Re: Realtek RTL8192SE wireless card support in OpenBSD 5.5
On Mon, Oct 20, 2014 at 7:20 PM, Stefan Sperling s...@stsp.name wrote: On Mon, Oct 20, 2014 at 06:54:31PM -0300, Dylan Socolobsky wrote: What can I do? Is the card not supported at all? Is it just bad mapping maybe? Not supported. Write a driver for it or find a card that works. Also, before buying a card find someone who already has that one to confirm it works well under OpenBSD. My old laptop had a RTL8187B, which is supported by urtw, but it worked so bad it was almost like having no wifi at all. If someone has one of those USB chipsets that works well email me the model.
Re: Thanks for ksh
On 09/25/2014 10:25 PM, ian kremlin wrote: /bin/sh is an implementation of *the bourne shell*, not the bourne-again shell (bash). in any case, neither /bin/sh nor ksh are vulnerable to the recent shellshock vulnerability. Also, if OpenBSD had bash it still wouldn't be such a big issue as it is in Linux. The most common attack vector is Apache with PHP with scripts calling to system(), shell_exec(), etc. Since hosts with OBSD have httpd chrooted, even if they installed PHP, /bin/sh wouldn't be inside the jail. And even if they added /bin/sh and someone was able to exploit it, they will be trapped inside the jail. Of course this is all hypothetical because OBSD doesn't have bash to begin with. [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
Re: What generates the OpenBSD page?
On Sat, Dec 10, 2011 at 12:31 AM, Theo de Raadt dera...@cvs.openbsd.org wrote: I am wondering what software if any generates the OpenBSD and similar websites. It appears to be a static page generated by some software, that software doesn't seem to be mentioned. What is it? Or is it just hand made? Are you kidding? Theo I have noticed you changed http to html tag in the index of your website. You might also want to fix these specific pages: http://www.theos.com/deraadt/cats.html http://www.theos.com/deraadt/brew.html And remember that every time you forget the body tag, Tim Berners Lee kills a kitten @misc, leave the kid alone.
Re: Which version of Firefox most secure?
On Sun, Nov 20, 2011 at 4:17 AM, Tomas Bodzar tomas.bod...@gmail.com wrote: 7.x.xx actual stable from Mozilla 7.x is no longer supported by Mozilla. 7.0.1 has 3 CVEs If you don't have 8.0 on ports, go with 3.6.24
Re: Webmin with OpenBSD
On Sat, Oct 8, 2011 at 7:55 AM, Chaminda Indrajith c.indraj...@gmail.com wrote: I just installed Webmin 1.570 in OpenbSD 4.9 and found that updating user quota from webmin module will not affect the user quota. Enabling, Disabling are all working fine, only quota assigning is not working.. Have you ever came across this type of issue in OpenBSD? Is there any hidden security option in OpenBSD to enable for this web based quota assigning? Webmin should use edquota but maybe is deleting the quota and setting it again with setquota. Check quota options at https://host:1/config.cgi?quota (use Webmin search for 'quota' to follow a link or disable referer protection). Try setting: Command to set a user's quota -- setquota -u Command to set a group's quota -- setquota -g You will probably have to download setquota from packages. If the above does not work, check if edquota and setquota are functioning properly. If they do, forward this to webadmin-de...@lists.sourceforge.net and cc kevin lo, or make a bug report at github. OpenBSD support in Webmin still buggy.
Re: Webmin with OpenBSD
On Sat, Oct 8, 2011 at 5:50 PM, Thomas Adam tho...@xteddy.org wrote: Not to mention Webmin is a huge security risk, has been for a long time and a lot of Linux distros for example have long-since dropped support for it. Why would anyone want to even try and use Webmin with anything? Just don't use it. Because security is a trade-off for most people. About Webmin security: +1s +1: quick release of patch when vuln is reported +1: update with 1 click -1s -1: seven CVEs in the last four years. -1: very nasty remote vuln in 2006 -1: web-based (being web-based is a -1 in itself) Want to use Webmin and be as secure as possible? -Start it through ssh -Install updates as soon as you log in. -Do what you have to do -Log out + kill process Tips -Do NOT browse the web while logged in -_- -Do not use default port 1. -Use changedetection.com with webmin.com/security.html Unless someone have a remote 0day and is scanning constantly all ports while waiting for you to enable webmin, you will be safe.
Re: Why I uninstalled OpenBSD…
On Sat, Oct 1, 2011 at 9:49 PM, Lionel Hutchence lionel.hutche...@gmail.com wrote: http://www.trollaxor.com/2011/10/why-i-uninstalled-openbsd.html I _almost_ thought he wasn't trolling (despite the domain name) until I saw his others posts about OpenBSD. Then it was just too obvious.
Re: About spam (Re: Westpac Account Message)
On Sun, Sep 4, 2011 at 9:39 PM, Javier Bassi javierba...@gmail.com wrote: lists is not to comply about spam, but since we are already offtopic comply---complain On Mon, Sep 5, 2011 at 2:26 AM, Scott Learmonth sc...@moosepile.net wrote: That would be like judging yourself by the amount of spam directed at you, unsolicited. I don't know about you, but if I judged myself by the spam that got through to my inbox, I'd be a pretty messed up individual. Thats why a judgment made with the first impression of something is often wrong. Wouldn't be here if my first impression was right. But that doesn't mean you can't try to make a good first impression. Just to be clear, I really don't care about three o more spam messages a day on this list. I just wanted to comment the first thought that crossed my mind when checking this list archives for the first time and, if possible, prevent that thought from other people like me. Anyway, enough breaking of netiquette for today... My apologies.
About spam (Re: Westpac Account Message)
On Mon, Sep 5, 2011 at 1:09 AM, Hassan Monfared hmonfa...@gmail.com wrote: don't spam please!! Replying to phishing isn't gonna help. I know rule n:1 of mailing lists is not to comply about spam, but since we are already offtopic in this thread, I just wanted to tell that when I first saw the misc archives at marc.info (before subscribing) I thought the lists were abandoned. The spam on the lists really gives a bad first impression about OpenBSD for the people that are just starting with it. Also it makes harder to browse the archives (when you browse without searching for anything). I think the best is to make emails from non-subscribers to go moderation queue. I would definitively volunteer myself to approve messages (and also clean the lists.openbsd.org archives in my free time)
Little bug in OpenBSD installer cause infinite loop
In the OpenBSD installation, in the question What timezone are you in? there is an option (DeNoronha East in Brazil timezones) that makes you enter in a no return cycle, because of the space char in the name of the timezone. All two words timezone use underscore instead of space (e.g. Buenos_Aires) except DeNoronha East which has this output when getting chosen: What timezone are you in? ('?' for list) [Canada/Mountain] ? /* list of all timezones */ What timezone are you in? ('?' for list) [Canada/Mountain] Brazil What sub-timezone of 'Brazil' are you in? ('?' for list) ? AcreDeNoronha East West What sub-timezone of 'Brazil' are you in? ('?' for list) DeNoronha East What sub-timezone of 'Brazil/DeNoronha East' are you in? ('?' for list) ? . What sub-timezone of 'Brazil/DeNoronha East' are you in? ('?' for list) . What sub-timezone of 'Brazil/DeNoronha East/.' are you in? ('?' for list) ? . What sub-timezone of 'Brazil/DeNoronha East/.' are you in? ('?' for list) oh shit What sub-timezone of 'Brazil/DeNoronha East/./oh shit' are you in? ('?' for list) There is no way to successfully choose that option. Colons, semi-colons or escaping the space with a slash wont work, and once chosen you can't go back and you have to quit the installation with Ctrl+C this was OpenBSD 4.9 installer; install49.iso;md5 sum: c50e0889651cac33a468eeafb3d8e955
Re: Little bug in OpenBSD installer cause infinite loop
Fri, Aug 5, 2011 at 10:07 PM, Theo de Raadt wrote: ... Yes, that is clear. There are two zones. He made a mistake. But the script has a bug; it has no way out of the loop once the error is made. Ken is looking into one of two ways to fix this. True, my bad. (installing OpenBSD at 5am+choosing random timezone=fail) I just tested it a little more and user will enter the loop if answering: valid (non-folder) option+space+random char(s) e.g. What timezone are you in? ('?' for list) [Canada/Mountain] ? /* list of all timezones */ What timezone are you in? ('?' for list) [Canada/Mountain] Iran dude What sub-timezone of 'Iran dude' are you in? ('?' for list)