Search Results

Search found 20283 results on 812 pages for 'security context'.

Page 504/812 | < Previous Page | 500 501 502 503 504 505 506 507 508 509 510 511 | Next Page >

File ownership and permissions on web site PHP files

- by columbo

Hello, I am learning the basics of linux servers so I am green. I have an Ubuntu server upon which there are websites that I have inherited. In a fit of security worry I decided to check out the ownership of the web site files. They are all 2016:sites. If I run the command 'cat /etc/group | more' I can see that the group exists. But when I run 'lastlog' the user 2016 does not appear. I started to worry that 2016 might be the username of web users connecting from the web so I set the permissions on a testfile to chmod 600, giving read permissions to only the file owner. Sure enough I could still access the file from the web. Can anyone suggest what is going on here? I tried creating a new user and giving them file ownership but then when I access the file from the web it wants me to have all directories up stream owned by the same person. Thanks

Read the article
Debian: Firefox or Iceweasel default printer for POS station

- by Bubnoff

Context Using Debian 6.04 "Squeeze" as POS station. There are two printers installed: Network printer and a receipt printer It absolutely must be able to print by default to the receipt printer on a certain website though the system default is a network printer. In Debian ...it doesn't. Problem I've set up XP, 7, Ubuntu and even Mac OSX this way, so I'm no stranger to setting Firefox up this way ...same Iceweasel/Firefox settings ...complete fail. Always uses system default no matter what the settings, or, which printer you print from. To get this to work on other systems you do this: Print a page in Firefox using desired printer. Ensure print.save_settings is true. Firefox remembers last printer used Set print.always_print_silent = true The end. This works on every OS I've set up ....except Firefox and Iceweasel in Debian. My only recourse seems to be to set the receipt printer as default or go back to bloaty Ubuntu/Mint ...etc.

Read the article
Stop jucheck from running

- by Ken

I've installed Java on Windows Vista, and every day I get a Vista security warning asking me if I want to run "jucheck". Apparently this is the Java automatic updater. Well, I don't want it to run on its own, ever. I cancel it, and quit it. I right-click on the taskbar and unclick "Check for Updates Automatically", and then click "Never Check", and "Apply". And yet, it never remembers this setting. If I come back to the "Java Control Panel" right after clicking "OK", the very same box is checked again, all on its own. Is there some way to kill jucheck once and for all? If I simply delete jucheck.exe, will Java (other than the automatic check) still work, and will manual updates still work, and will it stop even trying to update every morning?

Read the article
CentOS Vs Windows Server 2008

- by Steve

Hi, Apologies if the question appears ambiguous, I have little experience in this area and was after some informed opinions. I am deploying a test scenario of a server/client network and need to make some choices for Server. The client will be a Windows system as it meets the requirements for the client, the server choice has more room for selection. From my experience with Linux in general and the appealing nature of open source for low cost, security etc and the availability and performance of database and web server programs I have been considering CentOS as a server choice. I have the ability to make most of the choices of what software / server packages I wish to install. This includes Active Directory (something I have no experience with). How well does this operate with Windows clients? Am I being too selective and creating unnecessary complication by setting out not to use a Windows Server OS?

Read the article
OS X clients ignoring Windows print server permissions

- by Ilumiari

I'm in the process of testing a Windows Server 2008 R2 print server for a mixed OS X/Windows environment. Any security permissions (AD groups) I set for the printers on the print server are not honoured by the OS X clients. Only if I remove absolutely all permissions for a given printer will an OS X client not print to that printer. The Windows clients honour the permissions as expected. The PrintService log doesn't record any activity when an unprivileged Windows client attempts to print, and records a typical print job when an unprivileged OS X client attempts to print. Has anyone encountered this problem before and have a fix? With 600-700 clients, a number of which are dual-booting, restricting by IP address is not viable. EDIT: The jobs are definitely going through the print server, they show up in the logs with their AD credentials.

Read the article
MySQL Windows vs. Linux: performance, caveats, pros and cons?

- by gravyface

Looking for (preferrably) some hard data or at least some experienced anecdotal responses with regards to hosting a MySQL database (roughly 5k transactions a day, 60-70% more reads than writes, < 100k of data per transaction i.e. no large binary objects like images, etc.) on Windows 2003/2008 vs. a Debian-based derivative (Ubuntu/Debian, etc.). This server will function only as a database server with a separate Web server on another physical box; this server will require remote access for management (SSH for Linux, RDP for Windows). I suspect that the Linux kernel/OS will compete less than the Windows Server for resources, but for this I can't be certain. There's also security footprint: even with Windows 2008, I'm thinking that the Linux box can be locked down more easily than the Windows Server. Anyone have any experience with both configurations?

Read the article
No HTTP Response from Tomcat 7 EC2 instance

- by David Kaczynski

I am new to EC2 (and Tomcat, for that matter), and I am trying to deploy a vanilla Tomcat 7 server to an Ubuntu 12.04.1 EC2 instance and access the default test site over HTTP. My EC2 instance is running, and the Security Group includes port 80: My /etc/tomcat7/server.xml config has been edited to listen for HTTP requests on port 80: 0 I have restarted my Tomcat 7 server via sudo service tomcat7 restart. However, according to sudo netstat -lnp, Tomcat is not listed as listening over port 80: I am unable to get any response from going to the ...amazonaws.com public DNS in a web browser. What am I missing?

Read the article
How can I prevent Ask.com Toolbar from being installed every time Java is updated?

- by abstrask

As many are painfully aware of, Oracle continues to not only bundle the Java installation with the useless Internet browser toolbar from Ask.com, but also enable its installation by default. In addition to the toolbar, Ask also replaces your favourite search engine in your browser with Ask. Furthermore, the Java installation goes as far as to actually recommend installing this useless junk, meaning that any non IT-savvy person is more than likely to leave it checked and install it (after all, it was enabled by default and the friendly Java installer did recommend it, right?). To add insult to injury, even if you remove the Ask Toolbar, you can be sure to see it again soon, when the next Java update hits you (which seem to happen quite often lately, due to loads of security fixes for Java, but that's another story). I'll duly remove the check-mark to install Ask Toolbar, whenever I update Java, but when supporting my family and friends, it's obvious they don't. How can I prevent the pesky Ask.com Toolbar from being installed in the first place?

Read the article
Intermediate SSL Certificates on Azure Websites

- by amhed

I have successfully configured an Extended-Validation Certificate on an Azure Website following this article: http://www.windowsazure.com/en-us/documentation/articles/web-sites-configure-ssl-certificate/ The main (non-technical) stakeholder of the web application went through great lengths to validate that our site is secure. He went to this site to check the validity of our SSL: http://www.whynopadlock.com/ The site throw the following error: `SSL verification issue (Possibly mis-matched URL or bad intermediate cert.). Details: ERROR: no certificate subject alternative name matches`` The certificate is installed using IP Based SSL instead of SNI. This is done this way because some site visitors still use Internet Explorer 8 on Windows XP, which has no support for SNI and throws a security warning. Is my certificate correclty installed? I received three .CRT files from my SSL provider: PrimaryIntermediate.crt SecondaryIntermediate.crt EndCertificate.crt This is how I exported our certificate as a .PFX file to Azure: openssl pkcs12 -export -out myserver.pfx -inkey myserver.key -in myserver.crt

Read the article
How do I set up a bridge on Ubuntu GNOME 14.04

- by NJRandy

I found a guide for setting up a bridge in Fedora and was trying this: $ nmcli connection delete p33p1 $ nmcli connection add con-name br0 type bridge ifname br0 autoconnect yes $ nmcli connection add con-name p33p1 type bridge-slave ifname p33p1 master br0 autoconnect yes I found that $ nmcli con delete uuid [uuid here] accomplished the first step. nmcli connection does not have an 'add' action in this distribution. Please help me do the 2nd and 3rd steps. Context: I am trying to set up a virtual machine. I believe this is a necessary step for the VM to access my network and the internet. Please feel free to correct me if I am wrong! BTW, I am a linux newbie, tech oldie. Thank you.

Read the article
Is there any danger in disabling windows firewall on a azure worker role?

- by NullReference

I'm trying to troubleshoot a bug on our Azure worker role where we occasionally get the error "Unable to read data from the transport connection: An established connection was aborted by the software in your host machine". This error occurs when we are connecting to outside resources like google auth servers. A few people have recommended disabling the firewall\antivirus on the server. I'm just wondering what kind of security risk we would take by doing this. The server doesn't have iis installed but would it be vulnerable to hacking without the firewall? Thanks

Read the article
How to forbid programs from accessing a folder

- by prashanth

I use firefox as my default browser. IE and chrome are used as secondary browsers. Apart from these, i need to have a alternate browser. I tried opera, but when installing it, opera automatically imported all my bookmarks and other profile data from firefox folder. I really had a hard time safely deleting these files that opera made a copy, without harming the original files which firefox uses. I don't want this to happen. Here's the situation: Now, i want to install other browser or re install opera. How do i make the firefox profile folder to be accessed only by firefox.exe and me(the administrator)? Can this be done via security tab under folder properties?

Read the article
Adding Thunderbird-stable repository gives "can't find signing_key_fingerprint" error

- by EBV2010

I'm trying to install Thunderbird 11 on Kubuntu 10.04. I was able to do it on the machine I'm working on. To get a clean process that I can roll out to other clients, I re-installed the machine and repeated the process. This is what I did (I've left out the sudo for clarity): add-apt-repository ppa:ubuntu-mozilla-security/ppa apt-get update add-apt-repository ppa:mozilla-team/thunderbird-stable The last one resulted in this error: Error: can't find signing_key_fingerprint at https://launchpad.net/api/1.0/~mozilla-team/+archive/thunderbird-stable The machine as it was before re-installation gave no such message. It was built from the same sources. Bottomline: I got Thunderbird 11.0 to run on Kubuntu 10.04 but after re-installation, adding the repository gives an error and won't add. Is there a way to solve the signing_key_fingerprint error?

Read the article
How do I launch a process as a specific user at startup on OS X?

- by Scott Bonds

I would like to run a script as a particular user on startup (not on login). I thought a launchd LaunchDaemon would do it, but 'man launchd' says: "If you wish your service to run as a certain user, in that user's environment, making it a launchd agent is the ONLY supported means of accomplishing this on Mac OS X. In other words, it is not sufficient to perform a setuid(2) to become a user in the truest sense on Mac OS X." They aren't kidding--when I try to run my script as a LaunchDaemon it doesn't work. In particular I'm trying to automate some keychain operations using the 'security' command, and it won't let me change the default keychain when I run the script through LaunchDaemon, though the script works fine when run using sudo from a shell. A LaunchAgent won't work, because the goal is for the proces to run without a user logging in and LaunchAgents only run when someone logs in. I looked at cron and the @reboot directive and that looks promising, but I read that cron is deprecated on OSX.

Read the article
SSL certificates with password encrypted key at hosting provider

- by Jurian Sluiman

We are a software company and offer hosting to our clients. We have a VPS at a large Dutch datacenter. For some of the applications, we need an SSL certificate which we'd like to encrypt with a password protected keyfile. Our VPS reboots now and then because of updates whatsoever, but that means our apache doesn't start right away because the passwords are needed. This results in downtime and is of course a real big problem. We can give the passwords to our VPS datacenter, or create certificates based on keyfiles without passwords. Both solutions seem not the best one, because they compromise the security of our certificates. What's the best solution for this issue?

Read the article
IIS 6 windows 2003 help installing SSL cert

- by ADAM

I requested a new ssl cert from godaddy which has been issued. When try to install it in iis through the website directory security tab i get a "the pending certificate request for this response file was not found. this request may be cancelled. you cannot install selected response certificate using this wizard" error. I may have run the wizard and deleted the pending request. Is there any way i can install the certificate without getting a new one? (i hope so) I have the original certrequest.txt file

Read the article
Thoughts on Apache log file sizes?

- by Nathan Long

Do you place any limits on the size of Apache log files - access.log and error.log? Specifically, can you give: Reasons to limit log file sizes Disk space Any other? Reasons NOT to limit log file sizes Research into performance issues or security breaches Any other? Methods of doing so Cron job that periodically deletes the file, or the first N lines? Any other? Anything you might salvage before deleting For example, grep out how many times a file was downloaded before deleting the access logs I'd like get the thoughts of experienced sysadmins before I do anything. (Marking as community wiki since this may be a matter of opinion.)

Read the article
Visual Studio 2008/2010 Intellisense disable tab key

- by Sean Edwards

So I've been having problems with my left wrist and working on code for extended period of times, and I've pretty much narrowed the cause down to Intellisense autocomplete and the tab key. Ok, to be fair, I can't blame Intellisense, but constantly reaching over to hit that key is causing problems. I've discovered Enter does the exact same thing in that context, but that's not the key I instinctively reach for. Is it possible to outright disable the function of the tab key in intellisense, so I'm forced to use Enter instead (which I hit without contorting my wrist oddly.) Thanks. P.S. I do have Visual Assist, so if it's not possible in Visual Studio itself, can VAssistX help?

Read the article
reverse proxy only from one internal server

- by hrost

I have configured a reverse proxy and is working ok for one internal server, for example our mail server. Now, I like to know if it is possible to configure a reverse proxy for only one server /application (in this case our web intranet). Our problem is Intranet call another aplication inside same intranet server and another internal servers, and the only way that I know to publish this resources is make a reverse proxy in our dmz apache for all apllications servers, but I like that from our DMZ reverse apache only intranet will be called, and other applications will be called by intranet server, and not reverse proxy. I like to configure with this system for security reason, and only allow external access to one server. I have configured With Debian Squeeze and apache 2.2 It is possible? How?

Read the article
Startup error BackgroundContainer.dll on windows 8.1

- by Manolis Karagiannis

I have the same problem with this topic! How to resolve BackgroundContainer.dll error on startup? The thing is i did everything that says in answer but i)I found nothing when i started regedit.exe and searched (F3 or CTRL+F) for BackgroundContainer.dll ii)I made a full scan with AntiVirus Scanner like Microsoft Security Essentials/ Defender and also i scaned my PC with Malwarebytes' Anti-Malware,but i found nothing. So this pop up message on start up keep appeared! any idea? Thank you!

Read the article
Unlock file on Windows Server 2003 by remote desktop without rebooting

- by BalusC

We've several Windows Server 2003 machines running, each with its own purposes. There are scheduled jobs which synchronizes some files over SFTP using WinSCP. Very sometimes a newly copied file is left locked in the "inbox" folder without any reason. The machine's own background task (programmed in Java) can't move it to the "processed" folder anymore after processing it. Manually moving it only yields the well known error message Cannot move [filename]: it is being used by another person or program. The only resort is to reboot the machine, but we would of course like to avoid that. Any suggestions? I tried Unlocker which works fine locally at WinXP, but doesn't work at those Win2K3 machines by remote desktop (unlock option doesn't show up in rightclick context menu). I tried Process Explorer as well as described in this blog article, but it caused the server to crash (not sure if that's because it's executed through remote desktop).

Read the article
PHP + IIS Application Pool Identity Windows\Temp permissions

- by Matt Boothman

I am currently running PHP (5.3) on IIS 7.5 on a Win2k8 R2 Web Edition Server and would like to know what, if any, problems or security vulnerabilities I may introduct into a system by assigning Read, Write, Modify & Execute permissions to either IUSR account or the IIS_USERS group for %SystemRoot%\Temp? Should I be altering permissions to that folder at all (as Windows reminds me I probably shouldn't when i attempt to change them)? Should I create a temp folder somewhere else and set permissions accordingly? The problem is when i set Anonymous Authentication (I'm guessing is a more secure option???) to use the App Pool identity, when starting sessions PHP gets stuck in a loop because it's unable to create session files in the %SystemRoot%\Temp folder due to lack of permission on the application pool user or IIS_USERS group. Another problem being ImageMagick (PHP Extension) is being denied access to %SystemRoot%\Temp to write temporary files so is throwing exceptions. I have tried searching Google however have not found anything that touches upon this subject specifically. Any help greatly appreciated.

Read the article
Find largest value of integer in repeating string

- by dotancohen

I have a script log file that looks a bit like this: 2012-9-16 Did something Did 345 things Script time: 244 seconds 2012-9-17 Did yet something Did another thing 23 times Script time: 352 seconds 2012-9-18 Did something special for 34 seconds 51 times Did nothing at all Script time: 122 seconds I would like to find the largest value of N in the lines Script time: N seconds. However, I need to keep the context, so simply removing all lines that don't contain Script time in them is not a viable solution. Currently, I am grepping for lines with Script time, then sorting those to find the highest value, then going back to the original file and searching for that value. However, if there is a more straightforward way then I would love to know. This is on Vim 7.3 on a recent CentOS. I would prefer to remain in VIM if possible. Thanks.

Read the article
Scheduled task username changed

- by Ernst

I posted this originally on stack overflow where I was told I should ask it here: Hi, I created a user on our exchange server, but later changed the username. Now, when I create a scheduled task for that user, and change it's settings (run only when logged on), the username is automatically changed back to the old username. What's causing this and how do I make sure the correct, new username is used for the task (otherwise it won't run), security settings are okay. I did already log in with a different user to delete the profile on the computer and tried again with this user to no avail. The OS is windows xp, the exchange server is on windows server 2003. Thanks

Read the article
Web Applications under Apache Tomcat with multiple directory contexts

- by goran

I have two webapps, prod-1.2.1.war and test-2.0.0.war. If I put these straight into the "tomcat/webapps"-folder, they'll get deployed as; hXXp://localhost/prod-1.2.1/ hXXp://localhost/test-2.0.0/ This works but really I would like them to show up as; hXXp://localhost/vegshop/prod/ hXXp://localhost/vegshop/test/ As you see I somehow would like the "vegshop" to be included in the context path. I also would like the version-numbering to disappear without having to rename the WAR-files. Thank you. This is Apache Tomcat v6.0 under Linux 2.6, running SUN JDK 1.6.

Read the article

< Previous Page | 500 501 502 503 504 505 506 507 508 509 510 511 | Next Page >