On Wed, Oct 24, 2007 at 12:55:39AM +0200, Jan Stary wrote:
What is the relation of OpenBSD's audio drivers to the OSS project?
What, if anything, does opensourcing (GPL, I know) their code mean for
our audio drivers? In particular, does that mean (future) support for
the high-end
Theo de Raadt wrote:
x86 virtualization is about basically placing another nearly full
kernel, full of new bugs, on top of a nasty x86 architecture which
barely has correct page protection.
He probably meant psychological security, or job security.
... Then running your operating
system on
There is one thing I really miss in OpenBSD's ntpd, and that is
some way of asking the status. It need not be something like
ntpq for standard ntpd. Sending it e.g SIGUSR1 so it would
dump current servers, their status and ntpd's general status
would be nice.
When there is nothing for a while in
* [EMAIL PROTECTED] [EMAIL PROTECTED] [2007-10-24 03:03]:
Virtualization seems to have a lot of security benefits
seems?
to whom?
to people who never wrote a line of code and don't understand how
things work?
--
Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED]
BS Web Services,
* Rob [EMAIL PROTECTED] [2007-10-24 00:05]:
I'm not a pf newbie by any means, but I'm not really qualified to
answer questions about it either. That said, I don't usually use an
'=' sign in my pf rules, and the pf faq doesn't list that as one of
the accepted operators for the port range
well,
Guys,
I'm currently in-charge in assembling a generic multimedia server (like
youtube) but in much more smaller scale. Before we invest on something big
on server platform like ibm, sun, hp or dell, we're thinking of using
intel or tyan serverboard.
In this testing environment, we will
* Boris Goldberg [EMAIL PROTECTED] [2007-10-23 18:15]:
It's always better to don't run a demon if you don't have to. :)
It's always better to not write a nonsense mail if you don't have to.
--
Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED]
BS Web Services, http://bsws.de
Full-Service
* Martin Schrvder [EMAIL PROTECTED] [2007-10-24 00:51]:
2007/10/23, Darrin Chandler [EMAIL PROTECTED]:
pool.ntp.org and score quite well. In fact, they compare favorably to
servers running the more heavyweight ntp daemons.
While we are talking about ntpd: Is there hope of an update of the
* Clint Pachl [EMAIL PROTECTED] [2007-10-24 00:45]:
Henning Brauer wrote:
* Boris Goldberg [EMAIL PROTECTED] [2007-10-23 15:50]:
CP One system would get time from the NTP pool and all other servers
on
CP the network would sync to the local server.
You don't really need ntpd on
From looking at the lsi site and the driver names it ships on these
model controllers, it looks like these nics are really mpi(4) based
with a driver that does software raid on top of it. Way to sully the
MegaRAID name LSI...
Anyway, I think you're going to have to move up from the value line
of
As I mentioned in my first mail, it appears to be an OpenBSD - specific
problem. On the exact same hardware, I can measure a throuphput of about 10
MB/second when using FreeBSD.
This matches more or less the CF specifications (PQI industrial Turbo
Compact Flash Card). UDMA33 is used under
Raimo Niskanen [EMAIL PROTECTED] wrote:
There is one thing I really miss in OpenBSD's ntpd, and that is
some way of asking the status. It need not be something like
ntpq for standard ntpd. Sending it e.g SIGUSR1 so it would
dump current servers, their status and ntpd's general status
would
On Wed, Oct 24, 2007 at 09:43:56AM +, Christian Weisgerber wrote:
Raimo Niskanen [EMAIL PROTECTED] wrote:
There is one thing I really miss in OpenBSD's ntpd, and that is
some way of asking the status. It need not be something like
ntpq for standard ntpd. Sending it e.g SIGUSR1 so it
On Wed, 24 Oct 2007 07:26:39 +0200, [EMAIL PROTECTED] wrote:
Hi all.
I want the OpenBSD system to see system users in LDAP.
I know, that OpenBSD doesn't have anything, like nsswitch in other
Unix.
What can i do?
First of all post to the right list. ;) This would fit better in
the misc-list.
Martin Hedenfalk wrote:
Hello list,
Is anyone working on getting the gpio pins supported on the PCEngines
ALIX boards?
I'd like to be able to control the LEDs using gpioctl, just like on the
WRAP.
I am.
- mb
Boris Goldberg wrote:
Hello Rogier,
Tuesday, October 23, 2007, 9:01:32 AM, you wrote:
RK On 10/23/07, Boris Goldberg [EMAIL PROTECTED] wrote:
You don't really need ntpd on all systems. One (timeserver) runs ntpd,
and others use rdate, called from cron (once a day is usually enough).
RK
Linus SwCFCB$las wrote:
On Wed, 24 Oct 2007 07:26:39 +0200, [EMAIL PROTECTED] wrote:
Hi all.
I want the OpenBSD system to see system users in LDAP.
I know, that OpenBSD doesn't have anything, like nsswitch in other
Unix.
What can i do?
First of all post to the right list. ;) This would
Raimo Niskanen [EMAIL PROTECTED] wrote:
If you send -current ntpd SIGINFO, it will syslog its status.
But not 4.2, right?
Right.
--
Christian naddy Weisgerber [EMAIL PROTECTED]
Hi,
I made a fresh install of current some five days ago and when I tried
to install fluxbox I get:
# pkg_add fluxbox
Can't install imlib2-1.4.0: lib not found png.6.0
Dependencies for imlib2-1.4.0 resolve to: png-1.2.18, bzip2-1.0.4,
libid3tag-0.15.1bp0, jpeg-6bp3,
On 2007/10/24 11:31, Pau Amaro-Seoane wrote:
I have tried different ftp mirrors (even the master one) in these days
but I get the same problem all the time.
At the moment, you need to build your own from ports or wait a
while. There have been some changed libraries recently and it will
take a
thanks for the answer!
Pau
2007/10/24, Stuart Henderson [EMAIL PROTECTED]:
On 2007/10/24 11:31, Pau Amaro-Seoane wrote:
I have tried different ftp mirrors (even the master one) in these days
but I get the same problem all the time.
At the moment, you need to build your own from ports or
On 10/24/07, Henning Brauer [EMAIL PROTECTED] wrote:
* Rob [EMAIL PROTECTED] [2007-10-24 00:05]:
Note that I wouldn't use a flush global directive for a rule like
this, because it can lead to a neat DoS where somebody can spoof one
of your own IP addresses and shut down any ssh sessions you
Hi list,
it seems that ifstated(8) sometimes does not see all events and thus
fails to change state.
My setup consists of 2 boxes with 5 carp interfaces. CARP works fine, on
box frw1 all are MASTER and on box frw2 all are in BACKUP state.
When i bring down all carp interfaces on frw1, all get
Hello,
On Vmware Fusion (tested with Fusion 1.1 on a Core2duo imac), OpenBSD
(-current) is very slow on anything that is not just a pure computation task.
While compiling something, or while running MySQL, PgSQL, Apache or
Sendmail, top always shows that the CPU spends 99% or 100% of its
Dear sirs please: I will return to my original question. I just wondered if xen
will be included into the OpenBSD's kernel to act as a para-virtualized DomU or
not. Nothing more. I will not go into issues of the type is insecure or not.
Theo, or somebody from developer team: Will be
On 10/24/07, carlopmart [EMAIL PROTECTED] wrote:
Dear sirs please: I will return to my original question. I just wondered if
xen
will be included into the OpenBSD's kernel to act as a para-virtualized DomU
or
not. Nothing more. I will not go into issues of the type is insecure or not.
Chris Kuethe wrote:
On 10/24/07, carlopmart [EMAIL PROTECTED] wrote:
Dear sirs please: I will return to my original question. I just wondered if xen
will be included into the OpenBSD's kernel to act as a para-virtualized DomU or
not. Nothing more. I will not go into issues of the type is
On Wed, 24 Oct 2007, Henning Brauer wrote:
* [EMAIL PROTECTED] [EMAIL PROTECTED] [2007-10-24 03:03]:
Virtualization seems to have a lot of security benefits
seems?
to whom?
Virtualization provides near absolute security - DOM0 is not visible to
the user at all, only passing network traffic
On Tue, Oct 23, 2007 at 08:35:39PM -0700, Ben Goren wrote:
On 2007 Oct 23, at 5:57 PM, [EMAIL PROTECTED] wrote:
Virtualization seems to have a lot of security benefits.
``Seems'' is the key word, here.
On hardware like an IBM mainframe that can acutally support what's
necessary for
On Wed, Oct 24, 2007 at 08:31:26AM -0500, L. V. Lammert wrote:
| On Wed, 24 Oct 2007, Henning Brauer wrote:
|
| * [EMAIL PROTECTED] [EMAIL PROTECTED] [2007-10-24 03:03]:
| Virtualization seems to have a lot of security benefits
|
| seems?
| to whom?
|
| Virtualization provides near
On Tuesday 23 October 2007 18:22:00 ropers wrote:
Hi Christoph,
Right now, on the OpenBSD misc mailing list, there is this discussion:
http://www.sigmasoft.com/~openbsd/archives/html/openbsd-misc/2007-10/thread
s.html#01149 about OpenBSD/Xen.
We last spoke last year, when I put your BSDtalk
On Wednesday 24 October 2007 16:14:19 Chris Kuethe wrote:
On 10/24/07, carlopmart [EMAIL PROTECTED] wrote:
Dear sirs please: I will return to my original question. I just wondered
if xen will be included into the OpenBSD's kernel to act as a
para-virtualized DomU or not. Nothing more. I
* L. V. Lammert [EMAIL PROTECTED] [2007-10-24 16:46]:
Virtualization provides near absolute security - DOM0 is not visible to
the user at all, only passing network traffic and handling kernel calls.
The security comes about in that each DOMU is totally isolated from the
the others, while the
I'm noticing some strangeness in conjunction with WOL(*), which seems
not to be working and am not sure where the problem lies(**).
The machine launching the packets has two interfaces, re0 and em0, with
the receiving machine connected to re0. The machine does not wake up
either using port 9 or
On Wednesday 24 October 2007 17:25:25 Artur Grabowski wrote:
Christoph Egger [EMAIL PROTECTED] writes:
So I'm going to guess the answer is No, integrating xen
paravirtualization is not a project priority at this time. Also, where
are your diffs?
The OpenBSD/Xen source is at
On Wed, 24 Oct 2007, L. V. Lammert wrote:
Virtualization provides near absolute security - DOM0 is not visible to
the user at all, only passing network traffic and handling kernel calls.
The security comes about in that each DOMU is totally isolated from the
the others, while the core DOM0 is
Hi,
When testing greylisting with synchronizing we noticed the following
strange behavior:
Machine A (10.100.64.234) is the machine we receive mail through.
Machine B (10.100.64.233) is synced through spamd
Check out the expire value on machine A after the state have gone from
Grey to White!
It
Christoph Egger wrote:
On Wednesday 24 October 2007 17:25:25 Artur Grabowski wrote:
Christoph Egger [EMAIL PROTECTED] writes:
So I'm going to guess the answer is No, integrating xen
paravirtualization is not a project priority at this time. Also, where
are your diffs?
The OpenBSD/Xen source
Hello Clint,
Tuesday, October 23, 2007, 5:36:15 PM, you wrote:
CP From what I have read in this thread, it looks like only one guy
CP prefers the old timed and rdate tools. A few are even telling him he is
CP giving bad advice when promoting the usage of these tools. Henning
CP mentioned that
David,
I would take a look at adding synproxy to your rules before worrying about
max-src-states. Synproxy will allow max-src-conn-rate to work more
reliably.
By default, pf(4) passes packets that are part of a tcp(4) handshake be-
tween the endpoints. The synproxy state option can be used to
On 10/24/07, Paul de Weerd [EMAIL PROTECTED] wrote:
This is the theory. In theory, there's no bugs in OpenBSD. In
practice, many of the commits to the tree are not new features/drivers
but actual bugfixes. Read the paper by Tavis Ormandy, referenced by
Theo. There is a real problem with
In the scientific cluster computing and enterprise spaces, it's
already well demonstrated, by many, many practitioners in those fields
[3], that virtualization is a very, very good tool.
So what? Someone showed up here and said it is actually all about
security.
That is obviously false to
On Oct 24, 2007, at 10:59 AM, Theo de Raadt wrote:
You don't
build better security by building another gigantic layer. That
is obvious to anyone who actually works in the field.
Having worked in REAL VM :-) (IBM VM/ESA now z/VM) it isn't per se
about security like we mean security ...
I have two servers that I would like to setup to run OpenBGPD for our
border routers.
I need to find a supported PCIe (not PCI-X) fiber card that runs
multi-mode and a supported PCIe (not PCI-X) fiber card that runs
single-mode. (One of our providers is coming to us with mm, the other
with sm.)
On Wed, Oct 24, 2007 at 10:47:45AM -0500, Boris Goldberg wrote:
| May be it makes sense to set -ncv as a default behavior of rdate, but
| there is should be a way to synchronize time without running a demon (don't
| understand why are people so aggressive about that) if you don't need
|
On Wed, 24 Oct 2007, Paul de Weerd wrote:
On Wed, Oct 24, 2007 at 08:31:26AM -0500, L. V. Lammert wrote:
| On Wed, 24 Oct 2007, Henning Brauer wrote:
|
| * [EMAIL PROTECTED] [EMAIL PROTECTED] [2007-10-24 03:03]:
| Virtualization seems to have a lot of security benefits
|
| seems?
|
Bottom-line is, the more complicated your setup gets, the more chances
you get to fuck-up.
All that stuff about extra permissions, extra layers. Each thingie you
add you need to configure. And you won't be 100%, not all the time.
So, Xen is just another opportunity to get fucked.
Instead of
At 05:12 PM 10/24/2007 +0200, Henning Brauer wrote:
* L. V. Lammert [EMAIL PROTECTED] [2007-10-24 16:46]:
Virtualization provides near absolute security - DOM0 is not visible to
the user at all, only passing network traffic and handling kernel calls.
The security comes about in that each DOMU
I am just astounded by how some people who love virtualization
keep making the same mistakes. Are you even listening?
Practice also. XEN is a great tool for 'duplicating' a machine in an
entererprise environment (IME running 'user level' tools for hundreds or
thousands of users). Separating
At 05:12 PM 10/24/2007 +0200, Henning Brauer wrote:
* L. V. Lammert [EMAIL PROTECTED] [2007-10-24 16:46]:
Virtualization provides near absolute security - DOM0 is not visible to
the user at all, only passing network traffic and handling kernel calls.
The security comes about in that
On 10/24/07, Christoph Egger [EMAIL PROTECTED] wrote:
- aio(2) support
creaking along.
- POSIX ptsname() (this is used in a python binding module)
dunno.
- newer gcc version due to a structure padding bug with
an alignment attribute hidden in a typedef (this is fixed in gcc 3.4)
I use
I just wanted to confirm the following:
If I've installed OpenBSD 4.2 and I need a specific package (in this
case, net-smpd) which is not available on the CD, I must wait until
4.2 is officially released. Then I can get the packages I need from
the ftp site.
Boris Goldberg wrote:
May be it makes sense to set -ncv as a default behavior of rdate, but
there is should be a way to synchronize time without running a demon (don't
understand why are people so aggressive about that) if you don't need
up-to-second synchronization (in my case
Hi Joe,
If I've installed OpenBSD 4.2 and I need a specific package (in this
case, net-smpd) which is not available on the CD, I must wait until
4.2 is officially released. Then I can get the packages I need from
the ftp site.
Yes.
(Or you build it from ports. Still, 4.2 is very much
I have, what appears to be, v1 of this card, but I get the following from
dmesg--even when booting from the latest snapshot of cd42.iso:
Intersil, ISL3890, -, - (manufacturer 0xb, product 0x3890) Intersil Prism
GT/Duette rev 0x01 at cardbus1 dev 0 function 0 not configured
I'm not certain
At 12:03 PM 10/24/2007 -0600, Theo de Raadt wrote:
Anything we can do to increase security, *including* setting up VMs (of
any
flavor) is an improvement [that also increased hardware utilization].
This last sentence is such a lie.
That depends on your viewpoint. There certainly may be
Hello evo,
Wednesday, October 24, 2007, 12:51:13 AM, you wrote:
e I'm choosing firewall/proxy/mail-gateway hardware running (of course)
e OpenBSD for medium office and my shortlist is:
e (a) HP ProLiant DL320 and (b) Sun Fire V125
I'm upgrading my servers/firewalls to HP ProLiant DL320
L. V. Lammert wrote:
At 05:12 PM 10/24/2007 +0200, Henning Brauer wrote:
* L. V. Lammert [EMAIL PROTECTED] [2007-10-24 16:46]:
Virtualization provides near absolute security - DOM0 is not visible to
the user at all, only passing network traffic and handling kernel calls.
The security comes
At 12:03 PM 10/24/2007 -0600, Theo de Raadt wrote:
Anything we can do to increase security, *including* setting up VMs (of
any
flavor) is an improvement [that also increased hardware utilization].
This last sentence is such a lie.
That depends on your viewpoint. There certainly
* Paul de Weerd [EMAIL PROTECTED] [2007-10-24 19:28]:
On Wed, Oct 24, 2007 at 10:47:45AM -0500, Boris Goldberg wrote:
| May be it makes sense to set -ncv as a default behavior of rdate, but
| there is should be a way to synchronize time without running a demon (don't
| understand why are
On Wed, Oct 24, 2007 at 01:41:38PM -0500, L. V. Lammert wrote:
| For example, say you have three departments within a company: Marketing,
| Development, Production. Allowing each department to maintain their own
| server instance allows each department to have their own users, home
| directory
* Marc Balmer [EMAIL PROTECTED] [2007-10-24 20:25]:
Boris Goldberg wrote:
May be it makes sense to set -ncv as a default behavior of rdate,
but
there is should be a way to synchronize time without running a demon
(don't
understand why are people so aggressive about that) if you
Can Erkin Acar wrote:
L. V. Lammert wrote:
At 05:12 PM 10/24/2007 +0200, Henning Brauer wrote:
* L. V. Lammert [EMAIL PROTECTED] [2007-10-24 16:46]:
Virtualization provides near absolute security - DOM0 is not visible to
the user at all, only passing network traffic and handling kernel calls.
Hello Marc,
Wednesday, October 24, 2007, 1:13:23 PM, you wrote:
May be it makes sense to set -ncv as a default behavior of rdate, but
there is should be a way to synchronize time without running a demon (don't
understand why are people so aggressive about that) if you don't need
On 10/24/07, L. V. Lammert [EMAIL PROTECTED] wrote:
At 12:03 PM 10/24/2007 -0600, Theo de Raadt wrote:
Anything we can do to increase security, *including* setting up VMs (of
any
flavor) is an improvement [that also increased hardware utilization].
This last sentence is such a lie.
The security benefits are at the application level, *NOT* at the OS level.
What hogwash.
The security benefits are at the ability to buy a steak for dinner
level.
You've already made the decision to decrease security by
de-compartmentalizing onto one physical box, so you are just thrilled
with
Linus SwCFCB$las schrieb:
OpenBSD doesn't include an LDAP module though so you'd have to write
your own, details for how to do so is in the login.conf(5) man page.
Or perhaps you can google something, someone else has probably built
one already.
login_ldap no longer in ports?
On 10/24/07, Jack J. Woehr [EMAIL PROTECTED] wrote:
All things being equal, the safest base installations in the universe
would be those whose user instances were encased in some kind of
solid VM and whose base instance administrators were provided
with and followed best practices.
My VM:
* N.J. Thomas [EMAIL PROTECTED] [2007-10-24 19:28]:
I have two servers that I would like to setup to run OpenBGPD for our
border routers.
I need to find a supported PCIe (not PCI-X) fiber card that runs
multi-mode and a supported PCIe (not PCI-X) fiber card that runs
single-mode. (One of
* Darren Spruell [EMAIL PROTECTED] [2007-10-24 21:48]:
Remember back 10-ish years ago when VLANs were being touted as the
ultimate network segmentation technology by marketers of managed
switches? And now everyone hopefully realizes that while VLANs
technically do offer network segmentation,
It's a very simple concept.
There is *nothing* in any virtualization software that makes having it
*more secure* than not having it at all.
Period.
---
Jason Dixon
DixonGroup Consulting
http://www.dixongroup.net
On Wed, 24 Oct 2007, Theo de Raadt wrote:
The security benefits are at the application level, *NOT* at the OS level.
What hogwash.
The security benefits are at the ability to buy a steak for dinner
level.
Nah, I like steak, I hate enterprise computing.
You've already made the decision
Boris Goldberg wrote:
[snip]
There are pros and cons in the demon and in the cron schema. I
decided to use cron and I know why. Every sysadmin/architect should make
that decision for *his* systems (and know why). Home users should
probably stay with the default (ntpd),
On 10/24/07, Henning Brauer [EMAIL PROTECTED] wrote:
without bad config errors (that are getting harder to make, except on
cisco, they got the semantics completely wrong and stupid defaults) and
usedcorrectly, yes, VLANs perfectly isolate network segments.
I'm curious about this. Do you have
On Oct 24, 2007, at 4:16 PM, Henning Brauer [EMAIL PROTECTED]
wrote:
* Darren Spruell [EMAIL PROTECTED] [2007-10-24 21:48]:
Remember back 10-ish years ago when VLANs were being touted as the
ultimate network segmentation technology by marketers of managed
switches? And now everyone hopefully
You have failed to satisfactorily explain why running a specific application
in a VM is more secure then running it in a standard OS. It's nonsense that
you think it's more secure that way. It saves a lot of money, yes -- you
don't necessarily want a separate box just to run an application - but
On Wed, 24 Oct 2007, Theo de Raadt wrote:
At 12:03 PM 10/24/2007 -0600, Theo de Raadt wrote:
Anything we can do to increase security, *including* setting up VMs (of
any
flavor) is an improvement [that also increased hardware utilization].
This last sentence is such a lie.
Theo de Raadt wrote:
The security benefits are at the ability to buy a steak for dinner
level.
I vote to add it to theo.c.
Thanks
Daniel
Index: src/usr.bin/mg/theo.c
===
RCS file: /cvs/src/usr.bin/mg/theo.c,v
retrieving
* L. V. Lammert [EMAIL PROTECTED] [2007-10-24 23:22]:
Running
different application domains on separate VMs provides isolation BETWEEN
those application domains.
no, it does not.
--
Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED]
BS Web Services, http://bsws.de
Full-Service ISP - Secure
Certainly there is a small, compount risk increase due to multiple OS
images involved, but the OS images must be analyzed independently FIRST,
and THOSE risks addressed.
Certainly you pulled that assesment out of your ass.
**IF** OBSD were available as a host OS, that would be good security.
On Wed, Oct 24, 2007 at 10:25:32PM +0200, Henning Brauer wrote:
* N.J. Thomas [EMAIL PROTECTED] [2007-10-24 19:28]:
I have two servers that I would like to setup to run OpenBGPD for our
border routers.
I need to find a supported PCIe (not PCI-X) fiber card that runs
multi-mode and a
knitti wrote:
On 10/19/07, Stephen Bosch [EMAIL PROTECTED] wrote:
Other things I've tried:
- moving the Jetdirect to a different port on the same physical switch
- a variety of static and dynamic IPs in the subnet
I also forwarded the external port 9100 to this print server and tried
to
You have failed to satisfactorily explain why running a specific application
in a VM is more secure then running it in a standard OS. It's nonsense that
you think it's more secure that way. It saves a lot of money, yes -- you
don't necessarily want a separate box just to run an application -
At 03:31 PM 10/24/2007 -0600, Theo de Raadt wrote:
Certainly there is a small, compount risk increase due to multiple OS
images involved, but the OS images must be analyzed independently FIRST,
and THOSE risks addressed.
Certainly you pulled that assesment out of your ass.
I thought it was
At 11:26 PM 10/24/2007 +0200, Henning Brauer wrote:
* L. V. Lammert [EMAIL PROTECTED] [2007-10-24 23:22]:
Running
different application domains on separate VMs provides isolation BETWEEN
those application domains.
no, it does not.
Is that your ostrich response?
Lee
* L. V. Lammert [EMAIL PROTECTED] [2007-10-25 00:11]:
At 11:26 PM 10/24/2007 +0200, Henning Brauer wrote:
* L. V. Lammert [EMAIL PROTECTED] [2007-10-24 23:22]:
Running
different application domains on separate VMs provides isolation BETWEEN
those application domains.
no, it does not.
L. V. Lammert wrote:
gibberish
Paul de Weerd wrote:
Why compare this to all departments on one machine, all on the same
OS ? That's not a fair comparison.
Why? Because that's what happens *anyway*.
--
Matthew Weigel
hacker
[EMAIL PROTECTED]
At 05:27 PM 10/24/2007 -0500, Tony Abernethy wrote:
L. V. Lammert wrote:
gibberish
Wow, such intelligence Now we get crap instead of ostrich logic. Sheesh.
Lee
all,
I'm happy to read whatever I need to, in order to get this system
running. I come before this list humbly. Please don't flame my ass
with RTFMs :)
I have a new Dell Optiplex 745 with an Intel Core 2 Duo.
this system completed the install. Now on boot it hangs after:
wskbd1: connecting
On Oct 24, 2007, at 3:41 PM, Theo de Raadt wrote:
We know what a VM operating system has to do to deal with the PC
architecture. It is too complex to get perfectly right.
I concur with this assessment and the discussion of actual x86 PC
implementation vs. 390 architecture which led up to it.
Hello all!
I have an OpenBSD-box with two 250G drives inside (and some SCSI). Trying
to use one of the drives as a whole gave this from disklabel
$ sudo disklabel -p g wd0
[snip]
16 partitions:
# sizeoffset fstype [fsize bsize cpg]
c:233.8G 0.0G unused
Christopher Bianchi skrev:
Hello everyone. My situation is this:
i've a laptop, a Sharp pc-ax10 with Windows 2000 preinstalled , without
cdrom, floppy. I wish install OpenBSD on it. Naturally bios can't boot
from USB.
So i've thinked to boot the bsd.rd , but how ? The faq explain the
procedure
On 24-Oct-07, at 5:59 PM, L. V. Lammert wrote:
At 03:31 PM 10/24/2007 -0600, Theo de Raadt wrote:
You must be more qualified with regards to the actual code than I am
because I flat out don't believe this at all.
Believe what? OBSD is secure? I thought you were proud of the
project? Sheesh!
After enjoying the Xen thread, and the comments about the horrid mess
that is x86 hardware design, I'm wondering what hardware on which
OpenBSD will run _is_ well designed.
Who makes a hardware architecture that is open (enough) that OpenBSD can
run fully on it, that has good performance. I'm
Hi!
I think you are missing the point about x86 hardware being a mess. Theo
made an excellent point about the architecture itself having so many
filthy quirks. If a VM is compromised through any means, that attacker
can now leverage the dirty architecture to bypass the hypervisors
(supposed)
On Wed, Oct 24, 2007 at 05:44:37PM -0500, L. V. Lammert wrote:
At 05:27 PM 10/24/2007 -0500, Tony Abernethy wrote:
L. V. Lammert wrote:
gibberish
Wow, such intelligence Now we get crap instead of ostrich logic.
Sheesh.
Actually, that's a fair assessment at this point.
Looking at what
Jon Sjvstedt wrote:
Hello all!
I have an OpenBSD-box with two 250G drives inside (and some SCSI). Trying
to use one of the drives as a whole gave this from disklabel
$ sudo disklabel -p g wd0
[snip]
don't snip.
16 partitions:
# sizeoffset fstype [fsize bsize
[EMAIL PROTECTED] wrote:
all,
I'm happy to read whatever I need to, in order to get this system
running. I come before this list humbly. Please don't flame my ass
with RTFMs :)
I have a new Dell Optiplex 745 with an Intel Core 2 Duo.
this system completed the install. Now on boot it
L. V. Lammert [EMAIL PROTECTED] wrote:
If not, then security issues compound due to multiple guest OSs and
each set
of inherent vulnerabilities.
security issues and protections do not add up like numbers.
Sure they do. If I'm running Windoze as a guest OS, there are hundreds or
1 - 100 of 122 matches
Mail list logo