4 Aug 2003 Stevey   » (Master)


 I've not been doing a fair bit of `real` hacking for the past few days... Looking through Debian packages for security holes.

 Mostly this has been triggered by somebody mailing me and telling me that the Debian Auditing Project had really nasty webpages - so I've updated them.

 Once I did that I got all enthusiastic and built up a list of all the setuid/setgid binaries in Debian stable, before starting to work my way through some of them.

 So far I've had several Debian Security Advisories published - and I've got a few more issues to report.

 Ideally I'd like to release one a day .. for the next few weeks!

 At the moment I have five in hand to report, so there is the chance that I can manage it.

 It's been productive week or so - it looks like there's the proposal to audit all new setuid/setgid binaries before they enter the distribution is going to be accepted, so we should be ahead of the game :)


 In other life news I have a new cat.

 Cat Six is the successor to Tigger - (bet you thought I was gonna say cat 5 then didn't you? ;)

 I'm in love, she's beautiful and lovely and nice , and stuff :)

Latest blog entries     Older blog entries

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!