Security hole with new setresuid call

d != pc->pc_ucred->cr_uid)) && As I see you can now additionly set ruid to euid which is not allowed in setreuid call. Supposed POSIX_APPENDIX_B_4_2_2 clause should be either ifdefed or removed as in setreuid. -- Andrey A. Chernov http://nagual.pp.ru/~ache/ MTH/SH/HE S-- W-- N+ PEC>+ D A a++ C G>+ QH+(++) 666+>++ Y To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message

Re: Security hole with new setresuid call

define POSIX_APPENDIX_B_4_2_2 by default for setuid(geteuid()), but I mean case when it is _not_ defined (BTW, why to have define which is always on?) And in case POSIX_APPENDIX_B_4_2_2 is not defined, ruid = euid; assignment was not allowed before you add new syscall. -- Andrey A. Cherno

OpenSSH bugs with login.conf

andled too. Please use corresponding security/ssh/patches/patch-af to fix the problem Searching for HAVE_LOGIN_CAP_H in whole sources (not in patches only) will help (sshd.c and userfile.c are affected). Patched standard ssh1 from ports deal with login.conf in correct way. -- Andrey A. Chernov &

[PATCH] Fix login.conf, expiration, BSD compatibility in OpenSSH

n"); - syslog(LOG_INFO, - "%s Password expired - forcing change", - pw->pw_name); - if (system("/usr/bin/passwd") != 0) - perror("/

login.c patch

directory.\nLogging in with home = \"/\".\n"); + pwd->pw_dir = "/"; } (void)seteuid(euid); (void)setegid(egid); -- Andrey A. Chernov <[EMAIL PROTECTED]> http://nagual.pp.ru/~ache/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message

strange code in ftp.c

; break; } else Please left only one 'pflag' assignment. -- Andrey A. Chernov <[EMAIL PROTECTED]> http://nagual.pp.ru/~ache/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message

Broken FTP

Current ftp client tries to put this unknown command on each remote request: 500 'EPSV': command not understood. It is just too bothering. Could it silently try once at the beginning and remember status during the session? -- Andrey A. Chernov <[EMAIL PROTECTED]> http://nagual.p

Re: Broken FTP

ild 'ftp' from scratch after cvsup. No help, the "500 'EPSV': command not understood." bug remains. -- Andrey A. Chernov <[EMAIL PROTECTED]> http://nagual.pp.ru/~ache/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message

Re: Broken FTP

h request, but try it once at the beginnig of the session and remember it. Since most of world FTP servers _not_ support EPSV, best way is to do _silent_ check and give EPSV status in FTP's 'status' command on direct user request. Something like: Enhanced passive mode: on (or what

Re: Broken FTP

to give user info is remote ftpd EPSV-compatible or not, as I already describe in previous messages. -- Andrey A. Chernov <[EMAIL PROTECTED]> http://nagual.pp.ru/~ache/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message

Re: Broken FTP

til.c setpeer() function lines if (command("PASSERVE %s", argv[1]) != COMPLETE) { ... and below if (command("SYST") == COMPLETE && overbose) { ... the check must be in this style... -- Andrey A. Chernov <[EMAIL PROTECTED]> http://nagual.pp.ru/~ache/ To Unsubscri

Re: Broken FTP

command given or FTP_PASIVE_MODE env. variable is set and must be not issued in normal ftp mode at all, so it seems another bug found... -- Andrey A. Chernov <[EMAIL PROTECTED]> http://nagual.pp.ru/~ache/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message

Re: Broken FTP

On Sun, Feb 20, 2000 at 01:37:01PM -0800, Andrey A. Chernov wrote: > I don't look at the code deeply yet, but it looks from > your words that EPSV command must be issued _only_ if ftp called > as pftp or 'passive' command given or FTP_PASIVE_MODE > env. variable is se

wrong default in login.conf

/usr/local/bin /usr/X11R6/bin:\ :nologin=/var/run/nologin:\ :cputime=unlimited:\ -- Andrey A. Chernov <[EMAIL PROTECTED]> http://nagual.pp.ru/~ache/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message

Re: Broken FTP

On Sun, Feb 20, 2000 at 01:56:06PM -0800, Andrey A. Chernov wrote: > Sorry, this place (EPSV == PASV) is right excepting proxy mode is not covered by > EPSV (see PASV usage for proxy). Another error is that static int try_epsv = 1; is set globally for all connections made

EPSV patch for review (was Re: Broken FTP)

@@ -120,6 +120,7 @@ intdirchange; /* remote directory changed by cd command */ intttywidth; /* width of tty */ char *tmpdir;/* temporary directory */ +int try_epsv; /* try EPSV for this session */ #ifndef SMALL int

Re: [PATCH] Fix login.conf, expiration, BSD compatibility in OpenSSH

On Mon, Feb 28, 2000 at 08:57:08PM -0500, Brian Fundakowski Feldman wrote: > On Sun, 27 Feb 2000, Andrey A. Chernov wrote: > > > This patch revive almost all login.conf and password/account expiration > > features, makes OpenSSH more FreeBSD login compatible and fix non-critic

[PATCH] OpenSSH: login.access and more auth_*

if (!auth_ttyok(lc, ttyname)) { + (void)printf("Permission denied.\n"); + log( + "LOGIN %.200s REFUSED (TTY) FROM %.200s ON TTY %.200s", + pw->pw_name, hostname, ttyname); +

Re: new ncurses lib changed tgetstr() API

area GCC_UNUSED) It is definitely bug on ncurses side and must be fixed *there* and not in userland code. (Peter please back out corresponding tset fix too) Many programs use area parameter. API change not allowed here. -- Andrey A. Chernov http://nagual.pp.ru/~ache/ MTH/SH/HE S-- W-- N+ PEC>

i386/isa/pnp.h is absent!

Many drivers tries to include #include which is absent now, please fix ASAP, kernel build fails on "make depend" -- Andrey A. Chernov http://nagual.pp.ru/~ache/ MTH/SH/HE S-- W-- N+ PEC>+ D A a++ C G>+ QH+(++) 666+>++ Y To Unsubscribe: send mail to [EMAIL PROTECTED

something wrong with new CVS on freefall

I can't commit ee.c because CVS says ee.c - Does not contain a line with the keyword "$FreeBSD:". but the file ee.c _have_ "$FreeBSD: keyword, check by yourself. Please fix. -- Andrey A. Chernov http://nagual.pp.ru/~ache/ MTH/SH/HE S-- W-- N+ PEC>+ D A a++ C G&g

Re: something wrong with new CVS on freefall

On Sun, Sep 12, 1999 at 07:13:15AM +0400, Andrey A. Chernov wrote: > I can't commit ee.c because CVS says > ee.c - Does not contain a line with the keyword "$FreeBSD:". > > but the file ee.c _have_ "$FreeBSD: keyword, check by yourself. > Please fix. It is be

Repository copy request

Anybody who control CVS tree please copy /usr/src/contrib/groff/troff/hyphen.us-ru to /usr/src/contrib/groff/tmac/locale/hyphen.us-ru and /usr/src/usr.sbin/lpr/filters.ru/koi2alt.c to /usr/src/usr.sbin/lpr/filters.ru/koi2alt/koi2alt.c Thanx in advance. -- Andrey A. Chernov http://nagual.pp.ru

netstat can't be compiled due to netgraph

/usr/src/usr.bin/netstat/netgraph.c:51: netgraph.h: No such file or directory Please fix this thing. -- Andrey A. Chernov http://www.nagual.pp.ru/~ache/ MTH/SH/HE S-- W-- N+ PEC>+ D A a++ C G>+ QH+(++) 666+>++ Y To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe f

mount_nwfs can't be compiled due to netncp

/usr/src/sbin/mount_nwfs/mount_nwfs.c:50: netncp/ncp_lib.h: No such file or directory /usr/src/sbin/mount_nwfs/mount_nwfs.c:51: netncp/ncp_rcfile.h: No such file or directory Please fix. -- Andrey A. Chernov http://www.nagual.pp.ru/~ache/ MTH/SH/HE S-- W-- N+ PEC>+ D A a++ C G>+ QH+(+

Re: netstat can't be compiled due to netgraph

On Tue, Nov 02, 1999 at 10:28:16AM +0300, Andrey A. Chernov wrote: > /usr/src/usr.bin/netstat/netgraph.c:51: netgraph.h: No such file or > directory > Please fix this thing. Sorry false alarm, libnetgraph must be installed first -- Andrey A. Chernov http://nagual.pp.ru/~ache/ MTH/SH

Re: mount_nwfs can't be compiled due to netncp

On Tue, Nov 02, 1999 at 10:34:52AM +0300, Andrey A. Chernov wrote: > /usr/src/sbin/mount_nwfs/mount_nwfs.c:50: netncp/ncp_lib.h: No such file > or directory > /usr/src/sbin/mount_nwfs/mount_nwfs.c:51: netncp/ncp_rcfile.h: No such > file or directory > > Please fix. Sorry f

-current panic on AHA

puter. -- Andrey A. Chernov http://nagual.pp.ru/~ache/ MTH/SH/HE S-- W-- N+ PEC>+ D A a++ C G>+ QH+(++) 666+>++ Y To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message

Root mount failed:22 ???

/kernel: Mounting root from ufs:da0s4a -- Andrey A. Chernov http://nagual.pp.ru/~ache/ MTH/SH/HE S-- W-- N+ PEC>+ D A a++ C G>+ QH+(++) 666+>++ Y To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message

Re: -current panic on AHA

On Sat, Nov 06, 1999 at 10:31:12AM -0700, Warner Losh wrote: > In message <[EMAIL PROTECTED]> "Andrey A. Chernov" writes: > : Very fresh -current always paniced after detecting SCSI devices on > : aha0: AHA-1542CF FW Rev. B.0 (ID=45) SCSI Host Adapter, SCSI ID

Re: Root mount failed:22 ???

order of the da devices change? No. > The diagnostic is relatively harmless, but it suggests that /etc/fstab > is wrong. Here is fstab line, please point what is wrong? /dev/da0s4a / ufs rw,userquota 1 1 -- Andrey A. Chernov http://nagual.pp.ru/~ache/ M

Mount before SCSI comes up ? (was Re: Root mount failed:22 ???)

516C) da1 at aha0 bus 0 target 1 lun 0 da1: Fixed Direct Access SCSI-2 device da1: 3.300MB/s transfers da1: 1051MB (2154176 512 byte sectors: 64H 32S/T 1051C) -- Andrey A. Chernov http://nagual.pp.ru/~ache/ MTH/SH/HE S-- W-- N+ PEC>+ D A a++ C G>+ QH+(++) 666+>++ Y To Unsubscribe: sen

ps ax: kernel command line caching bug with "-"?

With recent -current I got _su (tcsh) \___ in "ps ax" instead of -su (tcsh) as before. >From su.c: /* csh strips the first character... */ *np = asthem ? "-su" : iscsh == YES ? "_su" : "su"; It seems that it NOT strip the first ch

Re: ps ax: kernel command line caching bug with "-"?

So the question is: should csh/tcsh use setproctitle() or should su be fixed to not use "_"? On Sat, Nov 20, 1999 at 03:18:27AM +0300, Andrey A. Chernov wrote: > With recent -current I got > > _su (tcsh) > \___ > > in "ps ax" instead of > >

Re: Root mount failed:22 ???

at it > wasn't set, since in many cases to come that will be fatal for the boot > process. I just rebuild/reinstall -current /kernel and /sys/boot and update bootblocks via disklabel, as result diagnostic in question gone, but I _not_ see vfs.root.mountfrom variable in my sysctl -a outpu

Re: ps on 4.0-current

nt. Looks like access to this info becomes too restrictive. Something bad in the kernel, not in kvm library. -- Andrey A. Chernov http://nagual.pp.ru/~ache/ MTH/SH/HE S-- W-- N+ PEC>+ D A a++ C G>+ QH+(++) 666+>++ Y To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe

Re: semi-HEADS-UP (dumpon now wants raw disk device)

; > Should be changed to: dumpdev="/dev/rwd0s1b" I see no needs of this change. I have -current dumpon/savecore work with old entrly like /dev/wd0... savecore understand both character and old block devices now. -- Andrey A. Chernov http://nagual.pp.ru/~ache/ MTH/SH/HE S-- W-- N+ PEC&

Re: semi-HEADS-UP (dumpon now wants raw disk device)

is confusing and means just opposite. I'll fix dumpon to accept both device types (to work with older kernels too) The bug is that you not rebuild your /dev -- Andrey A. Chernov http://nagual.pp.ru/~ache/ MTH/SH/HE S-- W-- N+ PEC>+ D A a++ C G>+ QH+(++) 666+>++ Y To Unsubscribe: send ma

Re: block devices & dumpon.

s time. New kernel not support old block devices. But in case you MAKEDEV slices, it will work. -- Andrey A. Chernov http://nagual.pp.ru/~ache/ MTH/SH/HE S-- W-- N+ PEC>+ D A a++ C G>+ QH+(++) 666+>++ Y To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message

Is there any way to use ATAPI CD-R?

As I see by quick check, CD-related soft from ports understand SCSI only. Does anybody use new ATAPI CD-R (acd)? If yes, please tell me how. -- Andrey A. Chernov http://www.nagual.pp.ru/~ache/ MTH/SH/HE S-- W-- N+ PEC>+ D A a++ C G>+ QH+(++) 666+>++ Y To Unsubscribe: send mail

Re: Is there any way to use ATAPI CD-R?

* soft automatically. -- Andrey A. Chernov http://nagual.pp.ru/~ache/ MTH/SH/HE S-- W-- N+ PEC>+ D A a++ C G>+ QH+(++) 666+>++ Y To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message

ppp phone dial is broken

With latest ppp I hear no phone numbers dial sounds at the stage: Phase: Phone: N ppp does _nothing_ until timeout occurse, then redial happens with the same unsuccessful result. -- Andrey A. Chernov http://nagual.pp.ru/~ache/ MTH/SH/HE S-- W-- N+ PEC>+ D A a++ C G>+ QH+(++) 666

event.h troubles

Now I got lost of /usr/include/sys/event.h:159: warning: `struct timespec' declared inside parameter list. because include it. Please fix somehow. -- Andrey A. Chernov <[EMAIL PROTECTED]> http://nagual.pp.ru/~ache/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "uns

tcsh history and month bugfix: tc.prompt.c v3.38

ar *) month_list[t->tm_mon]; *cz; - *p++ = attributes | *cz++); + *p++ = attributes | *cz++) if (p >= ep) break; break; case 'W': -- Andrey A. Chernov <[EMAIL PROTECTED]> http://nagual.pp

Re: make release broken...

On Fri, Apr 21, 2000 at 01:54:23PM +0200, Poul-Henning Kamp wrote: > > ===> bin/csh/nls > cd /usr/src/bin/csh/nls ; make afterdistribute DESTDIR=/R/stage/trees/bin > ===> bin/csh/nls/finnish > make: don't know how to make distribute. Stop Fix commited. -- Andrey A.

Re: csh/nls problem causing make release failure

happy to test any patchs. Try now, I just commit what is supposed to fix. -- Andrey A. Chernov <[EMAIL PROTECTED]> http://nagual.pp.ru/~ache/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message

Workaround for hanging on exit: patch for review

* The tty could have been revoked -- Andrey A. Chernov <[EMAIL PROTECTED]> http://nagual.pp.ru/~ache/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message

Re: Workaround for hanging on exit: patch for review

solution will be adding tp->t_timeout = 180 * hz; while initializing tp struct, but it is more radical than I suggest initially. Any ideas? -- Andrey A. Chernov <[EMAIL PROTECTED]> http://nagual.pp.ru/~ache/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message

Re: Workaround for hanging on exit: patch for review

SET(tp->t_state, TS_CONNECTED); bzero(&tp->t_winsize, sizeof(tp->t_winsize)); } + tp->t_timeout = 180 * hz; /* XXX don't hang forever */ ttsetwater(tp); splx(s); return (0); -- Andrey A. Chernov <[EMAIL PROTECTED]

Re: Workaround for hanging on exit: patch for review

On Fri, Apr 28, 2000 at 01:01:38AM +0100, void wrote: > > to places that have 2~3 minute lag. :) > > And make it sysctl-controllable, perhaps? It is already tunable for years via ioctl -- Andrey A. Chernov <[EMAIL PROTECTED]> http://nagual.pp.ru/~ache/ To Unsubscribe: s

TCP becomes very broken just now

Some of recent kernel TCP changes cause TCP completely not working, i.e. any network daemon (mountd, sendmail, cfsd) started from "rc" on dialup machine hangs with 3min "Can't connect' timeout and user level "ppp" started than hangs forever even not dialing.

Re: TCP becomes very broken just now

On Sat, May 06, 2000 at 11:53:23PM +0200, Samuel Tardieu wrote: > On 7/05, Andrey A. Chernov wrote: > > | Some of recent kernel TCP changes cause TCP completely not working, > | i.e. any network daemon (mountd, sendmail, cfsd) started from "rc" on > | dialup machi

Re: ed driver broken in today's -CURRENT?

rks fine. I > have the funny situation that I can send fine, and I can traceroute to > the box, but I can't ping. NFS also objects strenuously: It is not dead card, it is broken TCP, see my similar report in -current, I notice it several hours ago right after TCP changes was commited. -- An

Re: ed driver broken in today's -CURRENT?

On Sun, May 07, 2000 at 04:15:57PM +0200, Jeroen Ruigrok van der Werven wrote: > -On [2507 14:50], Andrey A. Chernov ([EMAIL PROTECTED]) wrote: > >It is not dead card, it is broken TCP, see my similar report in -current, I > >notice it several hours ago right after TCP chang

It seems that SCSI code still use block devices

still use block devices. -- Andrey A. Chernov <[EMAIL PROTECTED]> http://nagual.pp.ru/~ache/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message

Re: cvs commit: src/sys/netinet tcp.h tcp_input.c tcp_output.c tcp_timer.c tcp_var.h

worse - I notice the same problem occurse in CURRENT->CURRENT ssh connection, both with NewReno! It means that NewReno implementation have some internal errors when two identical -currents can't speak each other properly sometimes (when modem have long 30secs retrain). -- Andrey A. Chernov

Re: cvs commit: src/sys/netinet tcp.h tcp_input.c tcp_output.c tcp_timer.c tcp_var.h

sed PPP over uncompressed PPP over a saturated ISDN dialup > that drops up to one in every three packets). But this bug is gone (for me at least), when NewReno is turned off. Is it means that NewReno cause very high packet loss somehow? -- Andrey A. Chernov <[EMAIL PROTECTED]> http://nag

Patch to change CheckMail default for OpenSSH

yes +CheckMail yes #UseLogin no -- Andrey A. Chernov <[EMAIL PROTECTED]> http://nagual.pp.ru/~ache/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message

Detecting multiply function definitions

Why our ld is able to detect multiply defined functions only for static linking? What prevents us to use the same algorithm for shared linking too? It is very unsafe otherwise to do shared linking... -- Andrey A. Chernov <[EMAIL PROTECTED]> http://nagual.pp.ru/~ache/ To Unsubscribe: sen

[dickey@herndon4.his.com: Re: Incorrect exporting of trace() function (with patch)]

Subject: Re: Incorrect exporting of trace() function (with patch) To: "Andrey A. Chernov" <[EMAIL PROTECTED]> cc: [EMAIL PROTECTED], [EMAIL PROTECTED] On Tue, 23 May 2000, Andrey A. Chernov wrote: > There is a namespace pollution preventing lots of application linking with I

Re: cvs commit: src/contrib/ncurses/include curses.h.in src/contrib/ncurses/ncurses/trace lib_trace.c

/usr/libexec/elf/ld: Warning: type of symbol `trace' changed from 1 to 2 in lib_trace.o Yes, this bug is very dangerous and many places are affected so I fix it immediately. The fact our ld can't detect multiply definitions when linking shared is another issue - I recently send this to -cu

Re: cvs commit: src/contrib/ncurses/include curses.h.in src/contrib/ncurses/ncurses/trace lib_trace.c

same way as in static linking. What about adding special ld flag to allow duplicate linking and change default case the same way as static linking does? -- Andrey A. Chernov <[EMAIL PROTECTED]> http://nagual.pp.ru/~ache/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscri

freebsd-current@freebsd.org

gt; src/contrib/ncurses/ncurses/trace lib_trace.c > Author: "Andrey A. Chernov" <[EMAIL PROTECTED]> > Date: 2000/05/24 > Forum:mailing.freebsd.cvs > > more headers author posting history > Post Reply ž Prev ž Next >

What happens with SECURELVL? (init complains)

up the mess. -- Andrey A. Chernov <[EMAIL PROTECTED]> http://ache.pp.ru/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message

ls

FYI: It seems that color support in 'ls' is clean now. I have no ideas or bug reports to fix it more. -- Andrey A. Chernov <[EMAIL PROTECTED]> http://ache.pp.ru/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message

Re: ls

bug. Know nothing about colors from ports. -- Andrey A. Chernov <[EMAIL PROTECTED]> http://ache.pp.ru/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message

Re: mktemp() patch

8.3 name safe. > Why are we still using the pid? It is highly non-random. It was originally I agree. We must not use getpid() since we have arc4random(). -- Andrey A. Chernov <[EMAIL PROTECTED]> http://ache.pp.ru/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe

Re: mktemp() patch

ws to run FreeBSD binary in MSDOS FS with MSDOS files. > Basically, I think the answer is not to use a nwfs or smbfs filesystem as > your TMPDIR :-) mktemp() makes temp files in any directory including current one. -- Andrey A. Chernov <[EMAIL PROTECTED]> http://ache.pp.ru/ To Unsu

Re: mktemp() patch

in UFS, I care about current directory. Probably /tmp-prefix sensing code helps to solve this. -- Andrey A. Chernov <[EMAIL PROTECTED]> http://ache.pp.ru/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message

Re: mktemp() patch

-random bits from getpid()? It only weakens. Better way is just remove any getpid() code and left arc4random() only. -- Andrey A. Chernov <[EMAIL PROTECTED]> http://ache.pp.ru/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message

Re: mktemp() patch

lision much faster then with random source only. 2) Yet, of course, the code handles collisions. -- Andrey A. Chernov <[EMAIL PROTECTED]> http://ache.pp.ru/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message

Re: mktemp() patch

On Fri, Jun 09, 2000 at 11:23:58PM -0700, Andrey A. Chernov wrote: > On Fri, Jun 09, 2000 at 07:37:09PM -0400, Jeroen C. van Gelderen wrote: > > > Why to XOR true random bits from arc4random() with non-random bits from > > > getpid()? It only weakens. Better way is just rem

Re: mktemp() patch

On Fri, Jun 09, 2000 at 11:23:58PM -0700, Andrey A. Chernov wrote: > > would be the way to go: 64^6 = 2^36 possibilities which is nice... > > 1) Just totally opposite: mixing random with non-random sources you'll get > into collision much faster then with random source only

Re: mktemp() patch

obability is altogether pretty small. I'll do some calculations to > estimate the exact level of risk here. Please note that you turn never probavility into small one, and it is degradation. "never" is not completely never, of course, but if temp file stays until pids wrapped.

Re: mktemp() patch

On Fri, Jun 09, 2000 at 11:53:34PM -0700, Matthew Dillon wrote: > :1) Just totally opposite: mixing random with non-random sources you'll get > :into collision much faster then with random source only. 2) Yet, of course, > :the code handles collisions. > : > :--

Re: mktemp() patch

ame bits number, there is no reason to XOR random with predictable, random is not become more random. -- Andrey A. Chernov <[EMAIL PROTECTED]> http://ache.pp.ru/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message

Re: mktemp() patch

it not weakers I can't see why it strenghthens. I.e. you can constantly strenghthens generator with passing it through XOR -1? If not, why any other value is better than -1? -- Andrey A. Chernov <[EMAIL PROTECTED]> http://ache.pp.ru/ To Unsubscribe: send mail to [EMAIL PROTECTED]

Re: mktemp() patch

On Sat, Jun 10, 2000 at 07:43:06PM -0700, Andrey A. Chernov wrote: > On Sat, Jun 10, 2000 at 09:31:49AM +0200, Mark Murray wrote: > > Incorrect. See my other mail; ${RANDOM} xor ${PREDICTABLE} is random. > > Only if predictable have the same bits number as random. If not all bi

Re: mktemp() patch

On Sat, Jun 10, 2000 at 07:36:10PM -0700, Andrey A. Chernov wrote: > On Fri, Jun 09, 2000 at 11:53:34PM -0700, Matthew Dillon wrote: > > :1) Just totally opposite: mixing random with non-random sources you'll get > > :into collision much faster then with random source only

Re: mktemp() patch

ta_ will not makes it strenghthens too. If attacker tries to predict random number generator itself and know pid and mktemp() algorithm, adding getpid() bits he already know will not stop him from this attack unless you plan to keep mktemp() algorihtm secret. -- Andrey A. Chernov <[EMAIL PROTEC

ppp is broken now

Fresh -current, "ppp -auto system" not react on outgoing packets and not dial, it seems they routed to dead end. Direct "dial system" command dials in, but packets not routed too. Restoring ppp from 8 Jun fix it. -- Andrey A. Chernov <[EMAIL PROTECTED]> http://ache.pp.

res_init.c 1.20 broke non-INET6 kernel!

ck to AF_INET -- Andrey A. Chernov <[EMAIL PROTECTED]> http://ache.pp.ru/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message

Re: res_init.c 1.20 broke non-INET6 kernel!

On Wed, Jun 14, 2000 at 12:21:48PM -0700, Andrey A. Chernov wrote: > All nameservers are initialized to AF_INET6 which cause socket() to return -1 > in non-INET6 kernel. > > All names lookups fails as result. Returning res_init.c to 1.19 and res_send.c to 1.32 solve this thing.

Re: ppp is broken now

On Wed, Jun 14, 2000 at 06:46:07PM +0400, Andrey A. Chernov wrote: > Fresh -current, "ppp -auto system" not react on outgoing packets and not > dial, it seems they routed to dead end. Direct "dial system" command > dials in, but packets not routed too. Restoring ppp

bug: "device ether" no longer optional

Without "device ether" in config file kernel fails to compile and complains on undefined function ether_ifdetach() in if.c:if_detach() Please fix. -- Andrey A. Chernov <[EMAIL PROTECTED]> http://ache.pp.ru/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscrib

Re: Laptop boot problem in current with GENERIC & GENERIC.hints

oblem. Fresh -current kernel with fresh -current bootblock loaded ok but hangs in boot (no diagnostics even printed). Kernel from Jun14 with fresh -current bootblocks booted Ok. -- Andrey A. Chernov <[EMAIL PROTECTED]> http://ache.pp.ru/ To Unsubscribe: send mail to [EMAIL PROTECTED] with

bug: kernel hangs at boot

Fresh -current kernel with fresh -current bootblocks loaded ok but hangs in boot (no diagnostics even printed, just silent hang with "/" on the screen). Kernel from Jun14 with fresh -current bootblocks (i.e. the same bootblocks) booted Ok. -- Andrey A. Chernov <[EMAIL PRO

Re: bug: "device ether" no longer optional

On Thu, Jun 29, 2000 at 11:57:59AM -0700, Archie Cobbs wrote: > Andrey A. Chernov writes: > > Without "device ether" in config file kernel fails to compile and > > complains on undefined function ether_ifdetach() in if.c:if_detach() > > > > Please fix. >

Boot hang (was Re: bug: "device ether" no longer optional)

ot;-O2 -pipe" instead of "-O -pipe", but I have it working for years! -- Andrey A. Chernov <[EMAIL PROTECTED]> http://ache.pp.ru/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message

Re: bug: kernel hangs at boot

On Wed, Jun 28, 2000 at 11:03:22PM -0700, Andrey A. Chernov wrote: > Fresh -current kernel with fresh -current bootblocks loaded ok but hangs in > boot (no diagnostics even printed, just silent hang with "/" on the screen). > > Kernel from Jun14 with fresh -current boo

Re: bug: "device ether" no longer optional

tch, it was just > want I needed to get over the hump. I have it in my copy of UPDATING > now and will commit it later today. The last phrase can be more specific - "add randomdev_load="YES" to your /boot/loader.conf" -- Andrey A. Chernov <[EMAIL PROTECTED]>

perl6 first time build problem

ons) /usr/obj/usr/src/gnu/usr.bin/perl/perl/../miniperl/miniperl:No such file or dire ctory *** Error code 1 -- Andrey A. Chernov <[EMAIL PROTECTED]> http://ache.pp.ru/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message

Re: perl6 first time build problem

is there a way to add CFLAGS (highly-optimized for me) when building additional perl object modules? I see something with name 'cflags' extracted now, so it can helps maybe. This problem stays too long... -- Andrey A. Chernov <[EMAIL PROTECTED]> http://ache.pp.ru/ To Unsubscribe

perl standard modules not installed properly (with fix)

Hostname Syslog attrs re all: man3pages -- Andrey A. Chernov <[EMAIL PROTECTED]> http://ache.pp.ru/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message

Re: bug: kernel hangs at boot

On Fri, Jun 30, 2000 at 06:29:11AM -0700, Andrey A. Chernov wrote: > On Wed, Jun 28, 2000 at 11:03:22PM -0700, Andrey A. Chernov wrote: > > Fresh -current kernel with fresh -current bootblocks loaded ok but hangs in > > boot (no diagnostics even printed, just silent hang with &q

perl, cron or sh bug

.c) I am not shure, is this cron bug calling with ignoring SIGCHLD, sh bug, or perl bug. I think cron shouldn't call anything with SIGCHLD ignored. -- Andrey A. Chernov <[EMAIL PROTECTED]> http://ache.pp.ru/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message

Re: perl, cron or sh bug

On Sat, Jul 01, 2000 at 01:49:07PM -0700, Andrey A. Chernov wrote: > On Sat, Jul 01, 2000 at 07:00:07PM +0200, Mark Murray wrote: > > I've got this and some other tweaks commit-ready; I'll do them tomorrow... > > When running as cron job, from shell script, perl now

Re: perl, cron or sh bug

On Sat, Jul 01, 2000 at 02:03:01PM -0700, Andrey A. Chernov wrote: > On Sat, Jul 01, 2000 at 01:49:07PM -0700, Andrey A. Chernov wrote: > > On Sat, Jul 01, 2000 at 07:00:07PM +0200, Mark Murray wrote: > > > I've got this and some other tweaks commit-ready; I'll do th

Re: perl, cron or sh bug

> > (void) signal(SIGCHLD, SIG_IGN); > > > > What about re-allowing SIGCHLD after second fork (i.e.vfork), just before > > execle()? Any objections? > > Not from me, as long as the implications are understood... I already solve this thing. -- Andrey A. Chernov <

New boot0 not work with ahc

New boot0 cause dead hang (nothing appearse on the screen) with Adaptec SCSI BIOS ahc0: Standard MBR works fine. All in first 1024 cyls. -- Andrey A. Chernov <[EMAIL PROTECTED]> http://ache.pp.ru/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-

  1   2   3   4   5   6   >