Andi Kleen wrote:
On Tuesday 20 November 2007 04:50, Christoph Lameter wrote:
On Tue, 20 Nov 2007, Andi Kleen wrote:
You could in theory move the modules, but then you would need to implement
a full PIC dynamic linker for them first and also increase runtime overhead
for them because they
Andi Kleen wrote:
On Tuesday 20 November 2007 04:50, Christoph Lameter wrote:
On Tue, 20 Nov 2007, Andi Kleen wrote:
You could in theory move the modules, but then you would need to implement
a full PIC dynamic linker for them first and also increase runtime overhead
for them because they
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dave Airlie wrote:
> On 6/10/07, John Richard Moser <[EMAIL PROTECTED]> wrote:
> This has been an on-going issue for I don't know how long. I
> reported it a while ago but it's still in 2.6.22.
>
> Here's another error
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
This has been an on-going issue for I don't know how long. I
reported it a while ago but it's still in 2.6.22.
Here's another error log. Loaded the Via driver in Xorg with kernel
2.6.22 on Ubuntu, got the following in dmesg. The
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
This has been an on-going issue for I don't know how long. I
reported it a while ago but it's still in 2.6.22.
Here's another error log. Loaded the Via driver in Xorg with kernel
2.6.22 on Ubuntu, got the following in dmesg. The
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dave Airlie wrote:
On 6/10/07, John Richard Moser [EMAIL PROTECTED] wrote:
This has been an on-going issue for I don't know how long. I
reported it a while ago but it's still in 2.6.22.
Here's another error log. Loaded the Via driver
[EMAIL PROTECTED] wrote:
> On Sat, 23 Dec 2006 19:42:10 EST, John Richard Moser said:
>>
>> Jan Engelhardt wrote:
>>>> I've set up some stuff on my box where /etc/security/limits.conf
>>>> contains the following:
>>>>
>>>> @users
Jan Engelhardt wrote:
>> I've set up some stuff on my box where /etc/security/limits.conf
>> contains the following:
>>
>> @users softnproc 3072
>> @users hardnproc 4096
>>
>> I'm in group users, and a simple fork bomb is easily quashed by this:
>>
Jan Engelhardt wrote:
I've set up some stuff on my box where /etc/security/limits.conf
contains the following:
@users softnproc 3072
@users hardnproc 4096
I'm in group users, and a simple fork bomb is easily quashed by this:
[EMAIL
[EMAIL PROTECTED] wrote:
On Sat, 23 Dec 2006 19:42:10 EST, John Richard Moser said:
Jan Engelhardt wrote:
I've set up some stuff on my box where /etc/security/limits.conf
contains the following:
@users softnproc 3072
@users hardnproc 4096
I've set up some stuff on my box where /etc/security/limits.conf
contains the following:
@users softnproc 3072
@users hardnproc 4096
I'm in group users, and a simple fork bomb is easily quashed by this:
[EMAIL PROTECTED]:~$ :(){ :|:; };:
bash: fork:
I've set up some stuff on my box where /etc/security/limits.conf
contains the following:
@users softnproc 3072
@users hardnproc 4096
I'm in group users, and a simple fork bomb is easily quashed by this:
[EMAIL PROTECTED]:~$ :(){ :|:; };:
bash: fork:
Alan wrote:
>> I no longer have two kernels to test through; I can't tell if the speed
>> is back or not. Nothing in dmesg tells me if SATA is using DMA or
>> 32-bit IO support though, so I don't know... lack of knowledge over here
>> is killing me for troubleshooting this on my own.
>
> The
Alan wrote:
I no longer have two kernels to test through; I can't tell if the speed
is back or not. Nothing in dmesg tells me if SATA is using DMA or
32-bit IO support though, so I don't know... lack of knowledge over here
is killing me for troubleshooting this on my own.
The dmesg
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
A while back my distro moved to libata for sata_via. I was since
confused; my disk seemed a lot slower, and it looked like DMA was off.
I'm not sure how SATA works; is it even possible to enable/disable
32-bit IO and DMA? Or are those just on?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
A while back my distro moved to libata for sata_via. I was since
confused; my disk seemed a lot slower, and it looked like DMA was off.
I'm not sure how SATA works; is it even possible to enable/disable
32-bit IO and DMA? Or are those just on?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Eric Piel wrote:
> 12/09/2006 09:03 PM, Kyle McMartin wrote/a écrit:
>> On Sat, Dec 09, 2006 at 02:34:47PM -0500, John Richard Moser wrote:
>>> I have filed this as a distro bug with Ubuntu; it may be their issue, I
>>&
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Eric Piel wrote:
12/09/2006 09:03 PM, Kyle McMartin wrote/a écrit:
On Sat, Dec 09, 2006 at 02:34:47PM -0500, John Richard Moser wrote:
I have filed this as a distro bug with Ubuntu; it may be their issue, I
haven't dug deep enough to find out
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chuck Ebbert wrote:
> In-Reply-To: <[EMAIL PROTECTED]>
>
> On Sat, 09 Dec 2006 15:39:30 -0500, John Richard Moser wrote:
>
>> Is it possible to give some other way to get the hardware NX bit working
>> in 32-bi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chuck Ebbert wrote:
In-Reply-To: [EMAIL PROTECTED]
On Sat, 09 Dec 2006 15:39:30 -0500, John Richard Moser wrote:
Is it possible to give some other way to get the hardware NX bit working
in 32-bit mode, without the apparently massive
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Apparently (as I've been told today) using a hardware NX bit in a 32-bit
x86 kernel requires PAE mode. PAE mode is enabled with HIGHMEM64, which
is (apparently) extremely slow.
Is it possible to give some other way to get the hardware NX bit working
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Kyle McMartin wrote:
> On Sat, Dec 09, 2006 at 02:34:47PM -0500, John Richard Moser wrote:
>> I have filed this as a distro bug with Ubuntu; it may be their issue, I
>> haven't dug deep enough to find out. I am posting this h
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'm running on an Athlon 64 in 32-bit mode, running 32-bit Ubuntu with
kernel 2.6.19 (Ubuntu version 2.6.19-7-generic for the curious;
compiled for 586). Apparently, 'noexec=on' on the kernel command line
does nothing; the NX bit seems to not work.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'm running on an Athlon 64 in 32-bit mode, running 32-bit Ubuntu with
kernel 2.6.19 (Ubuntu version 2.6.19-7-generic for the curious;
compiled for 586). Apparently, 'noexec=on' on the kernel command line
does nothing; the NX bit seems to not work.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Kyle McMartin wrote:
On Sat, Dec 09, 2006 at 02:34:47PM -0500, John Richard Moser wrote:
I have filed this as a distro bug with Ubuntu; it may be their issue, I
haven't dug deep enough to find out. I am posting this here to disperse
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Apparently (as I've been told today) using a hardware NX bit in a 32-bit
x86 kernel requires PAE mode. PAE mode is enabled with HIGHMEM64, which
is (apparently) extremely slow.
Is it possible to give some other way to get the hardware NX bit working
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Are there any recent kernel profiles? I think from an acedemic
perspective it'd be nice to see some graphs and numbers nobody
understands showing where the longest running code paths in the kernel
occur. It might also be nice for those latency
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Are there any recent kernel profiles? I think from an acedemic
perspective it'd be nice to see some graphs and numbers nobody
understands showing where the longest running code paths in the kernel
occur. It might also be nice for those latency
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I was writing a section of my paper ("Designing a Secure and Friendly
Operating System") and basically describing and explaining why the
memory protection policy ("mprotect() restrictions") supplied by PaX is
a powerful security tool; and I had a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I was writing a section of my paper (Designing a Secure and Friendly
Operating System) and basically describing and explaining why the
memory protection policy (mprotect() restrictions) supplied by PaX is
a powerful security tool; and I had a thought.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'm playing Skies of Arcadia Legends on my GameCube and noticing that
software bugs continuously produce errors (no scratch on the disk; I can
have an error, reset, play through it easy). This leads me on and on,
but now it's lead me into thinking
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'm playing Skies of Arcadia Legends on my GameCube and noticing that
software bugs continuously produce errors (no scratch on the disk; I can
have an error, reset, play through it easy). This leads me on and on,
but now it's lead me into thinking
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
USB isn't working on my zv5405us on a 2.6.10 ubuntu kernel. Or on
gentoo. Or anything. It works in WindowsXP though.
I can extract the error from dmesg.
Here's ACPI first (ACPI works btw)
Nvidia board detected. Ignoring ACPI timer override.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
USB isn't working on my zv5405us on a 2.6.10 ubuntu kernel. Or on
gentoo. Or anything. It works in WindowsXP though.
I can extract the error from dmesg.
Here's ACPI first (ACPI works btw)
Nvidia board detected. Ignoring ACPI timer override.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chris Wright wrote:
> * John Richard Moser ([EMAIL PROTECTED]) wrote:
>
>>-BEGIN PGP SIGNED MESSAGE-
>>Hash: SHA1
>>
>>Well the LSM mailing list seems to be dead, even the archives stop at
>>Jan 15 2005.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Well the LSM mailing list seems to be dead, even the archives stop at
Jan 15 2005. My own mails don't come back to me (I'm subscribed).
So, Which version of Linux will first implement stacking in LSM as per
Serge Hallyn's patches?
Where is the new
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Well the LSM mailing list seems to be dead, even the archives stop at
Jan 15 2005. My own mails don't come back to me (I'm subscribed).
So, Which version of Linux will first implement stacking in LSM as per
Serge Hallyn's patches?
Where is the new
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chris Wright wrote:
* John Richard Moser ([EMAIL PROTECTED]) wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Well the LSM mailing list seems to be dead, even the archives stop at
Jan 15 2005. My own mails don't come back to me (I'm
, shrink) while running. I don't
see how to grow left; shrinking from the left is easy enough. Wait,
suddenly I see how to grow left: Superblock at the end, and a bit of
magic. . . .
Robert Hancock wrote:
> John Richard Moser wrote:
>
>> How likely is it that I can actually
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
How likely is it that I can actually align stuff to 31.5KiB on the
physical disk, i.e. have each block be a track?
Rather than leveraging the track cache, would it be less expensive for
me to simply read in blocks totaling about 16 or 32KiB all at
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Arjan van de Ven wrote:
> On Tue, 2005-03-29 at 14:07 -0500, John Richard Moser wrote:
>
>>-BEGIN PGP SIGNED MESSAGE-
[...]
>>/me shrugs. It's a security blanket for him mostly; he fears automagic
>>security m
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
John Richard Moser wrote:
>
>
> Arjan van de Ven wrote:
>
[...]
Three more notes, then I'll sleep. These notes won't include the two
paragraph long explaination of falling back to PT_GNU_STACK if
PT_PAX_FLAGS isn't there; compatibil
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Arjan van de Ven wrote:
>>You need to consider that in the end I'd need PT_GNU_STACK to do
>>everything PaX wants
>
>
> why?
> Why not have independent flags for independent things?
> That way you have both cleanness of design and you don't break
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Arjan van de Ven wrote:
>>You need to consider that in the end I'd need PT_GNU_STACK to do
>>everything PaX wants
>
>
> why?
> Why not have independent flags for independent things?
> That way you have both cleanness of design and you don't break
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Arjan van de Ven wrote:
You need to consider that in the end I'd need PT_GNU_STACK to do
everything PaX wants
why?
Why not have independent flags for independent things?
That way you have both cleanness of design and you don't break anything.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Arjan van de Ven wrote:
You need to consider that in the end I'd need PT_GNU_STACK to do
everything PaX wants
why?
Why not have independent flags for independent things?
That way you have both cleanness of design and you don't break anything.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
John Richard Moser wrote:
Arjan van de Ven wrote:
[...]
Three more notes, then I'll sleep. These notes won't include the two
paragraph long explaination of falling back to PT_GNU_STACK if
PT_PAX_FLAGS isn't there; compatibility has been
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Arjan van de Ven wrote:
On Tue, 2005-03-29 at 14:07 -0500, John Richard Moser wrote:
-BEGIN PGP SIGNED MESSAGE-
[...]
/me shrugs. It's a security blanket for him mostly; he fears automagic
security maintainence.
who is him ?
me
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
How likely is it that I can actually align stuff to 31.5KiB on the
physical disk, i.e. have each block be a track?
Rather than leveraging the track cache, would it be less expensive for
me to simply read in blocks totaling about 16 or 32KiB all at
, shrink) while running. I don't
see how to grow left; shrinking from the left is easy enough. Wait,
suddenly I see how to grow left: Superblock at the end, and a bit of
magic. . . .
Robert Hancock wrote:
John Richard Moser wrote:
How likely is it that I can actually align stuff to 31.5KiB
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Brandon Hale wrote:
>>>actually Linus was really against adding non-related things to this
>>>flag. And I think he is right...
>>>
>
>
> Makes sense to me.
>
>
[...]
>
> IMO you have this backwards, John. Rather than having the majority (ES,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Arjan van de Ven wrote:
> On Mon, 2005-03-28 at 13:50 -0500, John Richard Moser wrote:
>
>>-BEGIN PGP SIGNED MESSAGE-
>>Hash: SHA1
>>
>>
>>
>>Arjan van de Ven wrote:
>>
>>>>As
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Arjan van de Ven wrote:
>>As I understand, PT_GNU_STACK uses a single marking to control whether a
>>task gets an executable stack and whether ASLR is applied to the
>>executable.
>
>
> you understand wrongly.
>
> PT_GNU_STACK just sets the exec
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Greetings.
Currently I'm in need of some information about both vanilla and Exec
Shield kernels in regards to markings emitted by the toolchain,
specifically PT_GNU_STACK. I'd like to check my assumptions, in
preparation for possibly making a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Greetings.
Currently I'm in need of some information about both vanilla and Exec
Shield kernels in regards to markings emitted by the toolchain,
specifically PT_GNU_STACK. I'd like to check my assumptions, in
preparation for possibly making a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Arjan van de Ven wrote:
As I understand, PT_GNU_STACK uses a single marking to control whether a
task gets an executable stack and whether ASLR is applied to the
executable.
you understand wrongly.
PT_GNU_STACK just sets the exec permission
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Arjan van de Ven wrote:
On Mon, 2005-03-28 at 13:50 -0500, John Richard Moser wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Arjan van de Ven wrote:
As I understand, PT_GNU_STACK uses a single marking to control whether a
task gets
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Brandon Hale wrote:
actually Linus was really against adding non-related things to this
flag. And I think he is right...
Makes sense to me.
[...]
IMO you have this backwards, John. Rather than having the majority (ES,
mainline NX
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OGAWA Hirofumi wrote:
> John Richard Moser <[EMAIL PROTECTED]> writes:
>
>
>>It appears dosfsck may not be working quite right. I've taken this into
>>account, hence the second pass after each fsck. This is eith
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OGAWA Hirofumi wrote:
John Richard Moser [EMAIL PROTECTED] writes:
It appears dosfsck may not be working quite right. I've taken this into
account, hence the second pass after each fsck. This is either a
dosfsck issue, a usb-storage issue
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Triffid Hunter wrote:
> i've seen the same problems with a fat32 partition image after an
> unclean shutdown. reading certain files would cause the filesystem to
> spontaneously become read-only with error messages similar to the ones
> you list
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'm using Ubuntu Linux Hoary
[EMAIL PROTECTED]:~# uname -a
Linux icebox 2.6.10-5-686 #1 Tue Mar 15 15:16:01 UTC 2005 i686 GNU/Linux
[EMAIL PROTECTED]:~# fsck.vfat -r /dev/sda1
dosfsck 2.10, 22 Sep 2003, FAT32, LFN
/\uSCK.REN
Duplicate
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'm using Ubuntu Linux Hoary
[EMAIL PROTECTED]:~# uname -a
Linux icebox 2.6.10-5-686 #1 Tue Mar 15 15:16:01 UTC 2005 i686 GNU/Linux
[EMAIL PROTECTED]:~# fsck.vfat -r /dev/sda1
dosfsck 2.10, 22 Sep 2003, FAT32, LFN
/\uSCK.REN
Duplicate
like to understand everything,
it makes things easier.
Felipe Alfaro Solana wrote:
> On Thu, 10 Mar 2005 17:32:39 -0500, John Richard Moser
> <[EMAIL PROTECTED]> wrote:
>
>>CPL=3 scares me; context switches are expensive. can they have direct
>>hardware access?
like to understand everything,
it makes things easier.
Felipe Alfaro Solana wrote:
On Thu, 10 Mar 2005 17:32:39 -0500, John Richard Moser
[EMAIL PROTECTED] wrote:
CPL=3 scares me; context switches are expensive. can they have direct
hardware access? I'm sure a security model to isolate user
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Peter Chubb wrote:
>>>>>>"John" == John Richard Moser <[EMAIL PROTECTED]> writes:
>
>
>
> John> I've done more thought, here's a small list of advantages on
> John> using binary drivers,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
People are still e-mailing me about this?
Lennart Sorensen wrote:
> On Thu, Mar 10, 2005 at 12:24:15PM -0500, John Richard Moser wrote:
>
>>I've done more thought, here's a small list of advantages on using
>>binary drivers, specif
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Stop mailing me, I lost interest when I figured out nobody else cared.
Diego Calleja wrote:
> El Thu, 10 Mar 2005 12:24:15 -0500,
> John Richard Moser <[EMAIL PROTECTED]> escribió:
>
> [...]
>
>> - Smaller kernel tre
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ralf Baechle wrote:
> On Thu, Mar 10, 2005 at 11:28:39AM -0500, John Richard Moser wrote:
>
>
>>I've been looking at the UDI project[1] and thinking about binary
>>drivers and the like, and wondering what most peoples' take on
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I've done more thought, here's a small list of advantages on using
binary drivers, specifically considering UDI. You can consider a
different implementation for binary drivers as well, with most of the
same advantages.
- Smaller kernel tree
The
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Greg KH wrote:
> On Thu, Mar 10, 2005 at 11:28:39AM -0500, John Richard Moser wrote:
>
>>I've been looking at the UDI project[1] and thinking about binary
>>drivers and the like, and wondering what most peoples' take on these are
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I've been looking at the UDI project[1] and thinking about binary
drivers and the like, and wondering what most peoples' take on these are
and what impact that UDI support would have on the kernel's development.
I know the immediate first reactions
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I've been looking at the UDI project[1] and thinking about binary
drivers and the like, and wondering what most peoples' take on these are
and what impact that UDI support would have on the kernel's development.
I know the immediate first reactions
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Greg KH wrote:
On Thu, Mar 10, 2005 at 11:28:39AM -0500, John Richard Moser wrote:
I've been looking at the UDI project[1] and thinking about binary
drivers and the like, and wondering what most peoples' take on these are
and what impact that UDI
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I've done more thought, here's a small list of advantages on using
binary drivers, specifically considering UDI. You can consider a
different implementation for binary drivers as well, with most of the
same advantages.
- Smaller kernel tree
The
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ralf Baechle wrote:
On Thu, Mar 10, 2005 at 11:28:39AM -0500, John Richard Moser wrote:
I've been looking at the UDI project[1] and thinking about binary
drivers and the like, and wondering what most peoples' take on these are
and what impact
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Stop mailing me, I lost interest when I figured out nobody else cared.
Diego Calleja wrote:
El Thu, 10 Mar 2005 12:24:15 -0500,
John Richard Moser [EMAIL PROTECTED] escribió:
[...]
- Smaller kernel tree
[...]
- Better focused
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
People are still e-mailing me about this?
Lennart Sorensen wrote:
On Thu, Mar 10, 2005 at 12:24:15PM -0500, John Richard Moser wrote:
I've done more thought, here's a small list of advantages on using
binary drivers, specifically considering UDI
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Peter Chubb wrote:
John == John Richard Moser [EMAIL PROTECTED] writes:
John I've done more thought, here's a small list of advantages on
John using binary drivers, specifically considering UDI. You can
John consider a different
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chris Wright wrote:
> * John Richard Moser ([EMAIL PROTECTED]) wrote:
>
>>Yes, mkdtemp() and mkstemp().
>>
>>Of course we can't always rely on programmers to get it right, so the
>>idea here is to make sure we as
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chris Wright wrote:
> * John Richard Moser ([EMAIL PROTECTED]) wrote:
>
>>I've yet to see this break anything on Ubuntu or Gentoo; Brad Spengler
>>claims this breaks nothing on Debian. On the other hand, this could
>>poten
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chris Wright wrote:
> * Lorenzo Hernández García-Hierro ([EMAIL PROTECTED]) wrote:
>
>>This patch adds two checks to do_follow_link() and sys_link(), for
>>prevent users to follow (untrusted) symlinks owned by other users in
>>world-writable +t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Arjan van de Ven wrote:
> On Mon, 2005-01-31 at 13:57 +0100, Peter Busser wrote:
>
>>Hi!
[...]
> the paxtest 0.9.6 that John Moser mailed to this list had this gem in
> it:
> @@ -39,8 +42,6 @@
> */
> int paxtest_mode = 1;
>
> +
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Roman Zippel wrote:
> Hi,
>
> On Thu, 3 Feb 2005, Peter Busser wrote:
>
>
>>- What happens when you run existing commercial applications which have not
>>been compiled using GCC.
>
>
>>From http://pax.grsecurity.net/docs/pax.txt:
>
>The
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Roman Zippel wrote:
Hi,
On Thu, 3 Feb 2005, Peter Busser wrote:
- What happens when you run existing commercial applications which have not
been compiled using GCC.
From http://pax.grsecurity.net/docs/pax.txt:
The goal of the PaX
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Arjan van de Ven wrote:
On Mon, 2005-01-31 at 13:57 +0100, Peter Busser wrote:
Hi!
[...]
the paxtest 0.9.6 that John Moser mailed to this list had this gem in
it:
@@ -39,8 +42,6 @@
*/
int paxtest_mode = 1;
+ /*
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chris Wright wrote:
* Lorenzo Hernández García-Hierro ([EMAIL PROTECTED]) wrote:
This patch adds two checks to do_follow_link() and sys_link(), for
prevent users to follow (untrusted) symlinks owned by other users in
world-writable +t directories
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chris Wright wrote:
* John Richard Moser ([EMAIL PROTECTED]) wrote:
I've yet to see this break anything on Ubuntu or Gentoo; Brad Spengler
claims this breaks nothing on Debian. On the other hand, this could
potentially squash the second most
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chris Wright wrote:
* John Richard Moser ([EMAIL PROTECTED]) wrote:
Yes, mkdtemp() and mkstemp().
Of course we can't always rely on programmers to get it right, so the
idea here is to make sure we ask broken code to behave nicely, and stab
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Christoph Hellwig wrote:
> On Sun, Feb 06, 2005 at 12:33:43AM -0500, John Richard Moser wrote:
>
>>I dunno. I can never understand the innards of the kernel devs' minds.
>
>
> filesystem detection isn't handled at the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Christoph Hellwig wrote:
On Sun, Feb 06, 2005 at 12:33:43AM -0500, John Richard Moser wrote:
I dunno. I can never understand the innards of the kernel devs' minds.
filesystem detection isn't handled at the kerne level.
o_o
. . . then I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
So I've noticed, again, much annoyed, that if I rely on -t auto,
horrible horrible things happen.
I have had floppies and compact flash cards that I've done mkfs.vfat to
make fat32 filesystems on (not fat16), and mounting them brings the
thing on as
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
So I've noticed, again, much annoyed, that if I rely on -t auto,
horrible horrible things happen.
I have had floppies and compact flash cards that I've done mkfs.vfat to
make fat32 filesystems on (not fat16), and mounting them brings the
thing on as
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[EMAIL PROTECTED] wrote:
>>Why not compromise, if possible? 256M of randomization, but move the
>>split up to 3.5/0.5 gig, if possible. I seem to recall seeing an option
>>(though I think it was UML) to do 3.5/0.5 before; and I'm used to "a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Christoph Hellwig wrote:
> On Sat, Jan 29, 2005 at 12:49:05PM -0500, John Richard Moser wrote:
>
>>>The ideas in IBM's ProPolice changes are good and worth
>>>implementing, but the current implementation is bad.
>>>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jakub Jelinek wrote:
> On Sat, Jan 29, 2005 at 01:31:46AM -0500, John Richard Moser wrote:
>
>>Finally, although an NX stack is nice, you should probably take into
>>account IBM's stack smash protector, ProPolice. Any attack th
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Arjan van de Ven wrote:
> On Sat, 2005-01-29 at 11:21 -0500, John Richard Moser wrote:
>
>>-BEGIN PGP SIGNED MESSAGE-
>>Hash: SHA1
>>
>>
>>
>>Arjan van de Ven wrote:
>>
>>>>I actua
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Arjan van de Ven wrote:
> On Sat, 2005-01-29 at 11:21 -0500, John Richard Moser wrote:
>
>>-BEGIN PGP SIGNED MESSAGE-
>
>
>>These are the only places mprotect() is mentioned; a visual scan
>>confirms no t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Arjan van de Ven wrote:
On Sat, 2005-01-29 at 11:21 -0500, John Richard Moser wrote:
-BEGIN PGP SIGNED MESSAGE-
These are the only places mprotect() is mentioned; a visual scan
confirms no trickery:
if( fork() == 0
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Arjan van de Ven wrote:
On Sat, 2005-01-29 at 11:21 -0500, John Richard Moser wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Arjan van de Ven wrote:
I actually just tried to paxtest a fresh Fedora Core 3, unadultered,
that I installed
1 - 100 of 217 matches
Mail list logo