On Tue, 23 Nov 1999, Peter Wemm wrote:
"Matthew N. Dodd" wrote:
On Mon, 22 Nov 1999, Nick Hibma wrote:
My compliments on the sbc bridge drivers. This is what newbus is
supposed to look like. Anyone wanting to know what a bridge driver is,
have a look at
John Hay wrote:
A normal "make world" on current is ok, but a "make -j13 world" is broken.
I have looked at it a little bit, but I can't figure out what is going
wrong. It dies with:
cd /usr/src/usr.bin/lex;make beforeinstall
install -C -o root -g wheel -m 644
Title: VideBula-991118
VideBula
"No importa o que tiraram de voc,
o que importa o que voc vai fazer com o que sobrou."
"Voc no pode estar s se gostar da pessoa com quem fica quando esta sozinho."
RECEBER NORECEBER
PUBLICAR CRTICAS, DVIDAS SUGESTES
This patch might be a bit heavy handed, but it seems to fix the
problem...
The KerberosIV bits can go; I have some cleanups that nuke that completely in favour
of PAM. Now all I need to do is make PAM work for xdm...
M
--
Mark Murray
Join the anti-SPAM movement: http://www.cauce.org
To
On Tue, 23 Nov 1999, Peter Wemm wrote:
I'm pretty sure it's this commit to i386/machdep.c:
===
revision 1.377
date: 1999/11/21 14:46:43; author: pho; state: Exp; lines: +5 -5
Moved useracc() to top of sigreturn as to avoid panic
caused by invalid arguments to rutine.
Reviewed by:
Works like a charm. Two more I've encountered:
lynx:
libncurses.so.3
libmytinfo.so.2
Thanks! I've added them to my list. I'm going to populate compat3x from
3.4-RELEASE. So we aren't too far off.
--
-- David([EMAIL PROTECTED])
To Unsubscribe: send mail to [EMAIL PROTECTED]
Why does ps not show the full path on 4.0 as in 3.3?
(for non-root users)
ie:
4.0 ps -ax
134 v2 Is+0:00.00 (getty)
135 v3 Is+0:00.00 (getty)
136 v4 Is+0:00.00 (getty)
137 v5 Is+0:00.00 (getty)
3.3 ps -ax
312 v0 Is+0:00.01 /usr/libexec/getty
On Tuesday, 23 November 1999 at 13:15:58 -0500, Forrest Aldrich wrote:
Why does ps not show the full path on 4.0 as in 3.3?
(for non-root users)
ie:
4.0 ps -ax
134 v2 Is+0:00.00 (getty)
135 v3 Is+0:00.00 (getty)
136 v4 Is+0:00.00 (getty)
137 v5
In the last episode (Nov 23), Forrest Aldrich said:
Why does ps not show the full path on 4.0 as in 3.3? (for non-root
users)
4.0 ps -ax
134 v2 Is+0:00.00 (getty)
135 v3 Is+0:00.00 (getty)
136 v4 Is+0:00.00 (getty)
137 v5 Is+0:00.00 (getty)
Hello FreebSD'ers!
[ Apologies to committers, I have Bcc'ed you to ensure you got
this; you may get two copies. ]
I have been charged with the duty of ensuring that FreeBSD gets a
security audit that has the credibility of OpenBSD's.
Consider this to be a request-for-discussion that will
On Tue, 23 Nov 1999, Mark Murray wrote:
Hello FreebSD'ers!
2) I propose that WE diff(1) FreeBSD with {Open|Net}BSD, and with a
security perspective apply those bits that look relevant and that will
work. Who nose - we may even pick up some useful featurez!
While we're on the subject of
On Tue, 23 Nov 1999, Mark Murray wrote:
1) We need to eyeball _all_ of the code for potential security holes,
and fix those ASAP.
2) I propose that WE diff(1) FreeBSD with {Open|Net}BSD, and with a
security perspective apply those bits that look relevant and that will
work. Who nose - we
On Tue, 23 Nov 1999, Mark Murray wrote:
I have some 500+ commit messages in my openbsd folder which are things I
need to investigate further for relevancy. Some way of sharing these with
the group, adding/removing/vetting changes which should be looked at would
be very useful.
I'd be
On Tue, 23 Nov 1999, Kelly Yancey wrote:
Need volunteers, eh? I can be suckered in to helping in regards to
building the web-based database for keeping track of the effor's progress.
I may be no security expert, but I can build database-driven web sites (I
should...it's my day job ;) ).
In the last episode (Nov 23), Forrest Aldrich said:
Why does ps not show the full path on 4.0 as in 3.3? (for non-root
users)
4.0 ps -ax
134 v2 Is+0:00.00 (getty)
135 v3 Is+0:00.00 (getty)
136 v4 Is+0:00.00 (getty)
137 v5 Is+0:00.00
On 1999-Nov-24 06:35:16 +1100, Kris Kennaway wrote:
o unsafe use of the str*(3) functions; strcat/strcpy/sprintf c.
I wonder how many instances of the potentially unsafe functions there are
in the source tree? :)
A 'grep | wc' equivalent over the source tree gives:
gets110
strcat
Also useful would be a review status of the freebsd tree. So (approved)
people can "sign off" on a particular file or directory as having been
reviewed as of a certain date, and we can work in a coordinated fashion.
Well, IMHO what you guys most significantly need is a "tinderbox"
style page
On Mon, 22 Nov 1999, Mark Murray wrote:
May this is not the best way for ftpd to use pam (many other lines for login,
may ftpd should be so). But I think ftpd should be listed in /etc/pam.conf.
Any plan to fix it in /usr/src/etc/pam.conf ?
On my list! :-)
rsh too, while you're at
On Tue, Nov 23, 1999 at 03:23:23PM -0500, Kelly Yancey wrote:
I may be no security expert,
So??? You can read C code, right? What needs to happen is a leader to
take charge and give people direction. If someone gave you a few
sequences of code to look for, you could find them right? If you
Kris Kennaway wrote:
Let me throw in some ideas..
I think it would be very useful to have a database which can track
submitted open/netbsd CVS commits (with the code diff included),
preferably mapped to the relevant file in the freebsd tree if possible
according to a path mapping table
So when Joe Blow clicks on (say) src-bin-cat he'll find that
(say) markm eyballed the code and kris diffed it with OpenBSD
and merged in blah fixes - "cat now considered safe".
Until the next commit to cat.
A security review is never done. We need to be in a mode where every
commit is
On Tue, 23 Nov 1999, David O'Brien wrote:
A security review is never done. We need to be in a mode where every
commit is suspect and people are compelled to review it. BDE's use of
CTM to review changes is actually rather affective in this reguard.
A CVS tag would also accomplish this and
2) I propose that WE diff(1) FreeBSD with {Open|Net}BSD,
This is not the easiest thing to do (I've tried). Rather one should look
at what changes OpenBSD has done to a piece of code since they imported
it from NetBSD and compare with FreeBSD code to see if the OpenBSD change
is applicable to
A 'grep | wc' equivalent over the source tree gives:
gets110
strcat 2860
strcpy 4717
strncat 167
strncpy1514
sprintf6839
vsprintf133
*ouch* :-)
This means nothing out of context. I hope we don't go on a witch hunt.
And these are the easy
At 12:05 PM -0800 1999/11/23, Jordan K. Hubbard wrote:
Part of what will make this go a lot faster is people like yourself
committing to sticking around and helping us find and fix any security
problems we might have, so I certainly hope you can do this!
I'm certainly willing to do
At 03:57 PM 11/23/99 , Vlad Skvortsov wrote:
Sorry for probably a bit stupid question (I've been out of lists for
a while). Are patches for named already in -current or -stable ?
No they have not to either. Use it out of the ports. Be sure to adjust
named-xfer
In the last episode (Nov 23), Brian Somers said:
$ ps jtva
USER PID PPID PGID SESS JOBC STAT TT TIME COMMAND
root 222 1 222 9dac400 Is+ va0:00.01 (getty)
$ sudo ps jtva
USER PID PPID PGID SESS JOBC STAT TT TIME COMMAND
root 222 1 222
Hi,
"make -DWANT_AOUT world" on my current box fails because of the
recent changes to src/Makefile.inc1.
log starts here
--
Building legacy libraries
--
cd
On Wed, 24 Nov 1999, Bruce Evans wrote:
Hmm. My netscape works, but I didn't use merge that commit. I had already
inadvertly fixed the bug in another way while cleaning up.
Indeed, the proplem is checking the new context before checking that the
context is actually new.
Here is my
On 1999-Nov-24 09:26:26 +1100, David O'Brien wrote:
A 'grep | wc' equivalent over the source tree gives:
gets110
strcat 2860
strcpy 4717
strncat 167
strncpy1514
sprintf6839
vsprintf133
*ouch* :-)
This means nothing out of context. I hope we
On Tue, 23 Nov 1999, David O'Brien wrote:
On Tue, Nov 23, 1999 at 03:23:23PM -0500, Kelly Yancey wrote:
I may be no security expert,
So??? You can read C code, right? What needs to happen is a leader to
take charge and give people direction. If someone gave you a few
sequences of code
Here is my 0.02:
I think it would be useful to identify "unsafe" functions, so that
anyone can participate in the "eyeball" portion of the game. This means
that we need eyeballed, identified as a (potential) problem and fixed,
as well as some other possiblities. There is a lot of
On Tue, 23 Nov 1999, Peter Wemm wrote:
Brian Fundakowski Feldman wrote:
Forget anything I said about KAME being the strong possibility :) As
soon as peter noted what commit it could have to do with, I figured
it out and fixed it; after testing, I committed it. Be happy :)
Your fix
In the last episode (Nov 23), Brian Somers said:
$ ps jtva
USER PID PPID PGID SESS JOBC STAT TT TIME COMMAND
root 222 1 222 9dac400 Is+ va0:00.01 (getty)
$ sudo ps jtva
USER PID PPID PGID SESS JOBC STAT TT TIME COMMAND
root 222 1
On Tue, Nov 23, 1999 at 05:11:37PM -0600, Dan Nelson wrote:
Now that does look weird. After a bit more investigation, it looks
like you can only get the full commandline of your own processes. Root
can see all commandlines.
Yes, I can confirm it too on recently rebuilded -current.
Looks
According to Donn Miller:
While we're on the subject of possibly borrowing code from NetBSD...
NetBSD's wscons looks interesting. Any chance FreeBSD will adopt this, or
will we stay with syscons?
What features does it have compared to syscons ?
--
Ollivier ROBERT -=- FreeBSD: The Power to
On 1999-Nov-24 10:21:17 +1100, [EMAIL PROTECTED] wrote:
a) This is what an unsafe function call looks like
Without checking a lot of the call context, it is very difficult
to categorically state that a particular function call is safe or
not. As an example, consider the following:
foo(const
Jason, you are my savior. Go forth and do much to create Truly Kick Ass
Threading. Give me my tools to smite these Linux database servers once
and for all! :-)
Why do we need to smite the Linux database servers? With threads in their
current state they already outperform Linux's native
In the last episode (Nov 23), Lyndon Nerenberg said:
After you verify that this change isn't going to break things that
assume they can see the *argv list via ps(1). I.e. lightning bolts
that do 'kill -MUMBLE `ps -ax|grep foo`'. Which may not be elegant
style, but sometimes is the only
Thanks to Marcel's latest Makefile.inc1 changes (1.92), a -current
buildworld running on an older -current system now progresses much
further - in fact it now completes :-).
There are, however still a few problems - as far as I can tell, these
are all related to the wrong version of perl being
Lint no longer works in -current as cpp seems to have lost the -undef
option. The option is still shown in the usage message and the man
page, but the code seems to have gone walk about!
David.
0:30:gonzo 92% uname -a
FreeBSD gonzo.home 4.0-CURRENT FreeBSD 4.0-CURRENT #17: Sat Nov 20
2) I propose that WE diff(1) FreeBSD with {Open|Net}BSD,
This is not the easiest thing to do (I've tried). Rather one should look
at what changes OpenBSD has done to a piece of code since they imported
it from NetBSD and compare with FreeBSD code to see if the OpenBSD change
is
I'm certainly willing to do what I can to help, although I have
to admit that I may need a bit of help identifying what I can do. ;-)
That's Mark's job - he's the security leader. :)
- Jordan
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the
This means nothing out of context. I hope we don't go on a witch hunt.
No, but there is some merit to simply replacing these so that they
don't show up on our radar later. I don't see any reason, for
example, why anyone should still be using gets() and our
implementation even gets whiney
On Tue, 23 Nov 1999, Kris Kennaway wrote:
On Tue, 23 Nov 1999, Kelly Yancey wrote:
Need volunteers, eh? I can be suckered in to helping in regards to
building the web-based database for keeping track of the effor's progress.
I may be no security expert, but I can build database-driven
On 1999-Nov-24 12:02:59 +1100, Jordan K. Hubbard wrote:
I don't see any reason, for
example, why anyone should still be using gets()
To take gets() as an example, of the 110 occurrences that gid found in
-current, the following files contain actual calls to gets() (rather
than declarations,
I'm trying to build a CURRENT system from the 4.0 CURRENT snapshot cdroms
on 7-5-1999. I did a cvsup to cvsup4.freebsd.org, and attempted to build
world. It keeps on blowing up as illustrated below. I nuked the /usr/src
directory and then checked the source tree from our local mirror of the
Peter Jeremy writes:
| Thanks to Marcel's latest Makefile.inc1 changes (1.92), a -current
| buildworld running on an older -current system now progresses much
| further - in fact it now completes :-).
|
| There are, however still a few problems - as far as I can tell, these
| are all related to
Lint no longer works in -current as cpp seems to have lost the -undef
option.
Yes, looking into `cpp' is on my list of things to do.
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
I don't see any reason, for example, why anyone should still be using
gets() and our implementation even gets whiney about it if you do.
That one is definitely up for a global search and replace as its only use
is to read external data.
--
-- David([EMAIL PROTECTED])
To Unsubscribe:
I seem to recall that conversation here in the mailing list.
How about a system configuration variable that determines what info
like ps (and friends) can access?
Personally, I would just prefer to leave it be. There are too many other
potential problems with scripts and such that depend upon
Anyone have any ideas whats going on here?
Yep. ;-)
yacc: e - line 30 of "c-parse.y", syntax error
%expect 51
^
*** Error code 1
The problem is rev 1.92 of src/Makefile.inc1. With that change, the
tools needed to build GCC aren't made first. I added a few Bison-like
features to Byacc
On Wed, Nov 24, 1999 at 12:54:15AM +0100, Poul-Henning Kamp wrote:
I'm personally leaning towards the opinion that the argv is public
property and should be visible, but then again, I can see the point
in hiding it in some circumstances.
I'll stick a sysctl in there which defaults to the
On Tue, 23 Nov 1999, Kelly Yancey wrote:
I think it would be useful to identify "unsafe" functions, so that
anyone can participate in the "eyeball" portion of the game. This means
that we need eyeballed, identified as a (potential) problem and fixed,
as well as some other possiblities.
In the spirit of the newly-formed FreeBSD Auditing Project, I present:
% banner `perl -e 'print "a"x2000'`
Segmentation fault(core dumped)
-
The problem is a trivial one. From /usr/src/usr.bin/banner/banner.c:
/*
* banner - prints large signs
* banner [-w#] [-d] [-t] message ...
*/
On 1999-Nov-24 15:33:14 +1100, Brian Fundakowski Feldman wrote:
I'd like to note something. Strcat isn't necessarily unsafe, and strncat()
isn't necessarily safe.
I wasn't implying that. In fact, I believe the semantics of strncat()
put it into the `hard to use correctly' category (or maybe
How I can install Apache_1.3.9 with the option
EXTRA_CFLAGS=-DBIG_SECURITY_HOLE from ports ?
Thanks.
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
In the last episode (Nov 23), Lyndon Nerenberg said:
After you verify that this change isn't going to break things that
assume they can see the *argv list via ps(1). I.e. lightning bolts
that do 'kill -MUMBLE `ps -ax|grep foo`'. Which may not be elegant
style, but sometimes is the only
On Tue, Nov 23, 1999 at 11:49:28PM -0600, Juan Amado Becerril Castillo wrote:
How I can install Apache_1.3.9 with the option
EXTRA_CFLAGS=-DBIG_SECURITY_HOLE from ports ?
By asking this question of [EMAIL PROTECTED] rather than here.
--
-- David([EMAIL PROTECTED])
To Unsubscribe:
On Wed, 24 Nov 1999, Peter Jeremy wrote:
On 1999-Nov-24 15:33:14 +1100, Brian Fundakowski Feldman wrote:
I'd like to note something. Strcat isn't necessarily unsafe, and strncat()
isn't necessarily safe.
I wasn't implying that. In fact, I believe the semantics of strncat()
put it into
On Tue, Nov 23, 1999 at 09:15:35PM -0800, Kris Kennaway wrote:
- (void)fgets(message, sizeof(message), stdin);
+ (void)fgets(message, MAXMSG, stdin);
There is nothing wrong with the original line here. Please don't change
things that are fine just to change them. We
On Tue, 23 Nov 1999, David O'Brien wrote:
On Tue, Nov 23, 1999 at 09:15:35PM -0800, Kris Kennaway wrote:
- (void)fgets(message, sizeof(message), stdin);
+ (void)fgets(message, MAXMSG, stdin);
There is nothing wrong with the original line here. Please don't change
Hey guys, can we move this discussion over to security? I don't
think it's -current fodder. :)
Actually, I'd like to start a whole new list - freebsd-audit - if
that is OK with you. I have a conference to attend, but if this is OK
I'll set it up in about 9 hours.
M
--
Mark Murray
Join the
- (void)fgets(message, sizeof(message), stdin);
+ (void)fgets(message, MAXMSG, stdin);
There is nothing wrong with the original line here. Please don't change
things that are fine just to change them. We don't want to ofuscate
Obviously not, but I didn't see the
Dan Nelson wrote:
In the last episode (Nov 23), Lyndon Nerenberg said:
After you verify that this change isn't going to break things that
assume they can see the *argv list via ps(1). I.e. lightning bolts
that do 'kill -MUMBLE `ps -ax|grep foo`'. Which may not be elegant
style, but
Christopher Masto wrote:
On Wed, Nov 24, 1999 at 12:54:15AM +0100, Poul-Henning Kamp wrote:
I'm personally leaning towards the opinion that the argv is public
property and should be visible, but then again, I can see the point
in hiding it in some circumstances.
I'll stick a sysctl in
: and people who need to hide it can set it to "close" to do so.
:
: Please. Thank you.
:
: Not everyone wears the sysadmin hat with the face shield and gas mask,
: as much as it may currently be in style. If it can work both ways,
: even better.
:
:Definately! This is NOT AN ACCEPTABLE
In message [EMAIL PROTECTED] Mark Murray writes:
: o unsafe use of the str*(3) functions; strcat/strcpy/sprintf c.
Keep a keen eye out for unsafe uses of strncpy and strncat and know
the man page by heart before thinking you are correct :-)
: o c. please contribute here
I had a long list
In message [EMAIL PROTECTED] Kris Kennaway
writes:
: semi-joking
: Maybe what we actually want is a better RCS system for FreeBSD.
: /semi-joking
http://www.perforce.com/
:-)
Warner
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
In message [EMAIL PROTECTED] Peter Jeremy writes:
: I suspect that a 'cvs diff' of the OpenBSD code tree is the best
: starting point.
As a veteran of that war, I think you underestimate that task be about
a few orders of magnitude. A better starting point I've found to be
the ChangeLog files
In message [EMAIL PROTECTED] Peter Jeremy writes:
: I wasn't implying that. In fact, I believe the semantics of strncat()
: put it into the `hard to use correctly' category (or maybe `very likely
: to be misused').
I'd put strncat in the definitely unsafe category based on the number
of bugs
In message [EMAIL PROTECTED] Brian
Fundakowski Feldman writes:
: Despite the fact that the buffer name[] was made to be exactly the
: largest size, where sprintf() _would_be_safe_, some people insist
: on using snprintf() "for stability". Don't get caught doing this.
: If you find a strcat()
In message [EMAIL PROTECTED] "David O'Brien" writes:
: On Tue, Nov 23, 1999 at 09:15:35PM -0800, Kris Kennaway wrote:
: - (void)fgets(message, sizeof(message), stdin);
: + (void)fgets(message, MAXMSG, stdin);
:
: There is nothing wrong with the original line here. Please
In message [EMAIL PROTECTED] Kris Kennaway
writes:
: I'll commit this tomorrow (just wanted to get in a 'first post!' :-)..
Please don't. Please use a proper fix instead.
: /* Have now read in the data. Next get the message to be printed. */
: if (*argv) {
: -
Hmmm, but now that you have changed message to be a pointer, the
sizeof(message) at the end of the patch will return the size of
a pointer which is 4 and probably not what you want. :-)
I think we should be carefull when we make our security fixes so
that we don't introduce new bugs, which was
In message [EMAIL PROTECTED] Forrest Aldrich writes:
: Why does ps not show the full path on 4.0 as in 3.3?
: (for non-root users)
Because you have caught things in the middle of a change. There will
be a sysctl that will control this behavior shortly.
Warner
To Unsubscribe: send mail to
In message [EMAIL PROTECTED] "David O'Brien" writes:
: On Tue, Nov 23, 1999 at 09:15:35PM -0800, Kris Kennaway wrote:
: - (void)fgets(message, sizeof(message), stdin);
: + (void)fgets(message, MAXMSG, stdin);
:
: There is nothing wrong with the original line here. Please
77 matches
Mail list logo