Benutzer:Uk/Notizen: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Uk (Diskussion | Beiträge) Keine Bearbeitungszusammenfassung |
Uk (Diskussion | Beiträge) Keine Bearbeitungszusammenfassung |
||
| Zeile 34: | Zeile 34: | ||
==mime type check abstellen (für zip etc.)== | ==mime type check abstellen (für zip etc.)== | ||
$wgVerifyMimeType = false; | <s>$wgVerifyMimeType = false;</s> | ||
http://www.mediawiki.org/wiki/Manual:$wgVerifyMimeType | http://www.mediawiki.org/wiki/Manual:$wgVerifyMimeType | ||
Auszug Konfiguration Bundeswiki | |||
<pre> | |||
#$wgVerifyMimeType = false; | |||
$wgMimeTypeBlacklist= array( | |||
# HTML may contain cookie-stealing JavaScript and web bugs | |||
'text/html', 'text/javascript', 'text/x-javascript', 'application/x-shellscript', | |||
# PHP scripts may execute arbitrary code on the server | |||
'application/x-php', 'text/x-php', | |||
# Other types that may be interpreted by some servers | |||
'text/x-python', 'text/x-perl', 'text/x-bash', 'text/x-sh', 'text/x-csh', | |||
# Windows metafile, client-side vulnerability on some systems | |||
'application/x-msmetafile', | |||
# A ZIP file may be a valid Java archive containing an applet which exploits the | |||
# same-origin policy to steal cookies | |||
# Wir brauchen aber .zip | |||
#'application/zip', | |||
); | |||
</pre> | |||
Version vom 18. Januar 2011, 09:57 Uhr
root exploit linux kernel
- http://www.heise.de/security/meldung/Luecke-im-Linux-Kernel-erlaubt-Root-Zugriff-Update-849799.html
- http://wiki.debian.org/mmap_min_addr
schneller erster Fix für debian 5.0.3 lenny: # echo "vm.mmap_min_addr = 4096" > /etc/sysctl.d/mmap_min_addr.conf # /etc/init.d/procps restart
einfaches Skript für LF-Check
#!/bin/bash KEY=XXXXXXXXXXXXX NEWFILE=lfnew.txt OLDFILE=lfold.txt mv $NEWFILE $OLDFILE 2>/dev/null wget -q -O $NEWFILE https://lqpp.de/bb/api/initiative.html?key=$KEY diff -Nua $OLDFILE $NEWFILE
kvm
$ virt-install --connect qemu:///system --name debiantest --ram 512 --disk path=/tmp/demo.img,size=2 --network=bridge:br0 --vnc --os-type=linux --os-variant=debianlenny --cdrom /tmp/debian-507-amd64-netinst.iso --accelerate --noautoconsole
$ virsh -c qemu:///system vncdisplay debiantest
$ ssh -L 5910:localhost:5901 root@localhost
$ vncviewer localhost:10
mime type check abstellen (für zip etc.)
$wgVerifyMimeType = false;
http://www.mediawiki.org/wiki/Manual:$wgVerifyMimeType
Auszug Konfiguration Bundeswiki
#$wgVerifyMimeType = false; $wgMimeTypeBlacklist= array( # HTML may contain cookie-stealing JavaScript and web bugs 'text/html', 'text/javascript', 'text/x-javascript', 'application/x-shellscript', # PHP scripts may execute arbitrary code on the server 'application/x-php', 'text/x-php', # Other types that may be interpreted by some servers 'text/x-python', 'text/x-perl', 'text/x-bash', 'text/x-sh', 'text/x-csh', # Windows metafile, client-side vulnerability on some systems 'application/x-msmetafile', # A ZIP file may be a valid Java archive containing an applet which exploits the # same-origin policy to steal cookies # Wir brauchen aber .zip #'application/zip', );