outside of the jail to
obtain root privileges in the host machine.
The fact that you're calling jail_attach(2) instead of jail(2) makes me
slightly less worried, but you'd still have to work very hard to convince
me that this should become part of the FreeBSD base system.
Colin Percival
the jail in the
first place.
Not necessarily. An unprivileged user can create hard links to binaries
he doesn't own, including suid binaries.
Colin Percival
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd
on a patch for this and will be talking to re@ about having an
Errata Notice sent out about this.
Colin Percival
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to [EMAIL
Subhash Gopinath wrote:
Does anyone know if FreeBSD 4.x or 5.x is affected by the Ipv6 mbuf
vulnerability just like OpenBSD?
http://www.coresecurity.com/index.php5?module=ContentModaction=itemid=1703
The project ipv6 experts have convinced me that FreeBSD is not affected.
Colin Percival
about 5% longer on an SMP kernel (and
the time spent in the kernel is 20% longer).
I know some optimizations were done shortly after 5.2, so I
wouldn't be surprised if this situation has improved.
Colin Percival
___
[EMAIL PROTECTED] mailing list
http
At 06:11 10/04/2004, Brandon Erhart wrote:
Are there any debuggers out there for BSD that will detect the heap/stack corruption!?
Real Men use printf(3). :-)
Colin Percival
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman
fault; I'd let
the machine run some more and see if it panics again in the same place or
somewhere different next time. :-)
Colin Percival
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send
are identified as FreeBSD 5.0.x.
Simply put, the format of __FreeBSD_version changed, and file(1) hasn't
been fixed.
Colin Percival
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail
/mid.cgi?6.0.1.1.1.20040316023919.039fa5f0
Colin Percival
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to [EMAIL PROTECTED]
quoth the gnu/lib/libobjc Makefile:
NOPIC= works but method lookup slowdown is significant
If you want a shared library, remove that line.
Colin Percival
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
of the
FreeBSD-SA-04:17.procfs security advisory.
Could you send the rest of these to [EMAIL PROTECTED] We'd like to
look at them and fix any security issues before they are publicly disclosed.
Thanks,
Colin Percival
___
freebsd-hackers@freebsd.org mailing list
the security team, or the security officer himself) will do so either.
Colin Percival
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to [EMAIL PROTECTED]
without finding a collision, then the hash must
have at least ~~ 2n bits of entropy, and organized attempts to crack
MD5 generated at least 2^50 hashes before the algorithmic break was
found.)
Colin Percival
___
freebsd-hackers@freebsd.org mailing list
http
, but it would be nice to get this fixed.
The problem is in src/rescue/Makefile. I'll fix it.
Colin Percival
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to [EMAIL PROTECTED]
how a bug which
caused / to be labelled as noexec managed to avoid causing major
problems until now.
I don't know anything about NFS, but hopefully someone on -stable
will be able to work out what's going on from the rest of your
email (quoted below).
Colin Percival
In this case, / is mounted
, when FreeBSD is fully
packagized, it's quite likely that Sendmail will be just one of many
installable options; but that time hasn't come yet.
Colin Percival
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
? It
looks like GNATS email is rather aggressively filtered against server
blacklists; I have to route all my PRs through an SSH tunnel to a different
system in order to get them accepted.
Colin Percival
___
[EMAIL PROTECTED] mailing list
http
?
If you've got a small enough amount of traffic, you could use tcpdump to
snarf the headers and then use your favourite scripting languge to look for
repeated sequence numbers (retransmits) and repeated acks (lost packets);
but I suspect this would be too slow for most purposes.
Colin Percival
certainly work around it;
but since I have almost no knowledge of kernel internals I thought I'd ask.
Colin Percival
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to [EMAIL
reason for this behaviour?
Colin Percival
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to [EMAIL PROTECTED]
poster (imp@) because he wanted
to track -stable.
Colin Percival
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to [EMAIL PROTECTED]
this,
but the code is all online and (reasonably) straightforward.
Colin Percival
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to [EMAIL PROTECTED]
. (If you absolutely must build your own versions of the binaries,
please contact me off-list.)
Colin Percival
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to [EMAIL PROTECTED]
install`. Given a
decent internet connection, this takes no more than a couple minutes, and
is much easier than updating your install image every time security issues
arise.
Colin Percival
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org
the above into /boot/loader.rc.
Colin Percival
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to [EMAIL PROTECTED]
boot Linux, one option is to install linux,
build a minimal FreeBSD filesystem, dd it to the drive, and reboot. If
you want to be clever, you could even create a filesystem in a md root,
and then run sysinstall over ssh.
Colin Percival
___
[EMAIL PROTECTED
At 11:22 27/12/2003 -0700, M. Warner Losh wrote:
Yes. It is our friend the troll stirring up trouble again. Bad
Troll. No biscuit.
No, you misunderstand. The troll is resigning from FreeBSD. He's
going to stop trolling our lists and find something else to do. :)
Colin Percival
direction, and committers are doing a great job. But I
think the contributions of non-committers could make FreeBSD
even better, and those contributions are being largely lost or
ignored.
Colin Percival
___
[EMAIL PROTECTED] mailing list
http
/www/valid-css.png
tools/tools/tinderbox/www/valid-xhtml10.png
Colin Percival
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to [EMAIL PROTECTED]
, there is one consideration: swap-backed memory disks have a
sector size equal to the machine page size. This will result in some
inflation in memory usage, and can confuse program which expect a sector
size of 512 bytes (for example, dd, which I plan on fixing but I haven't
gotten around to yet).
Colin
).
Of course, some processors now have hints (conditional-jump-
which-is-usually-taken, conditional-jump-which-is-usually-not-
taken, etc.)
Colin Percival
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe
/i386/include/pmap.h.
Colin Percival
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to [EMAIL PROTECTED]
for three others (sent to my mentor for approval before I commit)
and I've pointed sos@ at the ATA bug.
Colin Percival
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to [EMAIL PROTECTED]
either got patches or sent
emails to the appropriate maintainers.
Colin Percival
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to [EMAIL PROTECTED]
got 15 commits waiting for
mentor approval, covering everything here apart from a few
of the redundant code bugs where I'm not sure what the
intended action is, and a couple bugs which I've dispatched
to the appropriate maintainers.
Colin Percival
are obvious, I don't
see that there is any real problem.
Colin Percival
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to [EMAIL PROTECTED]
boots into a memory disk; you can then slice, partition,
create filesystems, and generally do whatever you like with
the system -- without needing anything beyond a network
connection.
Colin Percival
___
[EMAIL PROTECTED] mailing list
http
have 30,000 data
sets! Quoth the love of my life, That's OK, we've got *two*
computers.
... and 8 years to waste, apparently.
Colin Percival
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send
fencing instructions.
But I may be completely confused here -- all the interesting details are in
NDA'ed manuals which I can't get access to. :-(
Colin Percival
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd
to obtain my
mailing address. In either case, please let me know if you wish to
remain anonymous.
For more details, see http://people.freebsd.org/~cperciva/funding.html .
Colin Percival
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org
asked about this I got the impression
that such payment mechanisms were only available to business customers
(i.e., those paying large fees for the privilege).
Colin Percival
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman
and possibly insecure
program setuid.
Colin Percival
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to [EMAIL PROTECTED]
there were
several people in this position, so I'm hoping I can reach my target in
the next week.
As before, details about the work I plan on doing, how to donate, and a list
of the donations I have received, are at
http://people.freebsd.org/~cperciva/funding.html
Colin Percival
At 00:41 08/08/2002 -0700, Terry Lambert wrote:
Colin Percival wrote:
If two people `make release` on different machines, how much difference
will there be between the results? Obviously the kernel will be different
because it contains the user and host names from its build; should
At 11:58 10/08/2002 -0700, Terry Lambert wrote:
Colin Percival wrote:
Files which are always the same size, but seem to have completely different
contents:
/usr/share/games/fortune/*.dat
/var/games/phantasia/void
This is disturbing.
Upon further investigation, it turns out
.
Incidentally, the sizes of those files don't vary.
Can anyone help me understand what is going on here?
Colin Percival
To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-hackers in the body of the message
.
Colin Percival
To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-hackers in the body of the message
the
full path of the file.
Applying his patch (with some minor changes to make it fit 2.95.4), I've
now got libobjc consistently building to the same file (apart from the
easily handled library index).
Colin Percival
To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd
for my own peace of mind and to make
people feel more happy about using it.
Colin Percival
To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-hackers in the body of the message
. MD5 hashes are
dac0f4bdf3d23b642bcbbac0e544821e, 12f69c9d0a2bf1f5278e49f0a4821aa7,
b96bfc6bffcbfa18130250e36e6109d6, and 227819b9403a6f727566bd6ad5a79684 for
server, client, client port, and client package respectively.
Feedback is welcome. ;)
Colin Percival
PS. This is probably of interest
to make any system calls beyond those
necessary to interface with the owning application.
Colin Percival
To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-hackers in the body of the message
which I'd call *nasty*.
Can't we all be a bit more tolerant and get along with each other?
Colin Percival
To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-hackers in the body of the message
To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-hackers in the body of the message
-RELEASE-p4 but you
haven't rebooted yet.
Colin Percival
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to [EMAIL PROTECTED]
of powerof2(x) !powerof2(2*x)
for x = 1 (n - 1); this seems far more astonishing than
the well-understood fact that machine arithmetic operates
with a modular ring, so it seems to me that your proposed
patch would do more harm than good.
--
Colin Percival
Security Officer, FreeBSD | freebsd.org
55 matches
Mail list logo
