> I sent this to questions a couple of weeks ago, but didn't receive any
> helpful replies. Anyone doing this - two machines connected by a null-modem
> cable with the ability to create a serial terminal session from either
> side, with suitable juggling of getty processes?
Used to do this in
Okay, I'm using a manual switch box for my 3 computers, 1 of which is a
bsd box. The switch box is ps/2 kband mouse and video. When i switch
away from the bsd box, the mouse won't come back.
i can re-enable it using a moused deamon, but its 'out of sync' ( get
that error ) and it doesn;t work righ
May I attract your attention towards the bin/21017 PR (see
http://www.freebsd.org/cgi/query-pr.cgi?pr=21017 for more
details) about how mtree(1) fails to compare a file system
against a database? I'm stuck in narrowing down what causes the
problem and I wouldn't want to be the responsible develo
On Fri, 8 Sep 2000, Jan Knepper wrote:
> I don't know what you are doing with the 'gettext' in the call to 'printf'.
Translate the string into a localized version. You can't just printf("%s",
gettext(...), args) because the arguments won't be printed, only the raw
string returned from gettext wi
In message <[EMAIL PROTECTED]> Kris
Kennaway writes:
: It also needs to check they are all of the same type, as changing a %d to
: a %s for example could conceivably be exploitable. And you would have to
: forbid escaped % characters as well. Yeah, I think that would be
: doable. We probably shou
I don't know what you are doing with the 'gettext' in the call to 'printf'.
However for printf usage I would always limit the size of a string being
displayed with "%s", thus as "%-.80s" for instance.
I would *never* do:
printf ( argv [ 0 ] );
Since argv [ 0 ] indeed is untrusted.
However:
printf
On Thu, 7 Sep 2000, Warner Losh wrote:
> In message <[EMAIL PROTECTED]> Kris
>Kennaway writes:
> : gettext() doesnt take any additional arguments, AFAIK it just munges the
> : string. The argument substitution was being done by printf() in the
> : example given.
>
> Right. You know how many ar
In message <[EMAIL PROTECTED]> Kris
Kennaway writes:
: gettext() doesnt take any additional arguments, AFAIK it just munges the
: string. The argument substitution was being done by printf() in the
: example given.
Right. You know how many args are expected, since you know printf.
: The only p
On Thu, 7 Sep 2000, Warner Losh wrote:
> In message <[EMAIL PROTECTED]> "John Doh!" writes:
> : Issue is must be getting format string from "untrusted" place, but want to
> : limit substitution of %... to the substitution of say in example the
> : argv[0], but to not do others so that say given
Hello,
What about md5 in the boot loader. I've included a patch to
src/sys/boot/ficl/words.c No doubt with lots of little errors. I
added this after concerns while working on PXE booting.
I'm looking for a sense of direction... Is using MD5 better
than just a clear text passwor
In message <[EMAIL PROTECTED]> "John Doh!" writes:
: Issue is must be getting format string from "untrusted" place, but want to
: limit substitution of %... to the substitution of say in example the
: argv[0], but to not do others so that say given "usage: %s filename %p" %p
: not interpret but
>From: Alfred Perlstein <[EMAIL PROTECTED]>
>To: John Doh! <[EMAIL PROTECTED]>
>CC: [EMAIL PROTECTED], [EMAIL PROTECTED]
>Subject: Re: How to stop problems from printf
>Date: Thu, 7 Sep 2000 19:33:14 -0700
>
>* John Doh! <[EMAIL PROTECTED]> [000907 19:28] wrote:
> > Hello to you am I C coder wh
* John Doh! <[EMAIL PROTECTED]> [000907 19:28] wrote:
> Hello to you am I C coder who to wish write programs we cannot exploit via
> code such as below.
>
> >
> > main(int argc, char **argv)
> > {
> > if(argc > 1) {
> > printf(gettext("usage: %s filename\n"),argv[0]);
> > exi
Hello to you am I C coder who to wish write programs we cannot exploit via
code such as below.
>
> main(int argc, char **argv)
> {
> if(argc > 1) {
> printf(gettext("usage: %s filename\n"),argv[0]);
> exit(0);
>}
>printf("normal execution proceeds...\n");
> }
Issue
Hi,
[ Bcc'ed to -current ]
Perhaps it was a mistake :) but I took up someone else's cause and
started a thread on -current which now probably belongs on -hackers.
So:
What are the dangers of having init lower the securelevel to 0 when
the system goes into single user? Looking at the mailing
The last days I am trying to cvs both the latest stable source and the
latest ports from several servers. The problem is that when I am cvsing
the ports I get a segmentation faults and cvsup exits ungracefully
with a core dump. What could be wrong?
I include some maybe helpful info
achilles# unam
Sign me up as a tester, when the time comes! (I have a TNT2 Ultra 32M.)
Matt
Nick Triantos wrote:
>
> We'll be happy to work with people to get our code up and running, but it's
> important to note that our drivers do not use DRI, we use our own direct
> rendering mechanism. There are exactly
On Thu, 7 Sep 2000, Jason Kraft wrote:
> Is there any way to gather BIOS statistics within FreeBSD? I would like
> to monitor internal CPU temperature, and fan speeds. When I go into
> the BIOS menu, I can see these statistics, but don't really do any good
> since most of these gauge values ri
In the last episode (Sep 07), Jason Kraft said:
> Is there any way to gather BIOS statistics within FreeBSD? I would like
> to monitor internal CPU temperature, and fan speeds. When I go into
> the BIOS menu, I can see these statistics, but don't really do any good
> since most of these gauge v
Is there any way to gather BIOS statistics within FreeBSD? I would like
to monitor internal CPU temperature, and fan speeds. When I go into
the BIOS menu, I can see these statistics, but don't really do any good
since most of these gauge values rise after the machine has been on for
long period
We'll be happy to work with people to get our code up and running, but it's
important to note that our drivers do not use DRI, we use our own direct
rendering mechanism. There are exactly 3 source files which need to be
ported from linux to freebsd, then after that, it should be fairly simple to
With freebsd 4.1, I have 2 "problems" with the dc driver. Im using a 4 port
DLINK card in this test:
1) It always give me a "device timeout" on first startup. It seems to work
ok though. The de driver (oppositely) gives me an "enabled" on the
connected ports on startup.
2). It numbers the ports
I sent this to questions a couple of weeks ago, but didn't receive any
helpful replies. Anyone doing this - two machines connected by a null-modem
cable with the ability to create a serial terminal session from either
side, with suitable juggling of getty processes?
John
Hi,
I have two Free
On Wed, 6 Sep 2000, Len Conrad wrote:
>
> >If I am not mistaking Token Ring _is_ supported in FreeBSD.
>
> Stealthy support it is, then, as I cannot find it here:
>
> http://www.freebsd.org/releases/4.1R/notes.html
Unfortunately, the release notes tend to lag behind the actual state of
the sy
What does this line (from clone.s linuxpthread port) do?
jmp PIC_PLT(HIDENAME(cerror))
Marco van de Voort ([EMAIL PROTECTED] or [EMAIL PROTECTED])
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
Mike Silbersack wrote:
>
> On Wed, 6 Sep 2000, Warner Losh wrote:
>
> > http://www.rsasecurity.com/news/pr/000906-1.html
> >
> > RSA Security Releases RSA Encryption Algorithm into Public Domain
>
> Ok, now I have a question. Using STARTTLS with sendmail is obviously OK
> for us, since sendma
26 matches
Mail list logo