Linux-Development-Sys Digest #776, Volume #7 Sun, 16 Apr 00 07:13:15 EDT
Contents:
Re: MS caught breaking web sites (laugh)
Re: MS caught breaking web sites (Jim Richardson)
Re: MICROSOFT IT THRU! MICROSOFT IS THRU! (Jim Richardson)
Re: Simple but confusing C code query... (Jim Nicholson)
virtual frame buffers ([EMAIL PROTECTED])
mounting on char device? (liran)
Re: MICROSOFT IT THRU! MICROSOFT IS THRU! ("Christopher Smith")
Put the lib into the libc? (was: Re: Simple but...) (Matthias Kleinmann)
Re: Q: is there a free secure network filesystem for Linux?
([EMAIL PROTECTED])
Re: MS caught breaking web sites ("Robert Moir")
Re: Building bzImage with 2.3.99-pre3 fails ("Uli Joergens")
----------------------------------------------------------------------------
From: laugh <[EMAIL PROTECTED]>
Crossposted-To:
comp.os.linux.advocacy,comp.os.ms-windows.advocacy,comp.os.ms-windows.nt.advocacy,comp.os.linux.networking,comp.os.linux.security,comp.os.ms-windows.networking.tcp-ip,alt.conspiracy.area51
Subject: Re: MS caught breaking web sites
Date: Sun, 16 Apr 2000 01:07:21 -0400
Robert,
What can I say? Microsoft does so many evil things that the story seemed
credible. Have to admit to a certain predisposition towards belief in this area.
Well, I can take some comfort from the fact that Microsoft stock is in
freefall,
and Mr. Bill has lost tens of billions of dollars of net worth.
While that still leaves him a rich man, this means that all those underpaid
Microserfs who have been hoping to retire early on the stock options they were
getting instead of pay will be abandoning ship pretty soon.
So microsofts already glacial software delivery schedule will slow down
even more.
And with Linux growing to 35% of all servers and 10% of desktops this year
alone
(half of those being NT replacements), there won't be much of an audience
for any future releases of windows when and if they do make it out.
Which means even lower stock prices for MS, and so on, and so on. In
business school
they refer to this as a "Death Spiral".
Go ahead and call me a fudster if that eases the pain, just don't put any
money in
Microsoft stock....No, wait, I take that back, please put ALL your money in MS
stock....
Robert Moir wrote:
>
> Hey Fudster, seen this?
> taken from NT bugtraq
>
------------------------------
From: [EMAIL PROTECTED] (Jim Richardson)
Crossposted-To:
comp.os.linux.advocacy,comp.os.ms-windows.advocacy,comp.os.ms-windows.nt.advocacy,comp.os.linux.networking,comp.os.linux.security,comp.os.ms-windows.networking.tcp-ip,alt.conspiracy.area51
Subject: Re: MS caught breaking web sites
Date: Sat, 15 Apr 2000 22:53:20 -0700
Reply-To: [EMAIL PROTECTED]
On Sun, 16 Apr 2000 04:04:25 GMT,
Mark Graybill, in the persona of <[EMAIL PROTECTED]>,
brought forth the following words...:
>I forgot to mention that I caught my Outlook Express trying to connect to a
>CGI script at a Microsoft website.
>
>Thanks to requiring a proxy, it failed.
>
This is interesting, is there a way to duplicate it?
(I'd love to capture the packetstream at the server and disect it.)
--
Jim Richardson
Anarchist, pagan and proud of it
WWW.eskimo.com/~warlock
Linux, because life's too short for a buggy OS.
------------------------------
From: [EMAIL PROTECTED] (Jim Richardson)
Crossposted-To:
comp.os.linux.advocacy,comp.os.ms-windows.advocacy,comp.os.ms-windows.nt.advocacy,comp.os.linux.networking,comp.os.linux.security,comp.os.ms-windows.networking.tcp-ip,alt.conspiracy.area51
Subject: Re: MICROSOFT IT THRU! MICROSOFT IS THRU!
Date: Sat, 15 Apr 2000 23:03:32 -0700
Reply-To: [EMAIL PROTECTED]
On Sun, 16 Apr 2000 02:05:50 GMT,
Chad Myers, in the persona of <[EMAIL PROTECTED]>,
brought forth the following words...:
>
>"Charlie Ebert" <[EMAIL PROTECTED]> wrote in message
>news:[EMAIL PROTECTED]...
>
>> Dear Chad.
>>
>> Microsoft is asking everybody to delete that .dll.
>> They wouldn't ask us to delete the .dll if it weren't a threat.
>
>Because people are too stupid to set their permissions correctly.
>
>Not to mention that there is a buffer overrun that was discovered (which has
>nothing to do with this false 'backdoor' urban legend) and since this DLL
>is pretty much depricated, MS is just advising to delete it for precaution.
>
>If MS were interested in backdooring your system, why would they tell you
>to delete it?
>
They didn't, until someone *else* found the backdoor.
>> You can't call a guy a moron and an idiot if there's been a story published
>> about a security threat from a Microsoft product, THEN have Microsoft tell
>> you to delete the .dll because it IS a security threat.
>
>But the reason they're telling you to delete it is completely unrelated to
>this crazy "back door" nonsense.
>
oh really? then why have you delete it? the buffer overflow was announced
after the delete suggestion by M$ yes?
>>
>> That just makes you look stupid.
>
>Hmm... truth is stupid? Ok! Then I'm a flaming moronic truth-telling idiot, if
>that's what interest in the truth makes me. I suppose I could be cooler and
>jump on the anti-MS conspiracy and disreguard all fact, evedience and truth,
>like you obviously have.
>
>> If the .dll wasn't a threat then they shouldn't have told the world to delete
>it.
>
>Since the DLL was under intesnse scrutiny, another, rather minor buffer overrun
>was detected. Since the DLL is pretty much depricated, MS didn't see any point
>in
>supporting it. Remember, this was with the FrontPage98 extensions back when
>VisualInterDEV 1.0 was out. No one runs VID 1.0 anymore, so there's no use for
>the DLL anyhow.
>
>
So why ship it in the first place?
>C'mon people, know your facts before you start spouting of this ignorant BS.
>
>> You CAN'T KEEP turning the WORLD into FUDSTERS every time a new BAD THING is
>> EXPOSED about Microsoft products...
>
>Considering nothing was exposed, I guess that makes you not only a FUDSTER,
>but a liar and a defamer, right? Consider it a favor that I'm only calling you
>guys raving lunatics concerned only with FUD.
>
So if nothing was "exposed" then M$ allready knew about the buffer overflow
and the backdoor? that's even better *snort*
>
>> The FUDSTER, moron, idiot campaign carried off by Microsoft Trolls is clearly
>a
>> problem.
>
>Damn that truth! Always hurts when you're smacked by it, doesn't it, Charlie?
>
>> It leads people to believe that using a Microsoft Operating system is a SAFE
>and
>> SANE
>> thing to do!
>
>Of course, there's been no evidence otherwise, why SHOULDN'T they believe this?
*ding ding* clue train leaving station...
>
>> Isn't that just amazing here folks. The press reports the security flaw, the
>> back door.
>> Microsoft says to delete the .dll as it's a security risk.
>
>Microsoft says there's no Backdoor, many 3rd party sources confirm this.
>
>Another group, after validating MS claims essentially says "well, there's no
>back door, but we did find a common buffer overrun that they might want to
>patch"
>
>Well, since no one really uses that DLL in the FP98 extensions, the best,
>quickest, and most thorough way to fix the buffer overrun possible vunerability
>would be to just delete it.
>
>Do you even read this stuff, or do you just start spouting your moronic BS
>without
>thinking?
>
You are being inconsistant.
The backdoor is found and reported, M$ says solution is to delete the dll,
now you say there is no backdoor, and that M$ was telling people to delete the
dll because of a buffer overrun discovered _after_ they said to delete the dll.
--
Jim Richardson
Anarchist, pagan and proud of it
WWW.eskimo.com/~warlock
Linux, because life's too short for a buggy OS.
------------------------------
From: Jim Nicholson <[EMAIL PROTECTED]>
Crossposted-To:
uk.comp.os.linux,uklinux.help.newbies,comp.os.linux.development,comp.os.linux.questions,comp.os.linux.development.apps
Subject: Re: Simple but confusing C code query...
Date: Sat, 15 Apr 2000 23:19:19 +0100
Michael Hopkins wrote:
>
> Hi all,
>
> Please help me with this extremely simple problem.
>
> I am coming straight from a clever IDE on the Mac (though I programmed
> on UNIX many years ago) & I�m finding the command line for compilation
> & linking pretty frustrating at the moment. I realise that it offers a
> great deal of flexibility & power, but I don�t have a hope in hell of
> porting a large ANSI C console project from the Mac until I understand
> the following behaviour.
>
> I�m trying to get the following code to compile on Mandrake 7.0 distro
> with gcc:
>
>
> #include <math.h>
>
> int main( void )
> {
> double a = 150.0;
>
> printf(�Ok\n�); /* line A */
> printf("Log( 150 ) = %6.3f\n", log( a ) ); /* line B */
>
> return 1;
> }
>
>
> I�m using the following at the command line:
>
> gcc prog.c -o prog
>
>
> Some questions:
>
> Why does the linker tell me �undefined reference to log�? It does the
> same with any of the functions that are in math.h (which is where it
> should be & is found OK, as is mathcalls.h which math.h refers to
> internally). Where is the object code for the math library routines?
>
You need to link with the maths library (libm.so) using
gcc prog.c -lm -o prog
> Why does it compile & work fine if I comment out line B? Shouldn�t I
> need to #include <stdio.h> for line A to compile?
>
The standard functions (except the maths ones) are contained in the
standard library, which is linked agains by default, but the maths
functions are in a separate library whcih you have to tell the compiler to
link against.
>
> Am I doing something very dim or are these bugs/features? Are there
> any other things I should be aware of before I undertake the Mac ->
> Linux port? Can I use a command line option make the linker ignore
> functions in the included files that aren�t used in the program
> (�smart link�)? Does gcc deal with external variables in included
> files in a standard way?
>
Not sure what you mean here. Generally speaking all the functions in an
include file will be implemented in one library. If you get a warning
about an unresolved reference, have a look at the man page for the
function. It will most likely tell you which library to link against.
As far as external variables are concerned, if you are thinking about errno
etc. they will be defined in the appropriate library file.
HTH
Jim
------------------------------
From: [EMAIL PROTECTED]
Subject: virtual frame buffers
Date: Sun, 16 Apr 2000 07:07:08 GMT
I'd like to know if anyone has made a patch, or is planning to, or even
considering it, to make frame buffers be fully virtualized between each
virtual console. What I mean is, instead of re-rendering a text buffer
for each console into a single frame buffer, each console keeps the
entire graphical content when doing console switching. This would mean
either a lot of RAM used or a lot of swap space used (if the virtual
frame buffers were swapped).
--
| Phil Howard - KA9WGN | My current boycotts: Amazon.Com, DVDs, Mattel, Sony
| [EMAIL PROTECTED] +----------------------------------------------------
| Dallas - Texas - USA | My current websites: linuxhomepage.com, ham.org
------------------------------
From: liran <[EMAIL PROTECTED]>
Subject: mounting on char device?
Date: Sun, 16 Apr 2000 00:14:48 -0700
Hi,
I wonder is it possible to implement afilesystem that will
be mounted on a char device?
I want to do that to avoid accessing the buffer cache.
thanks liran.
* Sent from AltaVista http://www.altavista.com Where you can also find related Web
Pages, Images, Audios, Videos, News, and Shopping. Smart is Beautiful
------------------------------
From: "Christopher Smith" <[EMAIL PROTECTED]>
Crossposted-To:
comp.os.linux.advocacy,comp.os.ms-windows.advocacy,comp.os.ms-windows.nt.advocacy,comp.os.linux.networking,comp.os.linux.security,comp.os.ms-windows.networking.tcp-ip,alt.conspiracy.area51
Subject: Re: MICROSOFT IT THRU! MICROSOFT IS THRU!
Date: Sun, 16 Apr 2000 18:15:03 +1000
"Chad Myers" <[EMAIL PROTECTED]> wrote in message
news:sB5K4.167$[EMAIL PROTECTED]...
> You know the funny thing about this post is that there is no back door,
> and it's been proven by several parties and reported from several reliable
> news sources. I expect you'll see a retraction by WSJ monday if it hasn't
> happened
> already.
>
> <sigh>
>
> I have a feeling this is going to be one of those topics that the ignorant
> zealotous anti-MS morons (such as Charlie here) will continue to bring up
over
> and over and over again, even though it's been proven false.
>
> Kinda like the Kerberos thing, or the _NSAKEY thing, or any number of
other
> BS topics.
I think it's gonna become like that navy ship story :).
------------------------------
From: Matthias Kleinmann <[EMAIL PROTECTED]>
Crossposted-To:
uk.comp.os.linux,uklinux.help.newbies,comp.os.linux.development,comp.os.linux.questions,comp.os.linux.development.apps
Subject: Put the lib into the libc? (was: Re: Simple but...)
Date: Sun, 16 Apr 2000 11:02:51 +0200
[...]
> > Where is the object code for the math library
> > routines?
>
> you need to link with the math library libm.
>
> $ gcc prog.c -o prog -lm
>
> (yes this is stupid and libm should have been rolled into libc about
> 20 years ago but here we are.)
[...]
I think the seperated libm is a good idea:
It allows you to use an accelerated/corrected libm without recompiling.
This is important, since the operations in libm are not too easy to
write.
There is IMHO a lot of nummeic know how in the code and it depends
citically on the machine you are running. More problems are rising if
one tries to accelerate the lib functions for a special
processor/system.
So it is stupid, if you have to change your libc for a small (but
relevant)
improvement in the libm, since this means AFAIK rebooting :((
Bye
Matthias
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Q: is there a free secure network filesystem for Linux?
Date: Sun, 16 Apr 2000 10:22:00 +0100
Mario Klebsch <[EMAIL PROTECTED]> wrote:
: [EMAIL PROTECTED] writes:
:>Michael Pronath <[EMAIL PROTECTED]> wrote:
:>: Is there a network filesystem, that has useful security features (i.e. not
:>: NFS), and is free and open source available for Linux (i.e. not AFS) ?
:>: What would you use for a small LAN, Home Office or so? Samba?
:>NFS over Secure RPC is a possibility. We have used it
:>here successfully to tunnel NFS over long distances (the
:>NFS traffic travels inside an SSH TCP tunnel).
: Please correct me, if I am wrong, but secure NFS is NOT NFS over SSH.
No need to correct you. Secure NFS is something entirely different.
:>However, this is still only really useful if you trust the
:>kernel on the client end (ie. it doesn't change the basic
:>insecurity of NFS - just allows you to send it over the
:>Internet with fewer worries).
: AFAIK, this is one of the main benefits of secure NFS. It is no longer
: required to trust the kernel on the client side. However, I never used
: secure NFS when I worked with Solaris systems, since I did trust my
: clients.
Great, but only if you have Solaris everywhere ...
Rich.
--
[EMAIL PROTECTED] | Free email for life at: http://www.postmaster.co.uk/
BiblioTech Ltd, Unit 2 Piper Centre, 50 Carnwath Road, London, SW6 3EG.
+44 171 384 6917 | Click here to play XRacer: http://xracer.annexia.org/
--- Original message content Copyright � 2000 Richard Jones ---
------------------------------
From: "Robert Moir" <[EMAIL PROTECTED]>
Crossposted-To:
comp.os.linux.advocacy,comp.os.ms-windows.advocacy,comp.os.ms-windows.nt.advocacy,comp.os.linux.networking,comp.os.linux.security,comp.os.ms-windows.networking.tcp-ip,alt.conspiracy.area51
Subject: Re: MS caught breaking web sites
Date: Sun, 16 Apr 2000 11:19:38 +0100
"Charlie Ebert" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Okay, let's discuss this.
> HOLD IT RIGHT THERE! He's not a FUDSTER for reporting the truth.
> >
> > Latest reports say that there is
> > NO VULNERABILITY IN DVWSSR.DLL
>
> If there's no GD vulnerabiltiy in the .Dll mentioned, then why are
> they telling people to DELETE IT! What are you F'ing saying here!
I'm not saying anything. NTBugtraq are saying there is no backdoor.
> > Yup, that's right, different again from what I said earlier, and even
more
> > different than what I said yesterday to WSJ.
>
> I don't consider WHITE WASH a GOOD ARGUMENT!
Whitewash? You don't know NTBugtraq very well do you?
> Oh for christ sakes! If Microsoft and their policies were less crooked
then
> we would have never had this MESS to begin with.
>
> Your WHITE WASH of the story isn't helping ANYBODY HERE!
What mess? Fudsters printing bullshit? Oh I think we would because if it
wasn't lies about this it would be lies about something else.
> OH crap! Why are they asking people to delete it!
Now that they have established there is no problem, I don't believe they are
asking people to delete this file any longer. I believe this was mooted as a
temporary protective measure while they investigated claims about this DLL
though.
> > That said, understand that sites that allow connections by Front Page
may
> > very well provide you with source asp if you request it. BUT THAT WILL
> > HAPPEN with or without the .dll. Without proper and full permissions
applied
> > across virtual servers on a given box, site leakage or manipulation by
> > others will always be possible in myriad ways.
>
> I'm not going to say it!
What, that they are right? You don't think that it's important to apply
correct permissions to directory structures on webservers?
[...]
> Yes, ANYTHING IS POSSIBLE!
> I'm beginning to believe Microsoft WILL STUP AT NOTHING!
I'm beginning to believe you are mad.
[...]
> This day marks an end to trust between most of the nations internet ready
> companies and the company known as Microsoft.
>
> You WOULD NEVER have had THIS KIND OF PROBLEM if you USED OPEN SOURCE
CODE!
> THIS EXAMPLE is but one of MANY WE COULD SITE HERE TODAY which
functionally
> BURIED the proprietary closed source concept, EXPECIALLY FROM MICROSOFT!
>
> I think you can EXPLAIN until your head falls off.
> By this time NEXT WEEK, nobody in corporate America will trust MICROSOFT
with
> ANYTHING!
Yeah but I don't give a flying fuck whether yanks believe lies or not.
> I'm SHOCKED. Do you hear me! SHOCKED! OUTRAGED!
>
> LIES, LIES and MORE LIES! I'm SICKENED!
> ENOUGH COVERUP ALREADY!
Is there something wrong with you, or has a RANDOM caps LOCK virus sneaked
past your open source review of your system, by the way?
Typing things in BIG LETTERS does not make them true, or any more or less
valid, just more difficult to read.
Rob Moir
------------------------------
From: "Uli Joergens" <[EMAIL PROTECTED]>
Subject: Re: Building bzImage with 2.3.99-pre3 fails
Date: Sun, 16 Apr 2000 13:40:53 +0200
"Paul Kimoto" <[EMAIL PROTECTED]> schrieb im Newsbeitrag
news:[EMAIL PROTECTED]...
> In article <8d7p7j$pab$[EMAIL PROTECTED]>, Uli Joergens wrote:
> >
gcc -E -D__KERNEL__ -I/usr/src/linux/include -D__BIG_KERNEL__ -traditional -
> > DSVGA_MODE=NORMAL_VGA bootsect.S -o bbootsect.s
> > as -o bbootsect.o bbootsect.s
> > bbootsect.s: Assembler messages:
> > bbootsect.s:735: Error: base/index register must be 32 bit register
> > bbootsect.s:742: Error: base/index register must be 32 bit register
> > bbootsect.s:743: Error: base/index register must be 32 bit register
> > bbootsect.s:744: Error: base/index register must be 32 bit register
> > bbootsect.s:997: Error: base/index register must be 32 bit register
> > make[1]: *** [bbootsect.o] Error 1
> > make[1]: Leaving directory `/usr/src/linux/arch/i386/boot'
> > make: *** [bzImage] Error 2
>
> Which binutils version do you have?
>
I'm using SuSE 6.3 with binutils 2.9.1.0.20-0.
Is there anything newer proposed?
Thanks
Uli
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.development.system) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Development-System Digest
******************************
