People have long said the worst things about perl, but that's one thing
that scripting language definitely gets right...
It has a -T switch you have to use for every security sensitive script
that handles potentially untrusted outside data.
That switch is very thorough about not letting you do
https://https.openbsd.org/cgi-bin/order
from this page;
http://www.openbsd.org/orders.html#ca/cshop
On Mon, Sep 29, 2014, at 10:21 PM, Andrew Lester wrote:
Hey all,
I notice the Softpro books seller, the only one for the US, indicates
that they will no longer sell
OpenBSD as distribution
On 09/28/14 09:11, Mike Larkin wrote:
On Thu, Sep 25, 2014 at 12:12:55PM -0400, Ted W. wrote:
I have really enjoyed the last few weeks of running OpenBSD on my
Thinkpad. Almost everything I need works and or worked right out of
the box. The only real issue I've noticed is that when the system
On Tue, Sep 30, 2014 at 08:14:22AM -0400, Ted W. wrote:
On 09/28/14 09:11, Mike Larkin wrote:
On Thu, Sep 25, 2014 at 12:12:55PM -0400, Ted W. wrote:
I have really enjoyed the last few weeks of running OpenBSD on my
Thinkpad. Almost everything I need works and or worked right out of
the box.
On Sat, 2014-09-27 at 07:30 +0100, OpenBSD Europe wrote:
Hi folks,
I just noticed that in Germany Lehmanns (see OpenBSD's order-site)
already accepts pre-orders for OpenBSD 5.6-release.
Guess what I just did :-)
My little contribution to the project along with a big
THANK YOU to
Hi folks,
I've been googling for a couple of hours now and not coming up with much here.
I see how to download the -release source and then verify it, but I
cannot find any way to grab -stable from CVS and do the same. I
guess the only way I do see is to start out with the -release code,
verify
On Tue, Sep 30, 2014 at 10:27 AM, Stefan Olsson
stefan.karl.ols...@gmail.com wrote:
I don't do this myself, but stable=patch branch, i.e. release + patches.
All info you need is really in these two pages:
Yes, I have it working great already. But at no point during that
process does it have me
On 9/30/2014 at 1:06 AM Stuart Henderson wrote:
| [snip]
|
|Some other vectors:
|
|dhclient script - the dhclient in base doesn't have scripts any
more,
|so no issue there. Other dhclient implementations still do, unlikely
|to use bash *by default*, though who knows what people may change on
There are SSH fingerprints published for each of the CVS servers.
Alternatively, you use the patch files which are signed. There aren't so
many of them that's it hard to catch up.
Tim.
On Tue, Sep 30, 2014 at 10:37 AM, Alan McKay alan.mc...@gmail.com wrote:
On Tue, Sep 30, 2014 at 10:27 AM,
On 30-09-2014 11:56, trondd wrote:
There are SSH fingerprints published for each of the CVS servers.
They are published on a clear http page and there is no SSHFP on the
dns. You need to access the anoncvs page from different places, using
different connections/vpns/proxies, to be sure you are
On Tue, Sep 30, 2014 at 11:30 AM, Giancarlo Razzolini grazzol...@gmail.com
wrote:
On 30-09-2014 11:56, trondd wrote:
There are SSH fingerprints published for each of the CVS servers.
They are published on a clear http page and there is no SSHFP on the dns.
You need to access the anoncvs
Sounds like I'll need to go with the signed tarballs for the -release
and then apply the signed patches to get -stable.
Dangit, I already had my process down (building from CVS) and now I
have to change it ...
On 30-09-2014 12:46, trondd wrote:
Sure, you have to somehow verify that the fingerprint is good and
check it against the fingerprint you get when first connecting to the
CVS server. How can you verify that fingerprint is good? I don't know.
SSHFP. DNSSEC. And other ways. But these won't
On Tue, Sep 30, 2014 at 11:57 AM, Giancarlo Razzolini grazzol...@gmail.com
wrote:
Is it good enough to grab the signed source tarball, then checkout from
CVS over it and make sure nothing changed in the process?
No, this won't cut it. Unless you check every line changed, and understand
Hello Otto,
Wednesday, September 24, 2014, 2:36:58 PM, you wrote:
OM Try to come up with a reproducable test case, include all relevant
OM info and then we can investigate.
Here is what I could reproduce:
root@mail1 ~ # quota test_spam
Disk quotas for user test_spam (uid 1003):
Filesystem
On Wed, 1 Oct 2014, at 04:46 AM, trondd wrote:
On Tue, Sep 30, 2014 at 11:30 AM, Giancarlo Razzolini
grazzol...@gmail.com
wrote:
On 30-09-2014 11:56, trondd wrote:
There are SSH fingerprints published for each of the CVS servers.
They are published on a clear http page and there is
On Tue, Sep 30, 2014 at 11:20:23AM -0500, Boris Goldberg wrote:
Hello Otto,
Wednesday, September 24, 2014, 2:36:58 PM, you wrote:
OM Try to come up with a reproducable test case, include all relevant
OM info and then we can investigate.
I indeed see strange things on sparc64 more or less
Am 09/30/14 um 14:42 schrieb Martijn van Duren:
On Sat, 2014-09-27 at 07:30 +0100, OpenBSD Europe wrote:
Hi folks,
I just noticed that in Germany Lehmanns (see OpenBSD's order-site)
already accepts pre-orders for OpenBSD 5.6-release.
Guess what I just did :-)
My little contribution to the
On Tue, Sep 30, 2014 at 09:44, Alan McKay wrote:
Hi folks,
I've been googling for a couple of hours now and not coming up with much
here.
I see how to download the -release source and then verify it, but I
cannot find any way to grab -stable from CVS and do the same. I
guess the only way
the last part of this saga is, that i have moved
to a new place, and the issue went away. so it
seems it was router related. just another strange
story from the home router front.
-f
--
i have nothing to say, but i can say it loudly.
Am 09/30/14 um 14:42 schrieb Martijn van Duren:
The openbsdstore.com has opend.
Guess what I just did? ;-)
Cheers,
STEFAN
Yep.
We had a some issues to start with.
*Please*, if you order and hit a problem, email it to
ord...@openbsdstore.com and not on these lists. It's *much* easier for
On 2014-09-30, Stefan Wollny stefan.wol...@web.de wrote:
I might have missed something, but could you provide me with an update
on this issue?
The openbsdstore.com has opend.
So what does this mean with regard to Lehmanns?
--
Christian naddy Weisgerber
On Tue, Sep 30, 2014 at 09:02:56PM +0200, Stefan Wollny wrote:
Am 09/30/14 um 14:42 schrieb Martijn van Duren:
On Sat, 2014-09-27 at 07:30 +0100, OpenBSD Europe wrote:
Hi folks,
I just noticed that in Germany Lehmanns (see OpenBSD's order-site)
already accepts pre-orders for OpenBSD
Am 09/30/14 um 21:45 schrieb Christian Weisgerber:
So what does this mean with regard to Lehmanns?
Guess ... ;-)
On 9/30/14, OpenBSD Europe m...@openbsdeurope.com wrote:
Am 09/30/14 um 14:42 schrieb Martijn van Duren:
The openbsdstore.com has opend.
Guess what I just did? ;-)
Cheers,
STEFAN
Yep.
We had a some issues to start with.
*Please*, if you order and hit a problem, email it to
On 2014-09-30, sven falempin sven.falem...@gmail.com wrote:
I also parse and do custom action with the lease file,
so i forgot all concern about the absence of script hook.
I also regurlarly monitor the lease, so i did not use
http://entrproject.org/ , looks good stuff
It is. This isn't
Am 09/30/14 um 22:08 schrieb patrick keshishian:
I'm not sure where exactly to send these questions, so
i'm simply replying to all.
Two questions:
1. Is there no option for guest checkout? Must I be
forced to create an account?
Nope - just order via email to od...@openbsdstore.com.
2.
On 9/30/14, OpenBSD Europe m...@openbsdeurope.com wrote:
Am 09/30/14 um 14:42 schrieb Martijn van Duren:
The openbsdstore.com has opend.
Guess what I just did? ;-)
Cheers,
STEFAN
Yep.
We had a some issues to start with.
*Please*, if you order and hit a problem, email it to
On 2014-09-30, Alan McKay alan.mc...@gmail.com wrote:
Sounds like I'll need to go with the signed tarballs for the -release
and then apply the signed patches to get -stable.
binpatchng can help you with this process.
But note that -stable sometimes has extra commits that don't have errata;
On 9/30/14, OpenBSD Europe m...@openbsdeurope.com wrote:
On 9/30/14, OpenBSD Europe m...@openbsdeurope.com wrote:
Am 09/30/14 um 14:42 schrieb Martijn van Duren:
The openbsdstore.com has opend.
Guess what I just did? ;-)
Cheers,
STEFAN
Yep.
We had a some issues to start with.
On Tue, Sep 30, 2014 at 4:21 PM, Stuart Henderson s...@spacehopper.org wrote:
binpatchng can help you with this process.
I will have to look into that
But note that -stable sometimes has extra commits that don't have errata;
release+patches is not quite the same thing as -stable.
Can you
On Tue, Sep 30, 2014 at 04:33:35PM -0400, Alan McKay wrote:
On Tue, Sep 30, 2014 at 4:21 PM, Stuart Henderson s...@spacehopper.org
wrote:
binpatchng can help you with this process.
I will have to look into that
But note that -stable sometimes has extra commits that don't have errata;
On 30-09-2014 16:03, Ted Unangst wrote:
In theory, we could sign the ssh fingerprint page, but I don't think
that's a good idea at the current time. There are some issues with
expiring old data.
This would be a significant improvement. If you are 99,99% certain you
got the release right, them
On 2014-09-30, Giancarlo Razzolini grazzol...@gmail.com wrote:
On 30-09-2014 16:03, Ted Unangst wrote:
In theory, we could sign the ssh fingerprint page, but I don't think
that's a good idea at the current time. There are some issues with
expiring old data.
This would be a significant
On 30-09-2014 20:24, Stuart Henderson wrote:
There is no expiry time on a signify signature. If an anoncvs server
were to be compromised such that you could no longer trust its key,
there is no way we could revoke that signed web page. If an attacker
was able to cause you to keep seeing an old
On Tue, Sep 30, 2014, at 09:02 PM, Giancarlo Razzolini wrote:
On 30-09-2014 20:24, Stuart Henderson wrote:
There is no expiry time on a signify signature. If an anoncvs server
were to be compromised such that you could no longer trust its key,
there is no way we could revoke that signed web
36 matches
Mail list logo
