headers
M M | 4 Apr 2006 18:38
Picon
Favicon

Server X GUI Problem

When i try and run the kernel,  an error message shows saying Server X the 
GUI cannot run.
How do i overcome this problem

_________________________________________________________________
Don't just Search. Find! http://search.sympatico.msn.ca/default.aspx The new 
MSN Search! Check it out!

-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
Permalink | Reply | 1 comment |
headers
Kazuki Omo | 6 Apr 2006 14:06
Favicon

LIDS Article on Magazine(Japanese Language Only)

Folks,

'LIDS Introduction' Article by LIDS-JP members on Mar-2006 to July-2006
issue of SoftwareDesign(one of major computer magazine in Japan).

http://www.gihyo.co.jp/magazines/SD

It has following articles;

1(Mar).   LIDS Introduction (What is LIDS, how to install, etc.) 
2(April). LIDS TPE/TDE/Sandboxing
3(June).  Embedded LIDS
4(July).  Tips/FAQs.

Thanks,

OMO
--

-- 
Kazuki Omo: omok <at> honto.info
LIDS Japanese Information:
Japanese: http://www.selinux.gr.jp/LIDS-JP/index.html
English:  http://www.selinux.gr.jp/LIDS-JP/LIDS_en/index.html

-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
Permalink | Reply | 0 comments |
headers
Kazuki Omo | 10 Apr 2006 04:28
Favicon

LIDS Flags viewing

Folks,

I have a question about viewing LIDS Flags from terminal.
For now, we can check whole of LIDS Flags(LIDS, LIDS_GLOBAL,
RELOAD_CONF, POSTBOOT, SHUTDOWN, ACL_DISCOVERY) from any
terminal.

From a security point of view, I guess it has some weakness.
Because if LIDS=0, someone using another terminal can find
out there's a terminal which LFS is opening now...

Thus, I think it is better to change lidsadm command to hide
LIDS Flags from any terminal except LFS. What do you think?

Regards,

OMO
--

-- 
Kazuki Omo: omok <at> honto.info
LIDS Japanese Information:
Japanese: http://www.selinux.gr.jp/LIDS-JP/index.html
English:  http://www.selinux.gr.jp/LIDS-JP/LIDS_en/index.html

-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
Permalink | Reply | 1 comment |
headers
Sander Klein | 12 Apr 2006 20:16
Picon

Re: LIDS Flags viewing

Sounds like a good idea.

Greets,

Sander

On Mon, April 10, 2006 4:28, Kazuki Omo said:
> Folks,
>
> I have a question about viewing LIDS Flags from terminal.
> For now, we can check whole of LIDS Flags(LIDS, LIDS_GLOBAL,
> RELOAD_CONF, POSTBOOT, SHUTDOWN, ACL_DISCOVERY) from any
> terminal.
>
> From a security point of view, I guess it has some weakness.
> Because if LIDS=0, someone using another terminal can find
> out there's a terminal which LFS is opening now...
>
> Thus, I think it is better to change lidsadm command to hide
> LIDS Flags from any terminal except LFS. What do you think?
>
> Regards,
>
> OMO
> --
> Kazuki Omo: omok <at> honto.info
> LIDS Japanese Information:
> Japanese: http://www.selinux.gr.jp/LIDS-JP/index.html
> English:  http://www.selinux.gr.jp/LIDS-JP/LIDS_en/index.html
>
(Continue reading)

Permalink | Reply | 0 comments |
headers
Kazuki Omo | 15 Apr 2006 07:10
Favicon

password problem on lids-2.2.x

Folks,

I found strange problem with LFS's password on lids-2.2.1/2.2.2.

Belows are my testing environment;
OS:
. Debain(sarge) vmware image
. CentOS 4.2-Server vmware image
(You can downloaded these images from
http://www.selinux.gr.jp/LIDS-JP/vmware.download.html)

. Debian(Etch) on physical machine.

LIDS:
lids-2.2.1 with 2.6.13.4 + lidstools-2.2.6.1
lids-2.2.2 with 2.6.15.6 + lidstools-2.2.7

When I chose LFS's password as "T#tt", or "hiw$2G5x",
(Even if in ACL_DISCOVERY mode) I got "Give incorrect password"
error when I want to change any parameter by lidsadm.

For example, when I put "lidsadm -S -- -LIDS" after "lidsadm -I",
I got below error messages as follows if I'm using "T#tt" for
LFS password;

----------------------------------------------------------------
Mar 30 13:39:07 localhost kernel: LIDS: Initializing LIDS ACLs
Mar 30 13:39:07 localhost kernel: LIDS: user space is 32 bit
Mar 30 13:39:07 localhost kernel: LIDS: ACL Discovery: ON, Effective
Capability:
(Continue reading)

Permalink | Reply | 0 comments |
headers
Kazuki Omo | 18 Apr 2006 05:37
Favicon

Re: password problem on lids-2.2.x

Hi, Munetoh-san,

> I have similar problem before, but had forgotten to report ...
> This error happen, if your SHA256(password) digest contains any NULL characters.
> 
> To create the encrypted password, we use SHA256 twice  (by lidsconf)
> To check the password, lidsadm do SHA256 once and Kernel do SHA256 once.
> The problem is that the lisdadm use strncpy() to send the hashed password
> to the kernel. I think this must be a memcpy() since password has been
> hashed and its length is fixed 32 bytes.

Make sense. I'll chekc to see if we can fix this problem by memcpy().

OMO

On Mon, Apr 17, 2006 at 02:12:09PM +0900, Seiji Munetoh wrote:
> Hi Omo-san,
> 
> > Folks,
> > I found strange problem with LFS's password on lids-2.2.1/2.2.2.
> 
> I have similar problem before, but had forgotten to report ...
> This error happen, if your SHA256(password) digest contains any NULL characters.
> 
> To create the encrypted password, we use SHA256 twice  (by lidsconf)
> To check the password, lidsadm do SHA256 once and Kernel do SHA256 once.
> The problem is that the lisdadm use strncpy() to send the hashed password
> to the kernel. I think this must be a memcpy() since password has been
> hashed and its length is fixed 32 bytes.
>
(Continue reading)

Permalink | Reply | 1 comment |
headers
Kazuki Omo | 19 Apr 2006 13:56
Favicon

Re: password problem on lids-2.2.x

Hi, Munetoh-san,

I checked it. After I changed strncpy() to memcpy() in lidsadm.c, 
I don't have this kind of problem.

Thanks.

OMO

On Tue, Apr 18, 2006 at 12:37:37PM +0900, Kazuki Omo wrote:
> Hi, Munetoh-san,
> 
> > I have similar problem before, but had forgotten to report ...
> > This error happen, if your SHA256(password) digest contains any NULL characters.
> > 
> > To create the encrypted password, we use SHA256 twice  (by lidsconf)
> > To check the password, lidsadm do SHA256 once and Kernel do SHA256 once.
> > The problem is that the lisdadm use strncpy() to send the hashed password
> > to the kernel. I think this must be a memcpy() since password has been
> > hashed and its length is fixed 32 bytes.
> 
> Make sense. I'll chekc to see if we can fix this problem by memcpy().
> 
> OMO
> 
> On Mon, Apr 17, 2006 at 02:12:09PM +0900, Seiji Munetoh wrote:
> > Hi Omo-san,
> > 
> > > Folks,
> > > I found strange problem with LFS's password on lids-2.2.1/2.2.2.
(Continue reading)

Permalink | Reply | 0 comments |

Gmane