brian Curtis" <admin@xxxxxxxxxxx>
> To: <cobalt-users@xxxxxxxxxxxxxxx>
> Subject: Re: [cobalt-users] .htaccess question
> Date: Thu, 21 Sep 2000 13:22:57 -0400
> Organization: Pomfret Computer Technologies
> charset="iso-8859-1"
> Reply-To: cobalt-users@xxxxxxxxxxxxxxx
>
> Florian,
>
> > Hello,
> >
> > some services who authenticiate via .htaccess offer the option to log
> > out again. Meaning, you click on "Logout" and the next time you visit
> > the site, the user information from the browser cache is not re-read,
> > so you have to enter it again.
>
> Are you sure they are using the Apache .htaccess method? I can send the
> same auth challenge using php, authenticate the user against a datbase, then
> store a magic cookie on the users computer that says they're logged in.
> When they click the logout button, simply delete the cookie. This could be
> accomplised using JavaScript too (the cookie handling part).
>
> --
> Brian
>
> --__--__--
>
> Message: 18
> Date: Thu, 21 Sep 2000 10:32:32 -0700
> Subject: Re: [cobalt-users] .htaccess question
> From: Kris Dahl <krislists@xxxxxxxxxxxxx>
> To: <cobalt-users@xxxxxxxxxxxxxxx>
> Reply-To: cobalt-users@xxxxxxxxxxxxxxx
>
> on 9/21/00 8:59 AM, Florian Effenberger at florian.effenberger@xxxxxxxxxxxxx
> wrote:
>
> > Hello,
> >
> > some services who authenticiate via .htaccess offer the option to log
> > out again. Meaning, you click on "Logout" and the next time you visit
> > the site, the user information from the browser cache is not re-read,
> > so you have to enter it again.
> >
> > They do NOT use different, randomly-generated "realms" for that.
> >
> > Any hints what this could be? How can I implement such a logout
> > option myself?
>
> They probably aren't using .htaccess, but their own authentication stuff
> with PERL, JSP, PHP or whatever.
>
> The PHP authentication code that I developed for our sites supports this
> feature.
>
> -K
>
> --__--__--
>
> Message: 19
> Date: Thu, 21 Sep 2000 19:37:44 +0200
> From: Florian Effenberger <florian.effenberger@xxxxxxxxxxxxx>
> To: Brian Curtis <cobalt-users@xxxxxxxxxxxxxxx>
> Subject: Re[2]: [cobalt-users] .htaccess question
> <02b901c023f0$96b76b20$0501a8c0@xxxxxxxxxxx>
> Reply-To: cobalt-users@xxxxxxxxxxxxxxx
>
> Hi Brian,
>
> > Are you sure they are using the Apache .htaccess method? I can send
> > the same auth challenge using php, authenticate the user against a
> > datbase, then store a magic cookie on the users computer that says
> > they're logged in. When they click the logout button, simply delete
> > the cookie. This could be accomplised using JavaScript too (the
> > cookie handling part).
> I don't know what they use, so you might be right with your
> information.
>
> Thanks!
> Florian
>
> --__--__--
>
> Message: 20
> Reply-To: <dan@xxxxxxxxxxxxx>
> From: "Dan Kriwitsky" <dan@xxxxxxxxxxxxx>
> To: <cobalt-users@xxxxxxxxxxxxxxx>
> Subject: RE: [cobalt-users] suggestion to Cobalt: vacation program
> Date: Thu, 21 Sep 2000 14:09:42 -0400
> charset="iso-8859-1"
> Reply-To: cobalt-users@xxxxxxxxxxxxxxx
>
> > I have a suggestion to Cobalt regarding the vacation program. PLEASE
> > PLEASE PLEASE make it more comfortable!!
> >
> > I want customizable subjects, sending addresses (leave out that damn
> > hostname 'www'!! :) and time until a new one is sent.
> >
> You're talking about an auto-responder, not a vacation message. You can
> always install your own. http://www.cgi-resources.com/
> --
> Dan Kriwitsky
>
>
> --__--__--
>
> Message: 21
> Reply-To: <dan@xxxxxxxxxxxxx>
> From: "Dan Kriwitsky" <dan@xxxxxxxxxxxxx>
> To: <cobalt-users@xxxxxxxxxxxxxxx>
> Subject: RE: [cobalt-users] Help! : Raq2 Broken Control Panel
> Date: Thu, 21 Sep 2000 14:19:56 -0400
> charset="iso-8859-1"
> Reply-To: cobalt-users@xxxxxxxxxxxxxxx
>
> > May I ask if you could check /usr/admserv/cgi-bin/ on your
> > machine and tell
> > me if there is anything present in your directory, IE cgi scripts. I'm
> > looking over your list right now, but this cgi query will have to come
> > first before I explore further. My little attempt to be as surgical about
> > this as possible :-)
>
> [admin cgi-bin]$ ls -a
> ./ ../ .cobalt/
>
> [admin .cobalt]$ ls -a
> ./ fileUsage/ networkUsage/ siteFTP/
> sysSettings/
> ../ info/ networker/ siteList/
> telnetUsage/
> admin/ install/ profileMod/ siteMod/
> time/
> alert/ installReplace/ reboot/ siteUserAdd/
> tools/
> backup/ mailListAdd/ register/ siteUserDefaults/
> userMod/
> cpuUsage/ mailListDel/ relay/ siteUserDel/
> userUsage/
> diskUsage/ mailListList/ services/ siteUserEmail/
> webLog/
> dns/ mailListMod/ siteAdd/ siteUserList/
> webUsage/
> dnsUsage/ memUsage/ siteDefaults/ siteUserMod/
> wizard/
> email/ message/ siteDel/ snmp/
> emailUsage/ network/ siteDiskUsage/ snmpUsage/
> [admin .cobalt]$
>
> --
> Dan Kriwitsky
>
>
> --__--__--
>
> Message: 22
> Reply-To: <dan@xxxxxxxxxxxxx>
> From: "Dan Kriwitsky" <dan@xxxxxxxxxxxxx>
> To: <cobalt-users@xxxxxxxxxxxxxxx>
> Date: Thu, 21 Sep 2000 14:34:00 -0400
> charset="iso-8859-1"
> Subject: [cobalt-users] Would someone unsubscribe cedryc?
> Reply-To: cobalt-users@xxxxxxxxxxxxxxx
>
> Your message was not delivered for the following reason:
>
> E-mail Account: cedryc is over the limit of 31457280 bytes.
>
> --
> Dan Kriwitsky
>
>
>
> --__--__--
>
> Message: 23
> Date: Thu, 21 Sep 2000 13:39:38 -0500
> To: cobalt-users@xxxxxxxxxxxxxxx
> From: Geoff Baysinger <lists@xxxxxxxxxxxxxx>
> Subject: Re[2]: [cobalt-users] "old" perl
> <200009211814.TAA10515@xxxxxxxxxxxxxx>
> Reply-To: cobalt-users@xxxxxxxxxxxxxxx
>
> > > 5.6 is reported to be quite buggy.
> >Oh, I didn't know that. Is 5.6 the successor of 5.005 or has there
> >been a 5.1, 5.2, ...?
>
> Yes, 5.6 is the direct child of 5.005 ... the folks who maintain Perl
> (rightly) decided that people weren't realizing how much difference was
> going on between the various releases because of the 2 extra 0's, so the
> decided to take them out.
>
> in other words
>
> 5.004 + $1_generation == 5.005
>
> 5.005 + $1_generation == 5.6
>
> And if there are future incremental releases before Perl 6
>
> 5.6 + $1_generation == 5.7
>
> etc, etc
>
> --__--__--
>
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-users
>
> End of cobalt-users Digest