Re: Debian security prb

To: debian-user-list <debian-user@lists.debian.org>
Cc: Frédéric Aliotti <Frederic.Aliotti@insa-lyon.fr>
Subject: Re: Debian security prb
From: Greg Folkert <greg@gregfolkert.net>
Date: 27 Aug 2003 09:48:51 -0400
Message-id: <[🔎] 1061992131.2113.10.camel@net1-97>
In-reply-to: <5.0.2.1.2.20030827090403.00a3a1a0@insa.insa-lyon.fr>
References: <[🔎] 5.0.2.1.2.20030826090219.00a0ab30@insa.insa-lyon.fr> <[🔎] 5.0.2.1.2.20030826090219.00a0ab30@insa.insa-lyon.fr> <5.0.2.1.2.20030827090403.00a3a1a0@insa.insa-lyon.fr>

On Wed, 2003-08-27 at 03:14, Frédéric Aliotti wrote:
> Hello
> 
> A 13:49 26/08/03 -0400, vous avez écrit :
> >On Tue, 2003-08-26 at 03:03, Frédéric Aliotti wrote:
> > > I have installed Debian GNU/Linux 3.0 rl "Woody" Official i386.
> > > I'm trying to use an application called Cyberdocs on this computer > :
> >this application have to open OpenOffice.org to convert word
> > > documents to XML. This process is triggered by a java application. >
> >Everything is properly installed.
> >
> >First off, HTML mail to this list is frowned upon. Second Are you sure
> >you have Java installed on the Machine?
> >
> > > My problem is that OpenOffice.org can't be oppened by Cyberdocs : > I
> >get this message : java.net.ConnectException: Connection refused > ...
> > > I don't have this problem when I use Redhat or Mandrake.
> > > Maybe a security prb.
> >
> >Are you sure that you indeed have Java Properly installed this Debian
> >machine?
> >
> >Exactly What version of Java are you using? Did you install it from a
> >Debian package? Or from a tarball?
> >I've installed the Java SDK 1.4.2 from sun, this is a *.bin file very easy 
> >to install. I have changed my environment settings properly : when I use 
> >the "java -version" command, I get the expected message.
> 
> I really think that the java.net ConnectException: Connection refused is a 
> debian security prb. As I said, I have this prb with the old potato and the 
> new woody debian, but everything is ok with the redhat and mandrake 
> distribs that I don't want to use :)
> 
> Any idea to remove the security tools ?

Well, if you would *ANSWER MY QUESTIONS*

It is *NOT* I repeat *NOT* security Problems!

There are no TOOLS to remove.

1. What version of Java Are you using and where did you get it?
2. Are you sure you have it properly installed?
3. "Everything OK" in Mandrake and RedHat is probably because they do
"Kitchen Sink Installs" (i.e.: Everything) which by default introduces A
LOT of problems in the way of exploits.
4. You *MAY NOT* have everything installed that you need for it to work
in Debian. Debian by DEFAULT is sparsely supplied. If you need/want
it... "apt-get install" it.
5. If you still think it is a "security" problem... run your "cyberdocs"
package with strace on RedHat/Mandrake... that will give you a list of
things it is using.
6. Run "cyberdocs" on the Debian system with strace as well and see
where it is failing. I am betting that it doesn't use/see JAVA properly,
therefore it fails to spawn the java clases it needs.
7. Install the needed packages.

Oh and BTW, this *IS* a mailing list... Please respond to me via the
list please. It is just common courtesy.

Reply to:

References:
- Debian security prb
  - From: Frédéric Aliotti <Frederic.Aliotti@insa-lyon.fr>

Prev by Date: Re: Help Please!!
Next by Date: Re: kde 3.1.3 stable and koffice
Previous by thread: Re: Debian security prb
Next by thread: Re: Debian security prb
Index(es):
- Date
- Thread