On Fri, 6 Dec 2002, Octavian Hornoiu wrote:
I have been doing a lot of research into integrating FreeBSD into my
company's network recently and we have been converting our servers to
FreeBSD gradually but one of the hurdles to overcome is the login issue.
In order to make logins seamless
On Thu, 28 Nov 2002, Terry Lambert wrote:
Stefanos Kiakas wrote:
Jean Milanez Melo wrote:
I run a number of jail enviroments in a public server, so, i would like to
limit the disk usage of each jail to, say, X GB. Lets think of a practical
issue. I have 40GB storage space, and what i
On Mon, 25 Nov 2002, Yury Tarasievich wrote:
I need to port some driver from linux to freebsd and, somehow, I can't
find documentation on kernel locks and mutexes. There are no man pages,
links from handbook are broken, and search on freebsd site gives nothing
(besides the handbook itself).
On Mon, 25 Nov 2002, Terry Lambert wrote:
Yury Tarasievich wrote:
I need to port some driver from linux to freebsd and, somehow,
I can't find documentation on kernel locks and mutexes.
There are no man pages, links from handbook are broken, and search on
freebsd site gives nothing
On Tue, 26 Nov 2002, Cosmin Stroe wrote:
Is there a codafs diskless booting option available for FreeBSD ..
something similar to the NFS_ROOT option available currently in the
kernel ?
Is there even CODA fs builtin kernel support ?
Unlike many network file systems, Coda relies on a
On Sat, 23 Nov 2002, Dancho Penev wrote:
I was played with acl and specially default acl for directories at my
FreeBSD-CURRENT machine with UFS2 filesystem and some questions appears
to me:
1. How about default acl permission to override umask? Is that the idea
who isn't yet implemented
On Thu, 14 Nov 2002, Doug Rabson wrote:
: I'm open to patches for building /[s]bin as dynamic. If you have
: time and can coordinate with [EMAIL PROTECTED] to build the patch, I
: would appreciate it.
% make NOSHARED=NO buildworld
No patches necessary. We do this all the time at
Reminder: due tomorrow!
Robert N M Watson FreeBSD Core Team, TrustedBSD Projects
[EMAIL PROTECTED] Network Associates Laboratories
-- Forwarded message --
Date: Mon, 4 Nov 2002 20:36:13 -0500 (EST)
From: Robert Watson [EMAIL PROTECTED]
To: [EMAIL PROTECTED
on the status approaching the release, and identifying
areas where must be done requirements are present for the release will
help consumers of FreeBSD get a sense of what they can expect in 5.0, as
well as what other developers need to work on in order to make it happen.
Robert Watson, Scott Long
FreeBSD
On Fri, 1 Nov 2002, Robert Watson wrote:
All submissions are due by October 10, 2002.
Needless to say, the deadline is actually November 10, 2002. Rather than
thinking of this as an off the hook scenario, think of it as an extra
month to submit the status report, starting about a month ago
). This is being tackled by
TrustedBSD though, which I'm sure Robert Watson can provide some more
information on.
We're actually close to feature completeness on the CAPP (Common Acess
Protection Profile), which is logically equivilent to the old C2 TCSEC
evaluation except expressed
On Thu, 10 Oct 2002, Steve Kudlak wrote:
It has been a long time since I dealt with those arcane security
matters. At least they are obscure and arcane to most people. Many
consider me to be babbling when I go on about these things. If I start
saying rainbow books (the NSA's security books
On Thu, 10 Oct 2002, Terry Lambert wrote:
Robert Watson wrote:
The first thing you are
probably interested in is the Common Criteria description, which I believe
is available from ISO.
...which answers the how do I get it? followup question that naturally
comes from the CAPP/LSPP
On Wed, 9 Oct 2002, Terry Lambert wrote:
Roman V. Mashak wrote:
On Wed, Oct 09, 2002 at 01:07:43PM -0400, Steve Kudlak wrote:
project and mucking with the low grade in my opinion C-2 security
that Sun OSes had and finding bugs in things like FTP logging and
the like. I now do other
On Thu, 10 Oct 2002, Terry Lambert wrote:
Craig Rodrigues wrote:
On Thu, Oct 10, 2002 at 06:34:30PM -0400, Robert Watson wrote:
[ ... where to get security standards ... ]
Cool. You guys are a wealth of information..
Robert: any chance of this finding its way into a docs secion
in a couple of months!
Scott Long, Robert Watson
* Bluetooth stack for FreeBSD (Netgraph implementation)
* ATAPI/CAM Status Report
* BSDCon 2003
* Fast IPsec Status
* FreeBSD C99 POSIX Conformance Project
* FreeBSD Donations Team
* FreeBSD GNOME Project
I'd like to acknowledge the help of Scott Long in getting the report out
this month--he did all that hard work :-).
The next status report will cover September-October, 2002, and reports
will be due around November 15. Depending on the 5.0 release process, we
might slip it slightly. :-)
Yeah, it's odd actually. I burnt myself a CD this morning using my Mac OS
X box, and it appeared to be fine on an older -CURRENT box and on the Mac.
Stuck it in my far-more-recent -CURRENT box and it died horribly. Or at
least, it gave the same error you're reporting. I'm going to try to track
Reminder: reports are due today!
Robert N M Watson FreeBSD Core Team, TrustedBSD Projects
[EMAIL PROTECTED] Network Associates Laboratories
-- Forwarded message --
Date: Wed, 11 Sep 2002 20:14:12 -0400 (EDT)
From: Robert Watson [EMAIL PROTECTED]
To: [EMAIL
FreeBSD Core Team, TrustedBSD Projects
[EMAIL PROTECTED] Network Associates Laboratories
-- Forwarded message --
Date: Wed, 4 Sep 2002 12:19:38 -0400 (EDT)
From: Robert Watson [EMAIL PROTECTED]
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Request for submissions: FreeBSD Bi
On Thu, 5 Sep 2002, Seva Tonkonoh wrote:
I have recently come across an old little discussion about InterMezzo.
I 've got the impression that it wasn't really welcome to FreeBSD.
Just curious if something similar has been done for FreeBSD, or if
someone is working on such thing. I am
Reminder...
Robert N M Watson FreeBSD Core Team, TrustedBSD Projects
[EMAIL PROTECTED] Network Associates Laboratories
-- Forwarded message --
Date: Wed, 4 Sep 2002 12:19:38 -0400 (EDT)
From: Robert Watson [EMAIL PROTECTED]
To: [EMAIL PROTECTED], [EMAIL
On Fri, 6 Sep 2002, Alexey Dokuchaev wrote:
I've read the notes as of 2 September, 2002 from the USENIX ATC 2002
FreeBSD Developer Summit, which were made available recently. As a very
good addition to them, I suggest putting online some .oggs (or .mp3s)
next time, with recorded speeches,
This is a solicitation for submissions for the July 2002 - August 2002
FreeBSD Bi-Monthly Development Status Report. All submissions are due by
September 13, 2002. Submissions should be made by filling out the template
found at:
http://www.FreeBSD.org/news/status/report-sample.xml
On Fri, 30 Aug 2002, Patrick Thomas wrote:
I realize the difficulties in trying to use quotas on the _host_
system to limit the size of jails on the host system - userid mapping,
etc. This is not what I am asking.
I wonder, is it possible for the root user of a jail to set quotas
, the
less fixing we have to do afterwards!
Robert Watson
* Bluetooth stack for FreeBSD (Netgraph implementation)
* BSDCon 2003
* Fast IPSEC Status
* FreeBSD C99 POSIX Conformance Project
* FreeBSD GNOME Project
* FreeBSD Java Project
* FreeBSD Release
of advocacy.
Robert N M Watson FreeBSD Core Team, TrustedBSD Projects
[EMAIL PROTECTED] Network Associates Laboratories
-- Forwarded message --
Date: Mon, 15 Jul 2002 00:23:24 -0400 (EDT)
From: Robert Watson [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Request
On Thu, 18 Jul 2002, Julian Elischer wrote:
On Thu, 18 Jul 2002, Robert Watson wrote:
Final reminder: submissions for the May/June status report must be
received by tomorrow afternoon to be included. Please submit information
on on-going FreeBSD projects/etc. This information is both
On Thu, 18 Jul 2002, Terry Lambert wrote:
Robert Watson wrote:
I thought about it, but haven't had time to implement. Right now I just
cat the messages together, render, and fix warnings and errors due to bad
sgml in submissions. Oh, and write an introduction. It's actually
On Fri, 19 Jul 2002, Paul Richards wrote:
- Original Message -
From: Robert Watson [EMAIL PROTECTED]
To: Terry Lambert [EMAIL PROTECTED]
Cc: Julian Elischer [EMAIL PROTECTED]; [EMAIL PROTECTED];
[EMAIL PROTECTED]
Sent: Friday, July 19, 2002 1:18 AM
Subject: Re: Request
[EMAIL PROTECTED] Network Associates Laboratories
-- Forwarded message --
Date: Mon, 8 Jul 2002 19:23:02 -0400 (EDT)
From: Robert Watson [EMAIL PROTECTED]
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Request for submissions: FreeBSD Bi-Monthly Development Status Report
19:23:02 -0400 (EDT)
From: Robert Watson [EMAIL PROTECTED]
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Request for submissions: FreeBSD Bi-Monthly Development Status Report
This is a solicitation for submissions for the May 2002 - June 2002
FreeBSD Bi-Monthly Development Status Report. All
This is a solicitation for submissions for the May 2002 - June 2002
FreeBSD Bi-Monthly Development Status Report. All submissions are due by
July 19, 2002. Submissions should be made by filling out the template
found at:
http://www.FreeBSD.org/news/status/report-sample.xml
Submissions
I tend to retrieve address information about interfaces using
getifaddrs(), which will (among other things) retrieve the link layer
addresses of an interface. It might be overkill for your application,
however.
Robert N M Watson FreeBSD Core Team, TrustedBSD Projects
[EMAIL
On Wed, 5 Jun 2002, Lars Eggert wrote:
there's a large number of system programs that use get/setuid() to limit
what a non-root user can do (route, killall, ping, etc.)
This may be a really dumb question, but shouldn't they be using
get/seteuid() instead, to base their decision on the
On Wed, 29 May 2002, M. Warner Losh wrote:
In message: [EMAIL PROTECTED]
Bjoern Fischer [EMAIL PROTECTED] writes:
: Hello,
:
: OpenBSD has a new interesting feature: systrace. It is a system call
: policy generator for sandboxing untrusted or semi-trusted binaries.
:
: The
for the FreeBSD Core Team, and should have the
next Core Team online by the time the next report rolls around. Stay tuned
for more!
Robert Watson
* GEOM - generalized block storage manipulation
* Athlon MTRR Problems
* Bluetooth stack for FreeBSD (Netgraph implementation
On Sat, 18 May 2002, Alfred Perlstein wrote:
* Robert Watson [EMAIL PROTECTED] [020518 10:05] wrote:
Attached, please find the status report covering activity from February
2002 - April 2002. This may also be found on the FreeBSD.org web page
(once the site rebuilds sometime today
This looks much more like a syslog/audit/... mechanism, and not really
much like keven, which is about applications getting event notification on
system objects. You might be interested in talking to Andrew Reiter
[EMAIL PROTECTED] about his work on the TrustedBSD audit framework, but
otherwise
Last call for submissions due this afternoon.
Robert N M Watson FreeBSD Core Team, TrustedBSD Project
[EMAIL PROTECTED] NAI Labs, Safeport Network Services
-- Forwarded message --
Date: Thu, 9 May 2002 15:59:06 -0400 (EDT)
From: Robert Watson [EMAIL PROTECTED
Watson FreeBSD Core Team, TrustedBSD Project
[EMAIL PROTECTED] NAI Labs, Safeport Network Services
-- Forwarded message --
Date: Sat, 4 May 2002 17:50:49 -0400 (EDT)
From: Robert Watson [EMAIL PROTECTED]
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Request
This is a solicitation for submissions for the February 2002 - April 2002
FreeBSD Bi-Monthly Development Status Report. All submissions are due by
May 10, 2002. Submissions should be made by filling out the template
found at:
http://www.FreeBSD.org/news/status/report-sample.xml
On Thu, 25 Apr 2002, Joshua Goodall wrote:
On Wed, Apr 24, 2002 at 09:08:08PM -0700, Jordan Hubbard wrote:
BTW, what I'm suggesting here is the equivilent of the no_fake_prompts
setting in pam_opie.so found in -CURRENT. Basically, if the flag is set,
Again, by all means, generate
Sigh. I responded privately, but I see a plethora of mis-informed response
also. Please commit the fix to the S/Key code, rather than disabling
challenge response protocol behavior. There's nothing wrong with
supporting the challenge/response parts of the protocol, and it's even
desirable from
it a lot harder to enable OPIE if you want to.
Robert N M Watson FreeBSD Core Team, TrustedBSD Project
[EMAIL PROTECTED] NAI Labs, Safeport Network Services
On Wed, 24 Apr 2002, Robert Watson wrote:
Sigh. I responded privately, but I see a plethora of mis-informed response
also
On Tue, 23 Apr 2002, Frank Mayhar wrote:
Robert, it's really, really simple. For new installs, install the new,
more secure behavior. Be sure to loudly document this behavior so that
those of us who expect the _old_ behavior don't get bitten by the
change. And don't change the old
On Tue, 23 Apr 2002, Terry Lambert wrote:
Robert Watson wrote:
A more conservative default configuration results in a material
improvement in system security.
I really don't think there's any way to fully protect a
security-unconscious user, as if they had spent the time to learn what
On Tue, 23 Apr 2002, Terry Lambert wrote:
Robert Watson wrote:
System programming is hard, let's go shopping.
This is exactly the phrase that comes to mind every time someone yanks
the plug on a service they are afraid might one day have an exploit
found for it.
This isn't about
On Tue, 23 Apr 2002, Terry Lambert wrote:
The reality is that reducing exposure is an important part of any security
posture.
This is an argument for security through obscurity.
If we are talking risk reduction, then we can easily achieve it
statistically through obscurity. In
On Wed, 24 Apr 2002, Greg 'groggy' Lehey wrote:
A more conservative default configuration results in a material
improvement in system security.
*snip*
By snipping here, you removed reference to the fact that this was a
general discussion of direction and policy, rather than specifically
On Wed, 24 Apr 2002, Greg 'groggy' Lehey wrote:
I think the issue is POLA. Sure, we can put in individual knobs to
twiddle, but who will do that? I thought that securelevel would have
been a suitable solution to say I want approximately *this* much
security. If that's not the case, then
On Mon, 22 Apr 2002, Jordan Hubbard wrote:
That would be my question as well, especially since everyone else
seems to use that default. Thanks to all who responded, and so quickly
at that - this at least clarified the situation (and gave me a way
out!).
This was discussed fairly
On Mon, 22 Apr 2002, Joshua Goodall wrote:
In a remote kgdb, I have struct proc * for several processes that
are sleeping and I want the kernel backtraces for them. To illustrate:
(kgdb) set var $p201 = allproc.lh_first-p_list.le_next-p_list.le_next
(kgdb) print $p201-p_pid
$12 = 201
On Sun, 21 Apr 2002, Robert Watson wrote:
On Mon, 22 Apr 2002, Joshua Goodall wrote:
In recent -CURRENT, you can just use
trace pid
or
trace addressofstack
I have to say that since that since this feature was introduced, life
has become a *lot* easier :-).
Sigh. Remote
On Fri, 12 Apr 2002, M. Warner Losh wrote:
In message: [EMAIL PROTECTED]
Hidetoshi Shimokawa [EMAIL PROTECTED] writes:
: 5. FireWire for Kernel Hackers
...
: # dmesg -M /dev/fwmem0 -N /sys/i386/compile/GENERIC/kernel
: # gdb -k -c /dev/fwmem0
Wow. I'm impressed. Linus is too bored if he has time to come up with
these things. He should write a new OS or something. Perhaps he could
join the LainOS team :-).
Robert N M Watson FreeBSD Core Team, TrustedBSD Project
[EMAIL PROTECTED] NAI Labs, Safeport Network
Doesn't top already run in Jail on -CURRENT? Thomas Moestl did this work
a while back, exposing the necessary information to support most of our
userland monitoring tools using sysctl rather than kvm:
last pid: 32655; load averages: 0.05, 0.09, 0.07up 7+14:52:51 09:50:01
2 processes:
for our modular access control framework in TrustedBSD), let it
run in jail, gradually deprecate kvm for statistics reporting, etc.
Robert N M Watson FreeBSD Core Team, TrustedBSD Project
[EMAIL PROTECTED] NAI Labs, Safeport Network Services
On Tue, 2 Apr 2002, Robert Watson
On Thu, 28 Mar 2002, Paolo Pisati wrote:
Sometimes ago, I heard someone wanted to write a fs example (article?
howto?) just to teach how to write a real fs under FreeBSD.
I'm looking for this kind of info, any good pointer is welcome...
Unfortunately, as others have pointed out, there
On Mon, 11 Mar 2002, Jeff Jirsa wrote:
I've noticed that currently, violations of securelevel are aborted, but not
typically logged. It seems like in addition to aborting whichever calls are
in progress, logging an error might be beneficial. I recognize that this
goes along the same lines
Heh. I had something a little like that at one point -- it just acted as a
pass-through, but also logged in the pcap format. I thought someone had
done modifications to tcpdump to allow it to speak to divert sockets,
don't know that it was ever actually committed. Might be in the PR's
still.
On Sat, 16 Mar 2002, Rogier R. Mulhuijzen wrote:
At 09:23 16-3-2002 -0500, Robert Watson wrote:
Second, these
warnings would be generated during normal operations, as a number of
applications attempt to load kernel modules when they need them, including
ppp. Generating spurious warnings
On Mon, 11 Mar 2002, Rajesh P Jain wrote:
In the BPF - Berkeley Packet Filter, when a file descriptor is
associated to an interface to send and receive packets, there is an
ioctl parameter BIOCSSEESENT, which is by default set to 1. Hence the
packets both from remote systems and locally
If you measure this using the 'time' command, what is the result? In
particular, how do the %user and %system vary between FreeBSD and NetBSD?
This could point us at differences in the sound infrastructure, if the
extra CPU you're seeing is a result of increased kernel activity. If it's
more
On Thu, 7 Mar 2002, Bill Fumerola wrote:
On Thu, Mar 07, 2002 at 11:03:19PM -0500, Robert Watson wrote:
A couple of comments:
- You can always cache the pcb the first time it's used, and then have it
available for future use. I agree with your concerns about generating
it every
A couple of comments:
- You can always cache the pcb the first time it's used, and then have it
available for future use. I agree with your concerns about generating
it every time -- that would be a disaster for routers where no packets
are even delivered locally. :-)
- The uid/gid code
It could be that this fails for interfaces that perform hardware loopback,
since it relies on the behavior of software loop. There may also be some
other circumstances where this occurs. Basically, the BPF device can tell
it's locally sourced because it has a NULL interface pointer associated
in Monterey, CA, later this
year, and all and sundry are encouraged to attend to get further insight
in FreeBSD development.
Robert Watson
* GEOM - generalized block storage manipulation
* Bluetooth stack for FreeBSD (Netgraph implementation)
* FreeBSD C99 POSIX
Currently there are no plans to merge the ACL-related changes into the 4.x
tree, due to the complexity and code impact. In addition, part of what
will bring ACLs to high levels of production-readiness in 5.0 will be the
UFS2 work, and that's unlikely ever to make it into the RELENG_4 branch
Services
-- Forwarded message --
Date: Mon, 4 Feb 2002 13:46:50 -0500 (EST)
From: Robert Watson [EMAIL PROTECTED]
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Request for submissions: FreeBSD Bi-Monthly Development Status Report
This is a solicitation for submissions
This is a solicitation for submissions for the December 2001 - January
2002 FreeBSD Bi-Monthly Development Status Report. All submissions are
due by February 8, 2002. Submissions should be made by filling out the
template found at:
http://www.FreeBSD.org/news/status/report-sample.xml
On Sun, 3 Feb 2002, Mike Barcroft wrote:
This means less work for you, and no need to continuously maintain diffs
against the kernel sources. IMO it's a *very,very* bad thing to
introduce changes into the kernel that might introduce unintended side
effects when the problem can be solved
I'm sorry Warner, but your submission has been rejected on the basis that
you are a Senior Kernel Hacker. :-)
Robert N M Watson FreeBSD Core Team, TrustedBSD Project
[EMAIL PROTECTED] NAI Labs, Safeport Network Services
On Wed, 30 Jan 2002, M. Warner Losh wrote:
In message:
On Sat, 19 Jan 2002, Alp Atici wrote:
Is gcc 3.x going to be the default compiler starting from FBSD 5.x
series? Is the development on current branch compiled using gcc 3.0 (or
up)?
Is 5.x series going to be based on a preemptible kernel?
Can't answer the gcc question, but yes, John
For a variety of reasons, I think it would make sense to follow a
two-month status report cycle, rather than doing it every month. This
includes the cost/difficulty of extracting regular and timely status
reports, the delays involved in generating reports due to time
constraints, waiting for
as providing an opportunity for developers to work more closely and act as
a vehicle for discussion and round-the-clock hacking. More information is
available at the USENIX web site.
Robert Watson
* ATA Project Status Report
* Device Polling
* Fibre Channel Support
On Tue, 18 Dec 2001, Brandon D. Valentine wrote:
On Tue, 18 Dec 2001, Mike Bristow wrote:
I suspect that the background fsck[1] that's available in FreeBSD-current
fits the bill just as well as JFS or XFS - and I'll also bet that it'll
be available in a FreeBSD-release before I'd trust
Can't address many of these, but will address one.
On Fri, 14 Dec 2001, Rafter Man wrote:
Hi FreeBSD lovers :-)
First af all I would like to thank the FreeBSD developers for making
such a great system! Half a year ago, I had to choose an OS for my
server and the first decision was between
.
Robert N M Watson FreeBSD Core Team, TrustedBSD Project
[EMAIL PROTECTED] NAI Labs, Safeport Network Services
-- Forwarded message --
Date: Thu, 13 Dec 2001 14:03:01 -0500 (EST)
From: Robert Watson [EMAIL PROTECTED]
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject
On Thu, 13 Dec 2001, Matthew Dillon wrote:
Ok, here is the latest patch set. This patch set survived an
overnight run of the nfs torture test that Jordan posted... it
got through 597,000 test calls over NFSv3, 367,000 over NFSv2, and
1.35 million on a local filesystem.
: Sun, 9 Dec 2001 22:07:26 -0500 (EST)
From: Robert Watson [EMAIL PROTECTED]
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Request for submissions: FreeBSD Monthly Development Status Report
Well, it's been a bit, but here it is again. This is a request for
submissions for the November, 2001
On Mon, 10 Dec 2001, D J Hawkey Jr wrote:
I can backport to 4.2REL and 4.3REL (I have these releases), but I don't
have the resources (read: free partitions) to accomodate 4.1 or 4.4.
For 4.3-RELEASE, there's a RELENG_4_3 branch in CVS that security fixes
are committed to; you'd probably
On Mon, 10 Dec 2001, D J Hawkey Jr wrote:
So, my question is then, just what is the policy defining
non-current-but- still-supported-releases?
Right now, these is exactly one such release, 4.3, for security fixes.
Will there always be exactly one, such that when 4.5 is released, 4.3
On Mon, 10 Dec 2001, D J Hawkey Jr wrote:
Don't get me wrong - I don't expect the same level of support from the
FreeBSD Project than I would from, say, Sybase or Sun. Having said that,
I think FreeBSD's is outstanding, even compared to some other commercial
*cough*Microsquish(tm)*cough*
On Sun, 9 Dec 2001, Terry Lambert wrote:
Alfred Perlstein wrote:
I'd be glad to assist in any way possible to get this integrated,
we've really been wanting this for various reasons (mostly linnex
compat) let me know if you're too busy and I can try to take over
from your existing
Well, it's been a bit, but here it is again. This is a request for
submissions for the November, 2001 FreeBSD Monthly Development Status
Report. All submissions are due by Friday, December 14, 2001.
Submissions should made by filling out the following template:
On Sat, 8 Dec 2001, Poul-Henning Kamp wrote:
The issue is non-trivial to fix because we currently don't pass
dup(2) events through the vnode layer.
Are you sure this is even necessary?
They are talking about per-open, not per-fd-instance data,
which could easily exclude dup, dup2,
On Sat, 8 Dec 2001, Alfred Perlstein wrote:
Yes, but afaik without a way to differenciate between two opens. Being
able to notice whether a file is being operated on via which open is the
important part.
This would probably involve changing VOP_OPENs to pass a void ** that
would be
On Wed, 28 Nov 2001, Richard Sharpe wrote:
I am quite happy for the report to be sent out. I do not believe I have
an ax to grind here.
While my background is more in Linux over the last few years, it has
been fun to play around with FreeBSD (and it has more of an Ultrix feel
to it :-).
On Mon, 26 Nov 2001, Rajesh P Jain wrote:
We are trying to use BPF (Packet Filter) pseduo device to send
and receive the packets.
Even if there is a slight delay (Some processing has to be done
on the read packet) between the issuing of 'read' call, so many packets
are
On Sun, 25 Nov 2001, Gregory Neil Shapiro wrote:
evms I wrote this a while ago, but, if anyone is interested, please
evms take a look: this module implements a system call that takes
evms a u_int_32t. This system call, named killjail, kills all processes
evms which belong to the jail which
I've had -STABLE run fine, but of late have had a lot of trouble with
-current. Userland processes during the boot sequence seem to spend a lot
of time just spinning -- it's not clear to me what the cause is, and I
haven't had time to debug.
Robert N M Watson FreeBSD Core Team,
This report was created with the assistance of Nik Clayton and Chris
Costello.
September 2001 Status Report
Introduction
In the month of September, the FreeBSD Project continued its investment in
long-term projects, including continuing work on a fine-grained SMP
implementation, support for
This is fixed in 5.0-CURRENT, but the architectural improvements to
support the fix have not been merged, since they're still in flux. My
general advice is to not mount procfs on systems with untrusted users.
It's almost possible to not lose functionality in doing that -- I
understand DES has
Unfortunately, NSF is really interested in academic institutions and
non-profits. NAI Labs, due to its association with NAI, counts as a
for-profit entity, and is likely not to be applicable for this grant. With
an appropriate academic or non-profit partner acting as the prime
contractor, we
There are a fair number of differences, but from my perspective, one of
the primary ones is that truss relies on procfs, whereas ktrace uses a
seperate kernel tracing facility. For sites wanting to avoid procfs due
to its history of security vulnerabilities, having truss rely on procfs
means
N M Watson FreeBSD Core Team, TrustedBSD Project
[EMAIL PROTECTED] NAI Labs, Safeport Network Services
-- Forwarded message --
Date: Sun, 14 Oct 2001 11:29:16 -0400 (EDT)
From: Robert Watson [EMAIL PROTECTED]
To: [EMAIL PROTECTED], [EMAIL PROTECTED]
Subject: Request
It's that time again--despite delays and data loss, I'm now ready to start
accepting submissions for the September, 2001 FreeBSD Monthly Status
Report. As with previous months, please submit reports by e-mail to
[EMAIL PROTECTED] Reports should be submitted by
October 19, 2001, and cover
Looks like a great interview -- congrats :-).
Robert N M Watson FreeBSD Core Team, TrustedBSD Project
[EMAIL PROTECTED] NAI Labs, Safeport Network Services
On Mon, 8 Oct 2001, Wilko Bulte wrote:
On Mon, Oct 08, 2001 at 12:31:15PM -0700, Matt Dillon wrote:
OSNews
I haven't reviewed that particular piece of code for correctness, but
noticed that the caching of the privilege check there actually does cause
problems for a variety of reasons in my work. I'd much rather individual
uses of suser() appeared in the netinet6 tree, and that appropriate
context for
501 - 600 of 745 matches
Mail list logo