Thunderbird - changing default browser used to open links in e-mail

Edit or create the file

/home/USER_NAME/.mozilla-thunderbird/XXX.default/user.js

(USER_NAME in this path will be your user name, XXX will be random letters and numbers). The following example shows how to change the browser to Mozilla Firefox (i.e. if it was set to something else like Konqueror) and assumes the executable for Firefox is on the path and can be run by the command "mozilla-firefox", this can be replaced by the executable for other browsers if required. Add the following to the bottom of the "user.js" file making sure that when you do this both Firefox and Thunderbird are closed:

 user_pref("network.protocol-handler.app.http","mozilla-firefox");
 user_pref("network.protocol-handler.app.https","mozilla-firefox");
 

Read More......

Opera - turning off the annoying tray icon

Opera 9 by default starts up by placing an annoying, pretty much useless icon in your system tray. To stop it from doing this, add the option "-notrayicon" to the script starting it up. This file is usually found in

/usr/bin/opera

and change the last line of this file to

exec "${OPERA_BINARYDIR}opera" "$@" -notrayicon

Read More......

Secure Java apps on Linux using MD5 crypt

You know probably the good quality of IBM's articles. 2 days ago, IBM has published a new article in the "developerWorks" corner written by Vladimir Silva. In this article, "Secure Java apps on Linux using MD5 crypt", he described the GNU extensions to the crypt() system call and provided an implementation of MD5 crypt for use with Java applications.

First, he told about some weakness of the old crypt function and then presented the MD5 crypt GNU-extension followed by the MD5 crypt algorithm and a bash script for testing against a local Linux registry (/etc/shadow).

There is a link at the end of the article to the Java implementation of the MD5 crypt.

It is a good article. I really recommend it for your free time.

Read More......

Linux kernel 2.6.15.1 to fix multiple vulnerabilities

Linux kernel version 2.6.15.1 is released 2 days ago after the identification of multiple vulnerabilities in the version 2.6.15 and prior which could be exploited by remote or local attackers to cause a denial of service.

[root@mylinux ~]# uname -a
Linux mylinux.home 2.6.14-1.1656_FC4 #1 ... GNU/Linux

Oooops! >:)

The first issue is due to an infinite loop in the "netlink_rcv_skb" [af_netlink.c] function when handling a specially crafted "nlmsg_len" value, which could be exploited by local attackers to cause a denial of service.

The second flaw is due to an error in the PPTP NAT helper that does not properly calculate the offset when handling an inbound "PPTP_IN_CALL_REQUEST" packet, which could be exploited by attackers to crash a vulnerable system.

The third vulnerability is due to an error in the PPTP NAT helper that does not properly calculate the offset based on the difference between two pointers to the header, which could be exploited by attackers to cause a kernel crash.

It is recommended to update to the version 2.6.15.1

Links:
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.15.1
http://www.kernel.org
http://www.frsirt.com/english/advisories/2006/0220

Read More......

Will linux kernel move to GPL 3?

The Linux kernel mailing list started discussing about adopting the GPL3. Leading Linux developers are divided on whether Linux kernel should use the GNU General Public License version 3 or not. The discussion is started although the GPL3 is only a draft. The final version should be released in 2007.

Here are the main thoughts from some developers:

Jeff V. Merkey: The patent retaliation clause is exactly what has been missing. The inclusion of custom binaries was a little vague, but the net of it is that the end user can combine the separate parts, and have the freedom to do so given the GPL3 terms. Any concensus on whether Linux will move to GPL3? I support adoption

Stephen Hemminger: No consensus exists, and it would require agreement from all the copyright holders.

Patrick McLean: I don't think the kernel is going to move to v3, it's licensed specifically as v2, this is from the top of COPYING. Also, given that several of the copyright holders in the kernel are dead, I don't think we will be able to obtain permission.

Alan Cox: It may well move to v3, or bits of it may well do but it is rather early to speculate.
About obtain permission from copyright holders: It isn't clear that this will be a problem. Very few people specifically put their code v2 only, and Linus edit of the top copying file was not done with permission of other copyright holders anyway so really only affects his code if it is valid at all. What finally happens is going to depend almost entirely on whether the GPL v3 is a sane license or not and on consensus, and it is *way* too early to figure that out.

Jeff V. Merkey: GPL2 is fine if the kernel stays that way for my projects. moving forward, the patent retaliation clause is a great idea.

Alexander Shishckin: GPLv3 tends to get on top of the most braindead things ever known to software development. It is, in fact, a one-too-many example of how a person who cannot be seriously considered to be a computer programmer tries to have his one-too-many revenge on companies which employ real software developers and produce real world software. Someone should probably put an end to these miserable efforts.

Chase Venters: Why does everyone assume that Stallman is out to 'get revenge' on companies? Is his desire for freedom so hard to grasp and believe that all you can do is spin it into silly conspiracies?
Why do people not recognize that his GNU project has built significant things? Do you not realize that Linux is licensed GPLv2, which is also Stallman's license?
I'm not going to trumpet around in 'patriotic' support of Stallman for too long, but if you're going to go on a Stallman/GPL bashing tirade, try having some real reasons instead of moaning like a rock in the wind.
As for the implicit allegation that he's wrong for not accepting the "company's" way of doing thing, last I checked, most of this 'free software' stuff was started and written by people as a hobby, for themselves and their users -- not for companies. It just happens that Stallman's license allows business and industry to harmonize.

Read More......

Dynamic VirtualHost using mod_vhost_alias

I was looking into a solution for a customer and mod_vhost_alias came in handy.

Lets say you want to host blogs for several people and you want to host them on the following subdomain format: blogname.crazyblogs.com. Instead of having a separate virtual host for each one, you can do something like this:


UseCanonicalName Off
VirtualDocumentRoot /var/www/%0/htdocs
ServerName *.crazyblogs.com


Now, if you go to http://blog1.crazyblogs.com, it will look for a index file inside /var/www/blog1.crazyblogs.com/htdocs.

You can find further information on:

http://httpd.apache.org/docs/2.0/vhosts/mass.html#simple

http://httpd.apache.org/docs/2.0/mod/mod_vhost_alias.html

Read More......

“Bring back deleted files with lsof”

I haven’t had time to post for over a month, but I’m back. The other day I found this article (http://www.linux.com/articles/58142) talking about bringing back files using lsof. At first it did not make a lot of sense since unless you have the file open, this will not work. How likely are you to have the files you just deleted by mistake still open?

Well, not very likely. BUT…if you own a shared hosting company, (or if you are the system administrator of one), you know that often someone will have poor code along with allow_url_fopen turned on, and in no time you will have hackers injecting and running scripts on your server.

Usually you are able to find the running process and kill it. But if you look at the file descriptors you may find the file that got deleted after it was ran and still in memory.

I will have a similar example to the one in the article:

Create a file, open it, Ctrl + Z, then delete the file

[root@tiger proctest]# echo “Hello Linuxzone” >crazyfile
[root@tiger proctest]# less crazyfile
Hello Linuxzone

[1]+ Stopped less crazyfile

[root@tiger proctest]# rm crazyfile
rm: remove regular file `crazyfile’? y

Run lsof and grep for the filename or command ran. Alternatively you can find the PID from the running process on compromised box.

[root@tiger proctest]# lsof crazyfile
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
less 4771 root 4r REG 3,5 16 2099178 crazyfile (deleted)

[root@tiger proctest]# lsof|grep less

less 4771 root cwd DIR 3,5 4096 2099177 /home/jc/proctest
less 4771 root rtd DIR 3,5 4096 2 /
less 4771 root txt REG 3,5 101788 8280017 /usr/bin/less
less 4771 root mem REG 3,5 112168 376984 /lib/ld-2.3.4.so
less 4771 root mem REG 3,5 1529136 376987 /lib/tls/libc-2.3.4.so
less 4771 root mem REG 3,5 1175697 8278659 /usr/lib/libncursesw.so.5.4
less 4771 root 0u CHR 136,0 2 /dev/pts/0
less 4771 root 1u CHR 136,0 2 /dev/pts/0
less 4771 root 2u CHR 136,0 2 /dev/pts/0
less 4771 root 3r CHR 5,0 1857 /dev/tty
less 4771 root 4r REG 3,5 16 2099178 /home/jc/proctest/crazyfile (deleted)
Go to /proc/PID and check file descriptors inside the fd directory. You can also check the command ran by cat cmdline:

[root@tiger proctest]# cd /proc/4771
[root@tiger 4771]# ll
total 0
dr-xr-xr-x 2 root root 0 May 5 23:08 attr
-r——– 1 root root 0 May 5 23:08 auxv
-r–r–r– 1 root root 0 May 5 23:08 cmdline
lrwxrwxrwx 1 root root 0 May 5 23:08 cwd -> /home/jc/proctest
-r——– 1 root root 0 May 5 23:08 environ
lrwxrwxrwx 1 root root 0 May 5 23:08 exe -> /usr/bin/less
dr-x—— 2 root root 0 May 5 23:08 fd
-rw-r–r– 1 root root 0 May 5 23:08 loginuid
-r——– 1 root root 0 May 5 23:08 maps
-rw——- 1 root root 0 May 5 23:08 mem
-r–r–r– 1 root root 0 May 5 23:08 mounts
lrwxrwxrwx 1 root root 0 May 5 23:08 root -> /
-r–r–r– 1 root root 0 May 5 23:08 stat
-r–r–r– 1 root root 0 May 5 23:08 statm
-r–r–r– 1 root root 0 May 5 23:08 status
dr-xr-xr-x 3 root root 0 May 5 23:08 task
-r–r–r– 1 root root 0 May 5 23:08 wchan

[root@tiger 4771]# cat cmdline
lesscrazyfile

[root@tiger 4771]# cd fd
[root@tiger fd]# ll
total 5
lrwx—— 1 root root 64 May 5 23:08 0 -> /dev/pts/0
lrwx—— 1 root root 64 May 5 23:08 1 -> /dev/pts/0
lrwx—— 1 root root 64 May 5 23:08 2 -> /dev/pts/0
lr-x—— 1 root root 64 May 5 23:08 3 -> /dev/tty
lr-x—— 1 root root 64 May 5 23:08 4 -> /home/jc/proctest/crazyfile (deleted)
[root@tiger fd]# cat 4
Hello Linuxzone
[root@tiger fd]# cp 4 /tmp/crazyfile.restored
[root@tiger fd]# cat /tmp/crazyfile.restored
Hello Linuxzone

Read More......