On 01-10-2014 01:58, Eric Furman wrote:
> If you don't realize the the OpenBSD team hasn't thought about, talked
> about and argued about these issues to an extremely large extent
> then you are very new here.
Nope. I myself participated on these discussions on the past.
> You won't see it on the
On Tue, Sep 30, 2014, at 09:02 PM, Giancarlo Razzolini wrote:
> On 30-09-2014 20:24, Stuart Henderson wrote:
> > There is no "expiry time" on a signify signature. If an anoncvs server
> > were to be compromised such that you could no longer trust its key,
> > there is no way we could "revoke" that
On 30-09-2014 20:24, Stuart Henderson wrote:
> There is no "expiry time" on a signify signature. If an anoncvs server
> were to be compromised such that you could no longer trust its key,
> there is no way we could "revoke" that signed web page. If an attacker
> was able to cause you to keep seeing
On 2014-09-30, Giancarlo Razzolini wrote:
> On 30-09-2014 16:03, Ted Unangst wrote:
>> In theory, we could sign the ssh fingerprint page, but I don't think
>> that's a good idea at the current time. There are some issues with
>> expiring old data.
> This would be a significant improvement. If you
On 30-09-2014 16:03, Ted Unangst wrote:
> In theory, we could sign the ssh fingerprint page, but I don't think
> that's a good idea at the current time. There are some issues with
> expiring old data.
This would be a significant improvement. If you are 99,99% certain you
got the release right, them
On Tue, Sep 30, 2014 at 04:33:35PM -0400, Alan McKay wrote:
> On Tue, Sep 30, 2014 at 4:21 PM, Stuart Henderson
> wrote:
> > binpatchng can help you with this process.
>
> I will have to look into that
>
> > But note that -stable sometimes has extra commits that don't have errata;
> > release+p
On Tue, Sep 30, 2014 at 4:21 PM, Stuart Henderson wrote:
> binpatchng can help you with this process.
I will have to look into that
> But note that -stable sometimes has extra commits that don't have errata;
> release+patches is not quite the same thing as -stable.
Can you give 1 or 2 examples?
On 9/30/14, OpenBSD Europe wrote:
>> On 9/30/14, OpenBSD Europe wrote:
Am 09/30/14 um 14:42 schrieb Martijn van Duren:
The openbsdstore.com has opend.
Guess what I just did? ;-)
Cheers,
STEFAN
>>>
>>> Yep.
>>>
>>> We had a some issues to start with.
>>>
>>>
On 2014-09-30, Alan McKay wrote:
> Sounds like I'll need to go with the signed tarballs for the -release
> and then apply the signed patches to get -stable.
binpatchng can help you with this process.
But note that -stable sometimes has extra commits that don't have errata;
release+patches is not
> On 9/30/14, OpenBSD Europe wrote:
>>> Am 09/30/14 um 14:42 schrieb Martijn van Duren:
>>>
>>> The openbsdstore.com has opend.
>>>
>>> Guess what I just did? ;-)
>>>
>>> Cheers,
>>> STEFAN
>>
>> Yep.
>>
>> We had a some issues to start with.
>>
>> *Please*, if you order and hit a problem, email i
Am 09/30/14 um 22:08 schrieb patrick keshishian:
> I'm not sure where exactly to send these questions, so
> i'm simply replying to all.
>
> Two questions:
> 1. Is there no option for guest checkout? Must I be
> forced to create an account?
Nope - just order via email to od...@openbsdstore.com.
>
On 2014-09-30, sven falempin wrote:
>
> I also parse and do custom action with the lease file,
> so i forgot all concern about the absence of script hook.
> I also regurlarly monitor the lease, so i did not use
>
> http://entrproject.org/ , looks good stuff
It is. This isn't quite what it was de
On 9/30/14, OpenBSD Europe wrote:
>> Am 09/30/14 um 14:42 schrieb Martijn van Duren:
>>
>> The openbsdstore.com has opend.
>>
>> Guess what I just did? ;-)
>>
>> Cheers,
>> STEFAN
>
> Yep.
>
> We had a some issues to start with.
>
> *Please*, if you order and hit a problem, email it to
> ord...@op
Am 09/30/14 um 21:45 schrieb Christian Weisgerber:
>
> So what does this mean with regard to Lehmanns?
>
Guess ... ;-)
On Tue, Sep 30, 2014 at 09:02:56PM +0200, Stefan Wollny wrote:
> Am 09/30/14 um 14:42 schrieb Martijn van Duren:
> > On Sat, 2014-09-27 at 07:30 +0100, OpenBSD Europe wrote:
> >>> Hi folks,
> >>>
> >>> I just noticed that in Germany "Lehmanns" (see OpenBSD's order-site)
> >>> already accepts pre-or
On 2014-09-30, Stefan Wollny wrote:
>> I might have missed something, but could you provide me with an update
>> on this issue?
>
> The openbsdstore.com has opend.
So what does this mean with regard to Lehmanns?
--
Christian "naddy" Weisgerber na...@mips.inka.de
> Am 09/30/14 um 14:42 schrieb Martijn van Duren:
>
> The openbsdstore.com has opend.
>
> Guess what I just did? ;-)
>
> Cheers,
> STEFAN
Yep.
We had a some issues to start with.
*Please*, if you order and hit a problem, email it to
ord...@openbsdstore.com and not on these lists. It's *much* eas
the last part of this saga is, that i have moved
to a new place, and the issue went away. so it
seems it was router related. just another strange
story from the home router front.
-f
--
i have nothing to say, but i can say it loudly.
On Tue, Sep 30, 2014 at 09:44, Alan McKay wrote:
> Hi folks,
>
> I've been googling for a couple of hours now and not coming up with much
> here.
> I see how to download the -release source and then verify it, but I
> cannot find any way to grab -stable from CVS and do the same. I
> guess the on
Am 09/30/14 um 14:42 schrieb Martijn van Duren:
> On Sat, 2014-09-27 at 07:30 +0100, OpenBSD Europe wrote:
>>> Hi folks,
>>>
>>> I just noticed that in Germany "Lehmanns" (see OpenBSD's order-site)
>>> already accepts pre-orders for OpenBSD 5.6-release.
>>>
>>> Guess what I just did :-)
>>>
>>> My
On Tue, Sep 30, 2014 at 11:20:23AM -0500, Boris Goldberg wrote:
> Hello Otto,
>
> Wednesday, September 24, 2014, 2:36:58 PM, you wrote:
>
> OM> Try to come up with a reproducable test case, include all relevant
> OM> info and then we can investigate.
I indeed see strange things on sparc64 more
On Wed, 1 Oct 2014, at 04:46 AM, trondd wrote:
> On Tue, Sep 30, 2014 at 11:30 AM, Giancarlo Razzolini
>
> wrote:
>
> > On 30-09-2014 11:56, trondd wrote:
> >
> >> There are SSH fingerprints published for each of the CVS servers.
> >>
> > They are published on a clear http page and there is no SS
Hello Otto,
Wednesday, September 24, 2014, 2:36:58 PM, you wrote:
OM> Try to come up with a reproducable test case, include all relevant
OM> info and then we can investigate.
Here is what I could reproduce:
root@mail1 ~ # quota test_spam
Disk quotas for user test_spam (uid 1003):
Filesystem
On Tue, Sep 30, 2014 at 11:57 AM, Giancarlo Razzolini
wrote:
>
>> Is it good enough to grab the signed source tarball, then checkout from
>> CVS over it and make sure nothing changed in the process?
>>
> No, this won't cut it. Unless you check every line changed, and understand
> completely what
On 30-09-2014 12:46, trondd wrote:
> Sure, you have to somehow verify that the fingerprint is good and
> check it against the fingerprint you get when first connecting to the
> CVS server. How can you verify that fingerprint is good? I don't know.
SSHFP. DNSSEC. And other ways. But these won't ha
Sounds like I'll need to go with the signed tarballs for the -release
and then apply the signed patches to get -stable.
Dangit, I already had my process down (building from CVS) and now I
have to change it ...
On Tue, Sep 30, 2014 at 11:30 AM, Giancarlo Razzolini
wrote:
> On 30-09-2014 11:56, trondd wrote:
>
>> There are SSH fingerprints published for each of the CVS servers.
>>
> They are published on a clear http page and there is no SSHFP on the dns.
> You need to access the anoncvs page from differ
On 30-09-2014 11:56, trondd wrote:
> There are SSH fingerprints published for each of the CVS servers.
They are published on a clear http page and there is no SSHFP on the
dns. You need to access the anoncvs page from different places, using
different connections/vpns/proxies, to be sure you are ta
There are SSH fingerprints published for each of the CVS servers.
Alternatively, you use the patch files which are signed. There aren't so
many of them that's it hard to catch up.
Tim.
On Tue, Sep 30, 2014 at 10:37 AM, Alan McKay wrote:
> On Tue, Sep 30, 2014 at 10:27 AM, Stefan Olsson
> wro
On 9/30/2014 at 1:06 AM Stuart Henderson wrote:
| [snip]
|
|Some other vectors:
|
|dhclient script - the dhclient in base doesn't have scripts any
more,
|so no issue there. Other dhclient implementations still do, unlikely
|to use bash *by default*, though who knows what people may change on
|thei
On Tue, Sep 30, 2014 at 10:27 AM, Stefan Olsson
wrote:
> I don't do this myself, but stable="patch branch", i.e. release + patches.
> All info you need is really in these two pages:
Yes, I have it working great already. But at no point during that
process does it have me verify that the source c
Hi folks,
I've been googling for a couple of hours now and not coming up with much here.
I see how to download the -release source and then verify it, but I
cannot find any way to grab -stable from CVS and do the same. I
guess the only way I do see is to start out with the -release code,
verify
On Sat, 2014-09-27 at 07:30 +0100, OpenBSD Europe wrote:
> > Hi folks,
> >
> > I just noticed that in Germany "Lehmanns" (see OpenBSD's order-site)
> > already accepts pre-orders for OpenBSD 5.6-release.
> >
> > Guess what I just did :-)
> >
> > My little contribution to the project along with a bi
On Tue, Sep 30, 2014 at 08:14:22AM -0400, Ted W. wrote:
> On 09/28/14 09:11, Mike Larkin wrote:
> >On Thu, Sep 25, 2014 at 12:12:55PM -0400, Ted W. wrote:
> >>I have really enjoyed the last few weeks of running OpenBSD on my
> >>Thinkpad. Almost everything I need works and or worked right out of
>
On 09/28/14 09:11, Mike Larkin wrote:
On Thu, Sep 25, 2014 at 12:12:55PM -0400, Ted W. wrote:
I have really enjoyed the last few weeks of running OpenBSD on my
Thinkpad. Almost everything I need works and or worked right out of
the box. The only real issue I've noticed is that when the system
re
https://https.openbsd.org/cgi-bin/order
from this page;
http://www.openbsd.org/orders.html#ca/cshop
On Mon, Sep 29, 2014, at 10:21 PM, Andrew Lester wrote:
> Hey all,
>
> I notice the Softpro books seller, the only one for the US, indicates
> that they will no longer sell
> OpenBSD as distributi
People have long said the worst things about perl, but that's one thing
that scripting language definitely gets right...
It has a -T switch you have to use for every security sensitive script
that handles potentially untrusted outside data.
That switch is very thorough about not letting you do a
37 matches
Mail list logo