On Wed, 9 Jun 2010, JohnS wrote:
>> Thus: Don't fight City Hall; use -n in the %setup stanze
>> and move on
>
> Nice post. Would like to see more like this from you.
The whole CentOS crew is picked up at:
http://planet.centos.org/
and these are people who are literate, and hold strong
opinions that they can express well. At one point, I went
through and editted the aggregator to only pick up content
tagged with 'centos' as we had complaints about side opinion
matter, but the home feed URLs of each have a fine collection
of such 'good stuff'
I seem to have anticipated the US CERT email-republished
advisory on the Flash cross-scripting attack being actively
exploited with mine yesterday on 'reading the logs:
http://orcorc.blogspot.com/2010/06/reading-logs.html
I posted in the morning, and got the June 8 update release in
my email that afternoon:
http://www.adobe.com/support/security/advisories/apsa10-01.html
The matter is critical indeed, because a person performing
actions exposing their unit to potentially hostile third party
content as a root or administrator right account can become
invisibly compromised
There is presently another active one using PDFs as a carrier,
rather than Flash, that I see in my logs as well (behind a
couple of layers of one way 'lobster trap' firewalls, but
clearly able to be invisibly 'pulled through' by web / PDF
browsers viewing 'trapped' content)
-- Russ herrold
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
