|
ru.linux
- RU.LINUX ---------------------------------------------------------------------
From : Sergey Lentsov 2:4615/71.10 21 Jun 2001 17:11:55
To : All
Subject : URL: http://lwn.net/2001/0621/security.php3
--------------------------------------------------------------------------------
[1][LWN Logo]
[2]Click Here
[LWN.net]
Sections:
[3]Main page
Security
[4]Kernel
[5]Distributions
[6]On the Desktop
[7]Development
[8]Commerce
[9]Linux in the news
[10]Announcements
[11]Linux History
[12]Letters
[13]All in one big page
See also: [14]last week's Security page.
Security
News and Editorials
The Danger of Allowing Users to Post Images. A major [15]discussion
thread on BugTraq this week started when John Percival posted a note
entitled [16]The Danger of Allowing Users to Post Images. With it, he
included an exploit developed by Chris 'stallion' Lambert which could
be used with almost any web script that uses cookie session/login data
to validate CGI forms.
Many such web scripts, including threaded discussion forums like
Infopop's Ultimate Bulletin Board or ezboard allow users to post
images to the forum. This means that they accept user input in the
form of HTML-embedded references or URLs. They do not, however,
necessarily check the input they receive to make sure it does not
contain additional HTML commands, such as possible hostile
query-strings. As a result, another user clicking on such as image may
be unwittingly executing HTML commands. If such a user has additional
privileges, such as a forum administrator, more damage can result.
BugTraq ID [17]2871 addresses this issue and currently lists four
affected applications: ezboard, Infopop's Ultimate Bulletin Board,
VBulletin and WWWThreads. Fixes for Ultimate Bulletin Board and
VBulletin have been made available. However, the basic issue is not
specific to the applications, but just a demonstration that input
verification vulnerabilities are extremely wide-spread in current
web-based scripts. Time to take a look at your web scripts and look at
how you are currently verifying the user input you receive,
particularly if that input is in the form of HTML or other executable
code.
CRYPTO-GRAM Newsletter. Bruce Schneier's [18]CRYPTO-GRAM Newsletter
for June is out. It covers a wide range of topics, including the
grc.com attacks and the Honeynet project. "The results are
fascinating. A random computer on the Internet is scanned dozens of
times a day. The life expectancy of a default installation of Red Hat
6.2 server, or the time before someone successfully hacks it, is less
than 72 hours. A common home user setup, with Windows 98 and file
sharing enabled, was hacked five times in four days. Systems are
subjected to NetBIOS scans an average of 17 times a day. And the
fastest time for a server being hacked: 15 minutes after plugging it
into the network."
One of the links inside this month's CRYPTO-GRAM is to [19]The Strange
Tale of Denial of Service, an account by Steve Gibson of his research
into the world of distributed denial-of-service attacks. In this case,
the machines used to deploy the attacks were running Microsoft Windows
operating systems, but the victims could be any machine. From his
experiences, he learned that major ISPs were simply unwilling to take
action in response to this type of problem, that the US Federal
government has too many problems to handle and will not look at
"small" problems, such as the disablement of a single site, and that
age does indeed shield youthful offenders within the US from
prosecution.
To quote Steve, "We can not have a stable Internet economy while
13-year-old children are free to deny arbitrary Internet services with
impunity".
Using a Cryptographic Hardware Token with Linux: the OpenSSL Project's
New Engine (Linux Journal). Linux Journal's Paul Friburg takes a look
at [20]using OpenSSL's new engine to provide support for
digitally-signed emails using a hardware token. "Hardware tokens are
nearly tamper proof and assure that the data are originating from a
given Linux PC provided that the token is plugged into it. ... Sadly,
the token we were requested to integrate, the Chrysalis-ITS Luna2 PC
card, was not on the list of the three tokens implemented in the
engine. This forced us to go under the hood of the OpenSSL engine
code. ".
Security Reports
sysklogd denial-of-service vulnerability.
Immunix reports that the Linux kernel logging daemon klogd distributed
with the sysklogd is vulnerable to a denial-of-service attack because
it will shut down if it receives a null byte in a log message from the
Linux kernel. A patch to fix the problem is available.
* [21]Immunix
fetchmail buffer overflow.
Wolfram Kleff reported a [22]buffer overflow in all versions of
fetchmail. This is remotely exploitable and could lead to root access
if fetchmail is run by root. An upgrade to fetchmail 5.8.6 will
resolve the problem.
* [23]Immunix
* [24]Debian
* [25]Conectiva
* [26]Slackware, June 18th Changelog
rxvt buffer overflow.
Samuel "Zorgon" Dralet reported a [27]buffer overflow in rxvt which
can be exploited to gain group utmp privileges on some systems, which
could allow the utmp file to be modified. A patch is available to fix
the problem.
* [28]Debian
* [29]Slackware, June 18th Changelog
* [30]Linux-Mandrake
man page source buffer overflow.
zen-parse reported a [31]buffer overflow in man that, when manual
pages begin with a '.so' statement, may be exploited to execute
arbitrary code under the 'man' group id. No patch or update for man
has been posted so far. For more details, check BugTraq ID [32]2872.
MDBMS query display buffer overflow.
teleh0r reported a [33]buffer overflow in [34]MDBMS, an SQL database
server for Unix which provides source code and is free for
non-commercial use. The buffer overflow can be exploited to execute
arbitrary code. An [35]updated version is available, containing a fix
for the problem.
BSD ptrace race condition vulnerability.
The version of ptrace shipped with NetBSD and OpenBSD has been
reported to [36]contain a race condition which can be exploited to
allow an unprivileged user to attach to a privileged process,
elevating the attacker's privileges. OpenBSD has released patches to
their kernel to resolve the problem; NetBSD has fixed the problem in
their CVS tree.
ghttp buffer overflow. The Gaztek HTTP daemon, [37]ghttpd, is a GPL'd
HTTP server with a small memory footprint that is capable of handling
"thousands of simultaneous connections". A [38]buffer overflow has
been reported in version 1.4 that can be exploited by a remote
attacker to run arbitrary code under the privileges of the ghttpd
server. No fix for the problem has been reported so far.
Proprietary products.
The following proprietary products were reported to contain
vulnerabilities:
* [39]WatchGuard Firebox 2500 and 4500 boxes are reported to contain
a vulnerability which makes it possible for an intruder to bypass
SMTP checking using attachments encoded in base64. No vendor
response has been reported so far.
* [40]ScreamingMedia SiteWare versions 2.501 and earlier and 3.1 and
earlier contain a file disclosure vulnerability. An upgrade to
2.5.1 or 3.1.1 will apparent resolve the problem. BugTraq ID
[41]2868.
* cgiCentral's WebStore shopping cart software has been reported to
contain two vulnerabilities which can be used together to allow an
attacker to execute arbitrary commands on a system running
Webstore. The two vulnerabilities are an [42]administrator
authentication bypass vulnerability and an [43]arbitrary command
execution vulnerability. A workaround for the command execution
vulnerability has been posted, but no vendor response has been
seen so far.
* [44]The Cisco Node Route Processor 2 card has been reported to
allow unauthorized telnet access in its default configuration. An
upgrade to Cisco 6400 NRP2 12.1DC will resolve the problem.
* [45]NetSQL, a light-weight SQL database server for Linux and
Solaris, has been reported to [46]contain a remotely exploitable
buffer overflow which can give an remote attacker root access on
the server. No vendor response has been seen so far.
* [47]Microburst uDirectory, a Perl CGI script, has been reported to
contain an input validation error which can be exploited remotely
to execute arbitrary commands on the host. No vendor response has
been seen so far.
Updates
exim format string vulnerability.
Check the [48]June 14th LWN Security Summary for the original report.
This week's updates:
* [49]Red Hat [Note, one user reported [50]problems with the Red Hat
7.0 packages in this update].
Previous updates:
* [51]Debian (June 14th)
* [52]Conectiva (June 14th)
xinetd buffer overflow.
Check the [53]June 14th LWN Security Summary for the initial report.
The buffer overflow is in the ident logging portion of xinetd, so one
workaround to the problem is to disable ident logging.
This week's updates:
* [54]Debian
* [55]Conectiva
xinetd default umask vulnerability.
Check the [56]June 7th LWN Security Summary for the original report.
Fixing the problem simply requires that the default umask for xinetd
be set to 022 instead of 000. This is also covered in BugTraq ID
[57]2826.
This week's updates:
* [58]Debian
* [59]Conectiva
Previous updates:
* [60]Red Hat (June 7th)
* [61]Linux-Mandrake (June 14th)
* [62]Immunix (June 14th)
OpenSSH tmplink vulnerability.
Check the [63]June 7th LWN Security Summary for the initial report.
This is also covered in BugTraq ID [64]2825.
This week, [65]OpenSSH 2.9.p2 was released with a fix for the problem.
ispell symbolic link vulnerabilities.
Check the [66]June 7th LWN Security Summary for the original report.
This week's updates:
* [67]Linux-Mandrake
Previous updates:
* [68]Red Hat (June 7th)
* [69]Debian, fixed in ispell-3.1.20-8, updated January 26, 2000.
(June 14th)
Webmin environment variable inheritance vulnerability. Check the
[70]May 31st LWN Security Summary for the original report.
This week's updates:
* [71]Linux-Mandrake
Previous updates:
* [72]Caldera, disabling Webmin recommended, no updated packages
available yet. (May 31st)
* [73]Caldera, updated packages now available (June 7th)
gnupg format string vulnerability.
Check the [74]May 31st LWN Security Summary for the initial report.
gnupg 1.0.5 and earlier are vulnerable; gnupg 1.0.6 contains a fix for
this problem and an upgrade is recommended. Werner Koch also sent out
[75]a note warning of minor build problems with gnupg 1.0.6 when
compiled without gcc.
This week's updates:
* [76]Debian, official
Previous updates:
* [77]Engarde (May 31st)
* [78]Progeny (May 31st)
* [79]Linux-Mandrake (June 7th)
* [80]Immunix (June 7th)
* [81]Trustix (June 7th)
* [82]SuSE (June 7th)
* [83]Conectiva (June 14th)
* [84]Red Hat (June 14th)
* [85]Turbolinux (June 14th)
* [86]Caldera (June 14th)
* [87]Debian, unstable upgrade to 1.0.6 on May 29th. (June 14th)
gnupg.
[88]gnupg 1.0.5 was released on April 29th. Check the [89]May 3rd LWN
Security Summary for details. An upgrade to 1.0.5 is recommended.
This week's updates:
* [90]Debian
Previous updates:
* [91]Linux-Mandrake (May 10th)
* [92]Immunix (May 3rd)
* [93]Red Hat (May 24th)
* [94]Caldera (May 24th)
Denial-of-service vulnerability in FTP server implementations.
Check the [95]March 22nd LWN Security Summary for the original report.
Affected FTP daemons include ProFTPd, NetBSD FTP, PureFTPd (to some
variants of this attack), BeroFTPD, and FreeBSD FTP.
This week's updates:
* [96]Linux-Mandrake
Previous updates:
* [97]ProFTPd (workaround only) (March 22nd)
* [98]ProFTPD 1.2.2rc1
Apache directory listing error.
Check the [99]March 8th LWN Security Summary for the initial report.
Apache 1.3.18 and earlier are vulnerable; Apache 1.3.19 contains a fix
for the problem. Note that this week is the first week where we've
seen distribution updates for this problem, even though it was
initially reported three months ago.
* [100]Trustix
Resources
Bastille Linux 1.2. The Bastille Linux development team [101]announced
the release of Bastille Linux 1.2, a hardening script for multiple
Linux distributions.
CryptoMail 0.90. The first public release of CryptoMail, [102]version
0.90, was announced this week. CryptoMail is an end-to-end secure
email system. MySQL, Apache and Sendmail are required in order to run
the server. More information is available at
[103]http://www.cryptomail.org.
Events
Upcoming Security Events.
Date Event Location
June 21 - 22, 2001 [104]13th Annual Computer Security Incident
Handling Conference (FIRST 2001) Toulouse, France
June 21, 2001 [105]PKI Forum Members Meeting (Kempinski Hotel Airport
Munchen)Munich, Germany
July 11 - 12, 2001 [106]Black Hat Briefings USA '01 Las Vegas, Nevada,
USA.
July 17, 2001 [107]The Open Group Security Forum briefing Austin,
Texas
August 6 - 10, 2001 [108]CERT Conference 2001 Omaha, NE, USA.
August 7, 2001 [109]CIBC World Markets First Annual Security & Privacy
Conference New York, NY, USA.
August 13 - 17, 2001 [110]10th USENIX Security Symposium 2001
Conference Washington, D.C.
August 13 - 17, 2001 [111]HAL2001 Enschede, The Netherlands
For additional security-related events, included training courses
(which we don't list above) and events further in the future, check
out Security Focus' [112]calendar, one of the primary resources we use
for building the above list. To submit an event directly to us, please
send a plain-text message to [113]lwn@lwn.net.
Section Editor: [114]Liz Coolbaugh
June 21, 2001
[115]Click Here
Secured Distributions:
[116]Engarde Secure Linux
[117]Immunix
[118]Kaladix
[119]Nexus
[120]NSA Security Enhanced
[121]Openwall GNU/Linux
[122]SLinux
[123]Trustix
Security Projects
[124]Bastille
[125]Linux Security Audit Project
[126]Linux Security Module
[127]OpenSSH
Security List Archives
[128]Bugtraq Archive
[129]Firewall Wizards Archive
[130]ISN Archive
Distribution-specific links
[131]Caldera Advisories
[132]Conectiva Updates
[133]Debian Alerts
[134]Kondara Advisories
[135]Esware Alerts
[136]LinuxPPC Security Updates
[137]Mandrake Updates
[138]Red Hat Errata
[139]SuSE Announcements
[140]Yellow Dog Errata
BSD-specific links
[141]BSDi
[142]FreeBSD
[143]NetBSD
[144]OpenBSD
Security mailing lists [145]Caldera
[146]Cobalt
[147]Conectiva
[148]Debian
[149]Esware
[150]FreeBSD
[151]Kondara
[152]LASER5
[153]Linux From Scratch
[154]Linux-Mandrake
[155]NetBSD
[156]OpenBSD
[157]Red Hat
[158]Slackware
[159]Stampede
[160]SuSE
[161]Trustix
[162]turboLinux
[163]Yellow Dog
Security Software Archives
[164]munitions
[165]ZedZ.net (formerly replay.com)
Miscellaneous Resources
[166]CERT
[167]CIAC
[168]Comp Sec News Daily
[169]Crypto-GRAM
[170]LinuxLock.org
[171]LinuxSecurity.com
[172]OpenSEC
[173]Security Focus
[174]SecurityPortal
[175]Next: Kernel
[176]Eklektix, Inc. Linux powered! Copyright Л 2001 [177]Eklektix,
Inc., all rights reserved
Linux (R) is a registered trademark of Linus Torvalds
References
1. http://lwn.net/
2. http://ads.tucows.com/click.ng/pageid=001-012-132-000-000-002-000-000-012
3. http://lwn.net/2001/0621/
4. http://lwn.net/2001/0621/kernel.php3
5. http://lwn.net/2001/0621/dists.php3
6. http://lwn.net/2001/0621/desktop.php3
7. http://lwn.net/2001/0621/devel.php3
8. http://lwn.net/2001/0621/commerce.php3
9. http://lwn.net/2001/0621/press.php3
10. http://lwn.net/2001/0621/announce.php3
11. http://lwn.net/2001/0621/history.php3
12. http://lwn.net/2001/0621/letters.php3
13. http://lwn.net/2001/0621/bigpage.php3
14. http://lwn.net/2001/0614/security.php3
15.
http://securityfocus.com/frames/?content=/templates/archive.pike%3Ftid%3D192006%
26start%3D2001-06-17%26fromthread%3D0%26threads%3D1%26list%3D1%26end%3D2001-06-2
3%26
16. http://www.securityfocus.com/archive/1/191114
17. http://www.securityfocus.com/bid/2871
18. http://lwn.net/2001/0621/a/crypto-gram.php3
19. http://grc.com/dos/grcdos.htm
20. http://noframes.linuxjournal.com/articles/style/0006.html
21. http://lwn.net/2001/0621/a/im-sysklogd.php3
22. http://www.securityfocus.com/bid/2877
23. http://lwn.net/2001/0621/a/im-fetchmail.php3
24. http://lwn.net/2001/0621/a/deb-fetchmail.php3
25. http://lwn.net/2001/0621/a/con-fetchmail.php3
26. http://www.slackware.com/changelog/current.php?cpu=i386
27. http://www.securityfocus.com/bid/2878
28. http://lwn.net/2001/0621/a/deb-rxvt.php3
29. http://www.slackware.com/changelog/current.php?cpu=i386
30. http://lwn.net/2001/0621/a/lm-rxvt.php3
31. http://www.securityfocus.com/archive/1/190136
32. http://www.securityfocus.com/bid/2872
33. http://www.securityfocus.com/archive/1/190933
34. http://www.hinttech.com/mdbms/
35. http://www.hinttech.com/mdbms/download.html
36. http://www.securityfocus.com/bid/2873
37. http://www.gaztek.org/ghttpd/index.html
38. http://www.securityfocus.com/bid/2879
39. http://www.securityfocus.com/bid/2855
40. http://www.securityfocus.com/bid/2869
41. http://www.securityfocus.com/bid/
42. http://www.securityfocus.com/bid/2860
43. http://www.securityfocus.com/bid/2861
44. http://www.securityfocus.com/bid/2874
45. http://www.munica.com/webpak/
46. http://www.securityfocus.com/bid/2885
47. http://www.securityfocus.com/bid/2884
48. http://lwn.net/2001/0614/security.php3#exim
49. http://lwn.net/2001/0621/a/rh-exim.php3
50. http://lwn.net/2001/0621/a/rh-exim-problems.php3
51. http://lwn.net/2001/0614/a/deb-exim.php3
52. http://lwn.net/2001/0614/a/con-exim.php3
53. http://lwn.net/2001/0614/security.php3#xinetdbo
54. http://lwn.net/2001/0621/a/deb-xinetd.php3
55. http://lwn.net/2001/0621/a/con-xinetd.php3
56. http://lwn.net/2001/0607/security.php3#xinetd
57. http://www.securityfocus.com/bid/2826
58. http://lwn.net/2001/0621/a/deb-xinetd.php3
59. http://lwn.net/2001/0621/a/con-xinetd.php3
60. http://lwn.net/2001/0607/a/rh-xinetd.php3
61. http://lwn.net/2001/0614/a/lm-xinetd.php3
62. http://lwn.net/2001/0614/a/im-xinetd.php3
63. http://lwn.net/2001/0607/security.php3#opensshtmplink
64. http://www.securityfocus.com/bid/
65. http://freshmeat.net/releases/50683/
66. http://lwn.net/2001/0607/security.php3#ispell
67. http://lwn.net/2001/0621/a/lm-ispell.php3
68. http://lwn.net/2001/0607/a/rh-ispell.php3
69. http://lwn.net/2001/0614/a/db-ispell.php3
70. http://lwn.net/2001/0531/security.php3#webmin
71. http://lwn.net/2001/0621/a/lm-webmin.php3
72. http://lwn.net/2001/0531/a/caldera-webmin.php3
73. http://lwn.net/2001/0607/a/caldera-webmin.php3
74. http://lwn.net/2001/0531/security.php3#gnupgformatstring
75. http://lwn.net/2001/0607/a/gnupggcc.php3
76. http://lwn.net/2001/0621/a/deb-gnupg.php3
77. http://lwn.net/2001/0531/a/esl-gnupg.php3
78. http://lwn.net/2001/0531/a/pr-gnupg.php3
79. http://lwn.net/2001/0607/a/lm-gnupg.php3
80. http://lwn.net/2001/0607/a/im-gnupg.php3
81. http://lwn.net/2001/0607/a/trustix-gnupg.php3
82. http://lwn.net/2001/0607/a/suse-gnupg.php3
83. http://lwn.net/2001/0614/a/conectiva-gnupg.php3
84. http://lwn.net/2001/0614/a/rh-gnupg.php3
85. http://lwn.net/2001/0614/a/tl-gnupg.php3
86. http://lwn.net/2001/0614/a/cald-gnupg.php3
87. http://lwn.net/2001/0614/a/db-gnupg.php3
88. http://www.gnupg.org/whatsnew.html#rn20010429
89. http://lwn.net/2001/0503/security.php3#gnupg1.0.5
90. http://lwn.net/2001/0621/a/deb-gnupg.php3
91. http://lwn.net/2001/0510/a/lm-gnupg.php3
92. http://lwn.net/2001/0503/a/im-gnupg.php3
93. http://lwn.net/2001/0524/a/rh-gnupg.php3
94. http://lwn.net/2001/0524/a/caldera-gnupg.php3
95. http://lwn.net/2001/0322/security.php3#ftpds
96. http://lwn.net/2001/0621/a/lm-proftpd.php3
97. http://lwn.net/2001/0322/a/proftpd-dos.php3
98. http://freshmeat.net/releases/44640/
99. http://lwn.net/2001/0308/security.php3#apache
100. http://lwn.net/2001/0621/a/trustix-apache.php3
101. http://lwn.net/2001/0621/a/bastille-1.2.php3
102. http://freshmeat.net/releases/50589/
103. http://www.cryptomail.org/
104. http://www.first.org/conference/2001/
105. http://www.pkiforum.org/meetings/20010619/index.html
106. http://www.blackhat.com/
107. http://www.opengroup.org/austin2001/security_outline.htm
108. http://www.certconf.org/
109. http://www.cibcwm.com/eq/conference/security/
110. http://www.usenix.org/events/sec2001
111. http://www.hal2001.org/hal/01Home/index.html
112. http://securityfocus.com/calendar
113. mailto:lwn@lwn.net
114. mailto:lwn@lwn.net
115. http://ads.tucows.com/click.ng/buttonpos=lwnbuttonsecurity
116. http://www.engardelinux.org/
117. http://www.immunix.org/
118. http://www.maganation.com/~kaladix/
119. http://Nexus-Project.net/
120. http://www.nsa.gov/selinux/
121. http://www.openwall.com/Owl/
122. http://www.slinux.org/
123. http://www.trustix.com/
124. http://www.bastille-linux.org/
125. http://lsap.org/
126. http://lsm.immunix.org/
127. http://www.openssh.com/
128. http://www.securityfocus.com/bugtraq/archive/
129. http://www.nfr.net/firewall-wizards/
130. http://www.jammed.com/Lists/ISN/
131. http://www.calderasystems.com/support/security/
132. http://www.conectiva.com.br/atualizacoes/
133. http://www.debian.org/security/
134. http://www.kondara.org/errata/k12-security.html
135. http://www.esware.com/actualizaciones.html
136. http://linuxppc.org/security/advisories/
137. http://www.linux-mandrake.com/en/fupdates.php3
138. http://www.redhat.com/support/errata/index.html
139. http://www.suse.de/security/index.html
140. http://www.yellowdoglinux.com/resources/errata.shtml
141. http://www.BSDI.COM/services/support/patches/
142. http://www.freebsd.org/security/security.html
143. http://www.NetBSD.ORG/Security/
144. http://www.openbsd.org/security.html
145. http://www.calderasystems.com/support/forums/announce.html
146. http://www.cobalt.com/support/resources/usergroups.html
147. http://distro.conectiva.com.br/atualizacoes/
148. http://www.debian.org/MailingLists/subscribe
149. http://www.esware.com/lista_correo.html
150. http://www.freebsd.org/handbook/eresources.html#ERESOURCES-MAIL
151. http://www.kondara.org/mailinglist.html.en
152. http://l5web.laser5.co.jp/ml/ml.html
153. http://www.linuxfromscratch.org/services/mailinglistinfo.php
154. http://www.linux-mandrake.com/en/flists.php3
155. http://www.netbsd.org/MailingLists/
156. http://www.openbsd.org/mail.html
157. http://www.redhat.com/mailing-lists/
158. http://www.slackware.com/lists/
159. http://www.stampede.org/mailinglists.php3
160. http://www.suse.com/en/support/mailinglists/index.html
161. http://www.trustix.net/support/
162. http://www.turbolinux.com/mailman/listinfo/tl-security-announce
163. http://lists.yellowdoglinux.com/ydl_updates.shtml
164. http://munitions.vipul.net/
165. http://www.zedz.net/
166. http://www.cert.org/nav/alerts.html
167. http://ciac.llnl.gov/ciac/
168. http://www.MountainWave.com/
169. http://www.counterpane.com/crypto-gram.html
170. http://linuxlock.org/
171. http://linuxsecurity.com/
172. http://www.opensec.net/
173. http://www.securityfocus.com/
174. http://www.securityportal.com/
175. http://lwn.net/2001/0621/kernel.php3
176. http://www.eklektix.com/
177. http://www.eklektix.com/
--- ifmail v.2.14.os7-aks1
* Origin: Unknown (2:4615/71.10@fidonet)
Вернуться к списку тем, сортированных по: возрастание даты уменьшение даты тема автор
| Тема: |
Автор: |
Дата: |
|
URL: http://lwn.net/2001/0621/security.php3 |
Sergey Lentsov |
21 Jun 2001 17:11:55 |
|
|
