Re: chroot browser

I guess you should take a look at Systrace: http://en.wikipedia.org/wiki/Systrace On Thu, Mar 26, 2009 at 11:28 AM, punoseva...@gmail.com wrote: Hi misc, I was wondering if you could give me some input about the following security matter. It seems to me that using a web-browser, an email

Re: Missing security announcements

Ted, everybody knows that's not going to happen. Why no scrap the security announcement list if it's not being used or just whenever someone feels like it? The mere existence of this list implies to users that new errata are being announced to that list which is not the case. Get rid of the list

Re: Missing security announcements

Janne, On Thu, Nov 13, 2008 at 4:14 PM, Janne Johansson [EMAIL PROTECTED] wrote: everybody knows that's not going to happen. I remember having asked the same question YEARS AGO and nothing has changed since then. Reading those two next to eachother says everything. Why ain't you a bit

Bernstein puts qmail in public domain

Hi everybody, I just wanted to point out that D.J. Bernstein has put qmail in public domain. I'm not implying anything but wouldn't it be a perfect opportunity to get rid of sendmail (GNU GPL) and have qmail as the standard MTA in OpenBSD? qmail's security record is better and many OpenBSD users

Re: Kuro5hin: OpenBSD Founder Theo deRaadt Has Conflict of Interest With AMD

Hi there, What a crappy article. Whoever gives a sh*t about what that guy wrote, I don't know. But that's just me. For example, notice how he starts the article. The first paragraph is supposed to sound like a compliment but in fact it's an insult. regards, Tobias W. On Aug 5, 2007,

carp and alias

Hi everybody, I read the carp(4) manpage, the carp FAQ entry and http:// www.countersiege.com/doc/pfsync-carp/ yet I still have some questions. Let's say I have an OpenBSD host like this: #/etc/hostname.xl0 inet 10.0.0.1 255.255.255.0 NONE inet alias 10.0.0.2 255.255.255.0 inet alias

Re: Webhosting Control Panel

Hi Karel, On May 31, 2007, at 4:27 PM, Karel Galuka wrote: Could you recommend me some Webhosting control panel for OpenBSD? How about /bin/ksh? :-) I really don't know what you're expecting from a question like this. At least name an example that might be familiar to some readers when

Re: SSHJail patch for OpenBSD

Hi, On Apr 27, 2007, at 1:38 PM, Jeffrey 'jf' Lim wrote: On 4/27/07, Chris Lawson [EMAIL PROTECTED] wrote: Read the web page, it explains the reasoning right at the top. If you are instead being disingenuous (yes yes, I know you are) perhaps you could explain to us why you think this isn't

Re: bcw(4) is gone

Hi there, On Apr 9, 2007, at 7:29 PM, Jeroen Massar wrote: ... GPL is good though if you want to force people to give back the code to you so that you can use it in your own dual-licensed projects. For people wanting true freedom of their code use: BSD or ISC it ;) The problem is the word

Re: bcw(4) is gone

Hi there, On Apr 9, 2007, at 8:40 PM, Jessie D wrote: ericfurman at fastmail.net writes: To ease his work, and to let others in our group to step in in his efforts, he committet it to our work area which we call cvs. A CVS is not by any stretch of the imagination a public repository of

Re: bcw(4) is gone

Hi there, On Apr 9, 2007, at 8:43 PM, Robby Workman wrote: It's not a matter of perspective - forced freedom is not freedom. That statement also is a matter of perspective. ;-) If you mean by freedom, the liberty to do whatever you want, then BSD is freedom. If you mean by freedom, the

Re: bcw(4) is gone

Hi there, On Apr 9, 2007, at 8:49 PM, Adam wrote: Tobias Weisserth [EMAIL PROTECTED] wrote: The problem is the word free. BSD people tend to interpret free as I can do whatever I want with that code! Hell, I can even make it unfree again by turning it into a proprietary product!. Don't

Re: bcw(4) is gone

Hi there, On Apr 10, 2007, at 3:20 AM, Marco Peereboom wrote: It is because you do not understand the definition of free. Who the hell do you think you are that you can impose a definition of free on me? Freedom is also a matter of perception and perspective. I have given you a practical

Re: Installing Skype

Hi there, On Mar 23, 2007, at 6:47 AM, Rafael Morales wrote: I have OpenBSD 4.0 on a HP laptop and I need to install Skype because is for the comunication in my job and I have the freedom for install my lovely OpenBSD. This what I have done: 1. I installed the redhat_base-8.0p8.tgz for the

Re: Installing Skype

Hi, On Mar 23, 2007, at 6:24 PM, Rafael Morales wrote: I need the shared library libasound.so.2, anybody could send to me ???, I don't have a linux box here. I need my box rooted, can anybody please send me a trojaned binary library I have to trust blindly? If you really need binary

Re: OpenBSD SECURITY FIX: Incorrect mbuf handling for ICMP6 packets, 2nd revision

Hi, On Sunday, 18. March 2007 12:28, Henning Brauer wrote: * Tobias Weisserth [EMAIL PROTECTED] [2007-03-18 01:17]: Can I apply it if I already applied the first revision to 4.0 release + errata up to 010 first revision? you need to remove the first revision of th 010 patch first (patch -R

Re: OpenBSD SECURITY FIX: Incorrect mbuf handling for ICMP6 packets, 2nd revision

Hi, On Sunday, 18. March 2007 14:00, Henning Brauer wrote: ... Easy. I don't have to download large quantities of source with CVS, I only have to compile those parts of the source that are affected by a patch. err? assuming you have release code intsalled (which you need for patching

Re: Seeking opinion about OpenBSD

Hi, On Sunday, 18. March 2007 19:00, Thomas Leveille wrote: Am I the only one to find this stupid ? Why should you need a browser in a server ? I sometimes depend on lynx to download stuff from sourceforge where no direct download link is supplied. regards, Tobias W.

OpenBSD SECURITY FIX: Incorrect mbuf handling for ICMP6 packets, 2nd revision

Hi everybody, I just noticed Henning's addition to the latest patch. Can I apply it if I already applied the first revision to 4.0 release + errata up to 010 first revision? Or do I have to edit the latest patch to only add the if test? I also noticed the index is different in the two

Re: Contradictory statement on vulnerability

Hi, On Friday, 16. March 2007 12:09, Karel Kulhavy wrote: I am not following anything - just installed OpenBSD 4.0 from a CD. What should I follow, then? That's your choice. If you just want a stable and reliable OpenBSD then install -release (that's what you did). If you want to keep it

Re: Contradictory statement on vulnerability

Hi, On Friday, 16. March 2007 21:04, Karel Kulhavy wrote: ... Thanks, this is a much better explanation than in FAQ sec. 5. The explanation in FAQ doesn't mention the fact that not only the -current, but also the -stable is a moving target, though a slowly moving one. Now I have 4.0-release

Re: Slightly OT: i386 Sound Card Recommendation

Hi, On Friday, 16. March 2007 21:26, JT Croteau wrote: This may seem like a simple question but it has been a long time since I've done any multimedia work on a *nix platform and never on OpenBSD. I need to add a sound card to my OpenBSD desktop box for basic audio playback from .mp3's and

Re: Contradictory statement on vulnerability

Hi, On Friday, 16. March 2007 23:41, Jeremy Huiskamp wrote: ... Um, no. If you apply the errata to -release you have -release + errata. There are things in stable that are not in the errata, albeit not much. Tracking -stable requires using cvs which, frankly is much easier than patching

Re: OpenBSD as Virtualbox guest

Hi there, On Tuesday, 27. February 2007 20:17, Peter wrote: I'm looking for comments from people who have installed OpenBSD 4.0 as a Virtualbox guest. I am currently running Virtualbox 1.3.6 on Gentoo Linux 2006.1. The manual does not mention OBSD as guest even though their website states

Re: Virtualisation on OpenBSD?

Hi there, On Jan 24, 2007, at 1:49 PM, John Tate wrote: Is there any software that supports OpenBSD that can do full virtualisation? I don't think VMware would be supported on OpenBSD. I don't think there is anything that really fits what you're looking for. The NetBSD project has neat

SMP kernel on single CPU machines?

Hi everybody, this may be a really stupid question but I'm going to ask it anyway since I didn't find anything using Google or in the archives. I was looking at http://www.openbsd.org/faq/faq8.html#SMP I'm wondering if there are any disadvantages if I run a SMP kernel on a machine with only

Re: binpatch, was: moving kernels...

Hi there, On Saturday, 6. January 2007 17:24, Ingo Schwarze wrote: ... So if you use it, you will probably need to do maintenance work yourself, first of all adapting it to OpenBSD 4.0. Have a look here: http://erdelynet.com/binpatch/ Mike has a Makefile for 4.0 stable that I'm using too.

Re: help! 855 chipset resolution

Hi there, On Dec 13, 2006, at 3:09 PM, Vim Visual wrote: yes... that's probably the solution... gosh... this means that I have to re-install both things... anyway... Nonsense! :-) You can make room on your harddrive by resizing some of your partitions so that OpenBSD fits on it too. All

Re: ahem... skype on o'bsd

Hi, On Dec 11, 2006, at 6:15 PM, Vim Visual wrote: the proof ;) http://www.aei.mpg.de/~pau/skype.png I don't have any contacts under that nickname; therefore the list is empty... I would be careful with Skype. My father's Mandriva Linux PC was trojaned using an outdated version of

Re: livecd error

Hi, I hope this is not considered thread-highjacking but it sort of fits into this thread, so here it goes: I'm trying to follow these instructions to build a live CD based on 4.0 stable: http://www.onlamp.com/pub/a/bsd/2005/07/14/openbsd_live.html I'm in trouble when building the RAMDISK

Re: java on openbsd

Hi Marc, On Nov 14, 2006, at 5:27 PM, [EMAIL PROTECTED] wrote: ... I didn't try any linux 1.5/1.6 jdk, but perhaps you missed something for your linux emulation? read man compat_linux, perhaps it helps. the other options you have is having someone mail you the source on cd, or use kaffe (don't

Re: java on openbsd

Hi list, hi Jacob, On Tuesday, 14. November 2006 19:35, Jacob Yocom-Piatt wrote: Java is a shitshow, it isn't a nice language. Stop defending Sun and their ridiculous licenses. The day Sun shows up as a real player in the open source world this could be justified. For now they are just

weird /etc/fstab problem

Hi everybody, I have setup an old Pentium with OpenBSD 3.9 to do some basic filtering and NAT at my parents place after a Smoothwall installation I did some two years ago got rooted recently. Everything works just fine, except I have a problem with mounting partitions from /etc/fstab

Re: weird /etc/fstab problem

Hi, On Oct 29, 2006, at 12:27 PM, Stuart Henderson wrote: vi +/uw /etc/rc This is exactly what I was looking for. Thanks for the hint. I'll give it a try. regards, Tobias W.

Re: auditing when permissions are changed

Hi, On Thursday, 26. October 2006 23:07, ropers wrote: Hi, This is a sorta n00bish question, but I've just discovered that unlike what I've always assumed to be the case, changing a file's permissions doesn't touch its last modified time/date stamp. Is there any way to find out when a

Re: new tool: openportd

Hi, On Oct 22, 2006, at 4:41 PM, Steffen Wendzel wrote: this isn't correct. Every service had some security problems in the past. Imagin that your service X is vulnerable (only since a few h by a zero day exploit or so) and someone tries to exploit it at 2:00 in the morning. but if you run

Re: How do I convert a man page to PS or PDF?

Hi, On Oct 20, 2006, at 10:53 PM, Steve B wrote: I'm leaving on vacation and wanted to have something to read on the plane and at the beach. How can I convert a couple of man pages into either PS or PDF so that I can print them? If you're talking about manpages from any OpenBSD release

Re: Cannot login into OpenSSH after applying patch 020_ssh2.patch to OpenBSD 3.8 stable

Hi everybody, Darren has just become my hero of the day. Rebuilding OpenSSH like Darren described earlier works on my OpenBSD 3.8 box. No more problems. Happiness. thanks a lot Darren! regards, Tobias W.

Cannot login into OpenSSH after applying patch 020_ssh2.patch to OpenBSD 3.8 stable

Hi everybody, I just patched OpenSSH on OpenBSD 3.8 and restarted OpenSSH. Now I can't login anymore using public/private key authentication. I get this on the client side: Enter passphrase for key '/Users/user/.ssh/id_dsa': Connection to host.xy closed by remote host. Connection to host.xy

Re: /etc/motd SHA1 checksum keeps changing

Hi, On Oct 10, 2006, at 1:56 AM, Mathieu Sauve-Frankel wrote: did you read the man page ? $ man motd $ grep motd /etc/rc The manpage would have solved my question. Thanks! :-) I guess I didn't realise that there even was a manpage for /etc/motd. I should check first in the future...

/etc/motd SHA1 checksum keeps changing

Hi everybody, I have a weird problem on a i386 box with OpenBSD 3.8. Im running the patch branch with the AIDE package installed. AIDE keeps reporting a change in the SHA1 checksum of /etc/motd. Even after I run a aide --update and use the updated database for future checks the checksum

Re: Do mp3 concatenation programs exist?

Hi, On Saturday, 15. July 2006 21:24, z0mbix wrote: On 7/15/06, Peter Philipp [EMAIL PROTECTED] wrote: Hi misc@, I have a an original setup at home. I crontab logging on and off the Internet on a minutely basis, so that I aquire a new IP every minute. I do this for personal reasons

Re: Voice-Chat Software (maybe even a Client wich works on openBSD? ;) ) ?

Hi, On Thursday, 13. July 2006 04:16, Sebastian Rother wrote: Hello everybody, I`m looking for a Voice-Chat/VoIP Solution. Requirements: Peoples with different OSs should be able to talk to each other (maybe even some little meetings). The peoples I know use mainly: Linux, OpenBSD, rare

Re: Partitions

Hi, So am I going overboard? or am I missing any good partions. I never understood why putting /tmp on its own partition is good when nobody notices /var/tmp. In addition to /tmp I always put /var/tmp on its own partition too, so that I can mount it with nodev,noexec,nosuid. I also try to

Re: public_html and apache chroot

Hi, On Jun 24, 2006, at 9:53 PM, n.v.t n.v.t wrote: Hello, I hope all of you are in best shape of health. I'm experiencing some problems with apache. I'm trying to enable Userdirs and keep the chroot. (root here) 1) mkdir /var/www/user/me 2) cd /var/www/user/me ; ln -s /var/www/user/me

Re: XF4 Patches (Again) :(

Hi, I asked exactly the same question a couple of weeks ago, by the time the patch was released. You should be able to find the answers to your question in the archives ;-) kind regards, Tobias W. On Jun 21, 2006, at 10:56 PM, Jack J. Woehr wrote: Okay, I read the threads on misc@ and

Re: cruxports for OpenBSD

Hi, On Saturday, 17. June 2006 18:36, Deanna Phillips wrote: ... As I see it, this is an example of working _against_ a project instead of with and for it. A personal NIH syndrome, if you will. It's not just some Linux thing he put together that also works here. Look at his quote:

Re: they say openbsd is not as scalable as others

Hi, On Sunday, 28. May 2006 19:06, Matthias Kilian wrote: ... Oh, but comparing general performance of Linux vs. OpenBSD on a typical desktop/development PC, I *can* tell you that OpenBSD performs much better, especially when the machine does lots of IO in the background. A daring statement.

Upgrading packages from ports question

Hi everybody, I'm getting familiar with ports at the moment since I restricted myself to using packages exclusively in the past. I have been skimming throught the FAQ and the manpages covering ports and the possible make targets. I have also read the chapter covering ports in Secure

Re: basic questions regarding patching, errata and stable branch

Hi, On Monday, 22. May 2006 19:55, Ted Unangst wrote: I have read that mixing up checked out subsystems from CVS like src, ports and XF4 cannot be done across different branches without breaking the system at some time. Let's assume I don't want to spend the extra compile time and

basic questions regarding patching, errata and stable branch

Hi everybody, I am still trying to sort out some of the information on the OpenBSD website about how to follow a specific branch and what are the benefits of each method. I understood what STABLE, CURRENT and RELEASE are and how to follow them. I still have some difficulties figuring out what

Re: XF4.tar.gz in /usr or /usr/src?

going to mistrust the instructions from the patches from now on. The FAQ is the most valuable source of information I have found so far. kind regards, Tobias Weisserth

XF4.tar.gz in /usr or /usr/src?

Hi everybody, I hope this is the right place to post this. I was just installing my 3.9 release from the CDs Wim sent me (Thanks Wim!!) and right now I'm in the process of applying the errata patches. I have spent the last three hours reading the online documentation from the website when