On Wed, 2010-06-09 at 11:40 -0400, R P Herrold wrote: > On Wed, 9 Jun 2010, JohnS wrote: > > >> Thus: Don't fight City Hall; use -n in the %setup stanze > >> and move on > > > > Nice post. Would like to see more like this from you. > > The whole CentOS crew is picked up at: > http://planet.centos.org/ > > and these are people who are literate, and hold strong > opinions that they can express well. At one point, I went > through and editted the aggregator to only pick up content > tagged with 'centos' as we had complaints about side opinion > matter, but the home feed URLs of each have a fine collection > of such 'good stuff' > > I seem to have anticipated the US CERT email-republished > advisory on the Flash cross-scripting attack being actively > exploited with mine yesterday on 'reading the logs: > http://orcorc.blogspot.com/2010/06/reading-logs.html > > I posted in the morning, and got the June 8 update release in > my email that afternoon: > http://www.adobe.com/support/security/advisories/apsa10-01.html > > The matter is critical indeed, because a person performing > actions exposing their unit to potentially hostile third party > content as a root or administrator right account can become > invisibly compromised > > There is presently another active one using PDFs as a carrier, > rather than Flash, that I see in my logs as well (behind a > couple of layers of one way 'lobster trap' firewalls, but > clearly able to be invisibly 'pulled through' by web / PDF > browsers viewing 'trapped' content) I smell a custom compiled ip tables with tarpit? While indeed all that is good info for a lot of people I was not referring to any of that above. I have been familiar with all that for a long time. If missed somehow I get an anonymous mail...As I see all that is posted in CentOS Planet.... " Would like to see more of this from you" Was intended to be more like: Good to see you are being nice and informative. Instead of your normal like saying cmovCC! %EBX... John