I use OpenBSD because it reliably breaks my code when I have done
something wrong.
Browsers, meanwhile, seem to do a lot of things wrong (look at what is
needed to compile the things, or how people compare browser
functionality). I suspect you would be better off getting a $100..$200
chromebook an
On Fri, Apr 28, 2017 at 10:11 AM, Karel Gardas wrote:
> On Fri, Apr 28, 2017 at 4:01 PM, Jyri Hovila [iki.fi]
> wrote:
>>> You ask for peace but your whole post is highly explosive.
>>
>> No, it is not.
>>
>> I'm just expressing myself directly -- as us aspergers often do.
>>
>
> Then as a real a
On Mon, Jun 5, 2017 at 7:16 PM, Mihai Popescu wrote:
>> So many documents will be lost
>
> There is an analysys about one's documents on the internet, something
> like 10% are files you will not ever need, 20% are files that you will
> never use, and so on.
>
> Bytheway, I am using marc.info to re
On Mon, Jun 5, 2017 at 7:22 PM, jungle Boogie wrote:
> On 5 June 2017 at 16:16, Mihai Popescu wrote:
>>
>> Bytheway, I am using marc.info to read list, has anyone an idea about
>> why some emails are presented like a long ASCII stream without sense?
>> Much like:
>>
>> http://marc.info/?l=openbsd
On Mon, Jun 5, 2017 at 7:37 PM, jungle Boogie wrote:
> On 5 June 2017 at 16:27, Raul Miller wrote:
>> On Mon, Jun 5, 2017 at 7:22 PM, jungle Boogie
>> wrote:
>>> On 5 June 2017 at 16:16, Mihai Popescu wrote:
>>>> Bytheway, I am using marc.info to read lis
create and delete here is based on directory permissions.
edit is presumably based on file permissions.
That said, generally speaking, windows permissions are incredibly
complex and (as a result) mostly ignored. [There will be a few people
who will deny this, but as a general rule most people den
Ok, look...
Your problem 1: all windows files are executable because the windows
model for executable or not is proprietary and not supportable. It's
also not clear why you should care about this in a shared directory.
Your problem 2: if we assume that a shared directory (rather than user
specifi
p.s. if you do not want windows files in that shared directory to be
executable, I think you can mount the nfs backing store partition
noexec.
I haven't tested this, though - I mostly try to avoid networked file systems.
Thanks,
--
Raul
On Mon, Jun 12, 2017 at 1:22 PM, Raul Miller
gt; This option is not available from the default menu.
>
> Sent from ProtonMail Mobile
>
> On Mon, Jun 12, 2017 at 7:24 PM, Raul Miller wrote:
> p.s. if you do not want windows files in that shared directory to be
> executable, I think you can mount the nfs backing store parti
>>
>> The windows nfs umask solves the problem of writing files to both user and
>> group. It certainly does not solve the above security problem.
>>
>> Sent from ProtonMail Mobile
>>
>> On Mon, Jun 12, 2017 at 10:27 PM, Raul Miller wrote:
>> Y
(also, once again, sticky bit)
--
Raul
On Tuesday, June 13, 2017, Raul Miller wrote:
> Worse, though, is if you think that a security issue on a file server
> is because of a problem in the default client configuration.
>
> Mind you, this is not completely general (load issues a
On Tue, Jun 13, 2017 at 12:25 PM, Rupert Gallagher wrote:
>> Worse, though, is if you think that a security issue on a file server
> is because of a problem in the default client configuration.
>
> I did not say that.
And yet:
On Mon, Jun 12, 2017 at 2:27 PM, Rupert Gallagher wrote:
> I think t
here in
> OpenBSD or do you know any other software that can fulfill my need.
>
> Sir, Hope to hear from you.
>
>
>
>
> On Fri, Jun 23, 2017 at 9:55 AM, Raul Miller wrote:
>>
>> http://man.openbsd.org/arp.8?
>>
>> --
>> Raul
>>
>>
>>
On Mon, Jul 10, 2017 at 5:04 PM, SOUL_OF_ROOT 55 wrote:
> Theo de Raadt no responds to me private message since I told him that I do
> not understand English.
If you told him that in english, I can imagine why.
(You effectively said that you do not know what you are saying - which
makes any resp
On Sat, Jul 22, 2017 at 4:58 PM, Ingo Schwarze wrote:
> Max Power wrote on Sat, Jul 22, 2017 at 10:49:05PM +0200:
>> but In addition to your advice...
>> possible that there is no official documentation?
>> This is the questions...!
>
> And i already answered that:
>
> No, there isn't, because:
>
What is the larger problem you are trying to solve?
Thanks,
--
Raul
On Sun, Aug 13, 2017 at 9:19 AM, Alessandro DE LAURENZIS
wrote:
> Dear misc@ readers,
>
> I was wondering what you normally do when running vi with doas if a .exrc
> file is present in the normal user $HOME.
>
> "doas /usr/bi
"Replicated similar functionality" is indeed a security issue.
It's a security problem, sometimes - the whole buffer overflow being
replicated everywhere thing, for example.
But replication also gives robustness in the face of failure, so it
can also be a security asset. Still an issue, just not
On Sat, Aug 26, 2017 at 4:36 AM, wrote:
> The greater the body of code is, the smaller our understanding, or at
> least our ability to grok the code.
>
> Even in the UNIX world, 'duckspeak' code -- just doing what seems right
> without realizing the longer-term implications -- is unfortunately ve
On Thu, Oct 5, 2017 at 5:39 PM, Eric Johnson wrote:
> Since the primary firewall and the DHCP server (and pretty much everything
> else on my end) run on OpenBSD, if there is a way to do it with OpenBSD,
> for example with pf, then I think that it should be a very good place to
> ask the question.
On Thu, Oct 12, 2017 at 3:18 PM, wrote:
> On a related note, would you folks be interested in patches removing
> said assumpting of equivalence from programs like dd(1)?
I would assume yes, unless those patches broke dd on some platforms.
(Patches which break things tend to provoke a rather neg
Can someone explain to me why xargs(1) does not support using newline
as a separators, when that is one of the most common unix separators?
I'm pasting one potential approach to the end of this message. There's
a few issues that might be stalling points:
(*) which command line option to be used (
at isblank would recognize linefeed as a blank.
Sorry about that,
--
Raul
On Fri, Oct 13, 2017 at 2:23 PM, Raul Miller wrote:
> Can someone explain to me why xargs(1) does not support using newline
> as a separators, when that is one of the most common unix separators?
>
> I'm p
Ok, first off, I appreciate your having taken time to respond.
Especially given the bug I had in my suggested patch.
That said... two things I am missing here:
(1) How do I get access to that normal tooling from the shell command
line without xargs?
(2) Given that POSIX is an incomplete specific
The problem here is that you currently can't get xargs to use newline
as a separator without also getting spaces as a separator. This
creates a variety of problems.
Thanks,
--
Raul
On Fri, Oct 13, 2017 at 2:40 PM, Allan Streib wrote:
> Raul Miller writes:
>
>> Can someone
When our interpretation of the specification creates orders of
magnitude more problems than it solves, yes.
This should not in any way be construed as meaning that anything goes.
Thanks,
--
Raul
On Fri, Oct 13, 2017 at 2:45 PM, Theo de Raadt wrote:
>> (2) Given that POSIX is an incomplete s
delimits on a zero marker "null" separator often generated by linux-land
> find.
>
>
>
> On Fri, Oct 13, 2017 at 1:49 PM, Raul Miller wrote:
>>
>> The problem here is that you currently can't get xargs to use newline
>> as a separator without also gettin
Ok, I am curious - what new problems would this create?
Thanks,
--
Raul
On Fri, Oct 13, 2017 at 2:52 PM, Theo de Raadt wrote:
>> The problem here is that you currently can't get xargs to use newline
>> as a separator without also getting spaces as a separator. This
>> creates a variety of pro
/* Backslash escapes anything, is escaped by quotes. */
if (!insingle && !indouble && (ch = getchar()) == EOF)
On Fri, Oct 13, 2017 at 3:07 PM, Raul Miller wrote:
> Ok, I am curious - what new problems would this create?
>
> Thanks,
>
> --
> Raul
wanting to understand the issue.
Thanks,
--
Raul
On Fri, Oct 13, 2017 at 3:22 PM, Allan Streib wrote:
> Raul Miller writes:
>
>> The problem here is that you currently can't get xargs to use newline
>> as a separator without also getting spaces as a separator. This
>>
Portability?
It does seem to me that the implementation should be portable. Then if
someone needs it elsewhere they can have it elsewhere. But I think
that that's more about pledge than anything else (strnsubst and
strtonum maybe deserving honorable mention).
Meanwhile, I guess this would also ne
On Fri, Oct 13, 2017 at 7:37 PM, edgar wrote:
> Perhaps a real life example of what you have been doing with xargs before
> and after your change would be helpful.
That's tough, since when I was working on this issue I didn't have
time to think about xargs and now that I have time to think about
On Fri, Oct 13, 2017 at 6:14 PM, Theo de Raadt wrote:
> If you want to add things to standardized utilities you need to
> convince a large volume of people in the greater community
>
> Not me.
Ok,
Would you be open to a re-implementation of the gnu xargs -d option?
Quoting
https://www.gnu.org/
one record - here, a record
being a file name.)
Anyways, the -d option looks like it might be as good as it can get?
Thanks,
--
Raul
On Fri, Oct 13, 2017 at 9:26 PM, Andre Smagin wrote:
> On Fri, 13 Oct 2017 18:03:59 -0400
> Raul Miller wrote:
>
>> "Because then you don&#
On Sat, Oct 14, 2017 at 1:08 AM, Philip Guenther wrote:
> You want a version of xargs that, instead of requiring special handling for
> 5 characters legal in filenames (quote, double-quote, backslash, space, tab,
> newline), will be completely unable to handle exactly one of those
> characters (ne
On Sat, Oct 14, 2017 at 3:08 AM, Andreas Kusalananda Kähäri
wrote:
> find . -type f -mtime -1 \
> -exec grep -q -E 'pattern1' {} ';' \
> -exec shasum {} +
That's cute, but it winds up spinning up a process for every file
(actually, in your example, two processes for every file). I general
On Sat, Oct 14, 2017 at 10:26 AM, Marc Espie wrote:
> the find -print0 / xargs -0 couple was designed to solve that problem
> a long time ago in one specific case.
I suppose the other angle to take would be the addition of a null
delimiter option for other command line utilities.
Put differently
On Mon, Oct 16, 2017 at 6:43 AM, Stefan Sperling wrote:
> On Mon, Oct 16, 2017 at 10:22:26AM +, C. L. Martinez wrote:
>> Regarding WPA2 alert published today: https://www.krackattacks.com/,
>> if I use an IPSec tunnel with shared-key or certifcate or an OpenVPN
>> connection to authenticate a
I would try OpenOSPFD for this situation, instead of OpenBGPD.
--
Raul
On Mon, May 21, 2018 at 4:16 PM, wrote:
> On 2018-05-21 01:22, Solene Rapenne wrote:
>
>> hello
>>
>> I'm not sure to understand your need. You don't need BGP for
>> this. Adding a route on router A, accessing network B thr
There's https://man.openbsd.org/nice.1
You might be describing https://man.openbsd.org/setrlimit.2 or the
ulimit shell builtin (ulimit -t). But you might not want what you are
describing, if that is the case.
--
Raul
On Tue, May 29, 2018 at 2:35 PM, BergenBergen BergenBergen
wrote:
> Browser
On Wed, May 30, 2018 at 9:51 AM, IL Ka wrote:
> There is no reason to use C for "onetime tools" except cases when no other
> API exist.
Or when the tool would be running long enough that the performance
difference matters. Also, Javascript/Perl/Python/Ruby/shell all tend
to be lousy at dealing wi
Personally, I can't totally figure out what this policy would be.
My current best approximation is: there's a period of time when
pkg_add and syspatch are running and that is a time when writes are
allowed, other than that, not.
I could maybe rig up something more complicated using inherited
cryp
On Wednesday, September 5, 2018, Kevin Chadwick wrote:
> I meant that an OpenBSD user using Windows should not get a virus or
> could handle them if downloading illegal software. I am yet to see a
> truly clever system entry in the press. They always rely on user
> idiocy or poor setup. Whether Vi
On Wed, Sep 5, 2018 at 1:05 PM Kevin Chadwick wrote:
> *yawn* This is nonsense!
You don't like generally useful procedures which happen to be useful
for dealing with statistically unlikely events?
--
Raul
What do you have in your arp -a result for that 192.168.1.1 IP?
Does it look like a Verizon device?
If not, it’s probably the “problem”.
(I believe Verizon FIOS wants to live on that IP and wants to use DHCP to
issue addresses to the things it’s talking to.)
—
Raul
On Friday, September 7, 2018
On Sun, Sep 16, 2018 at 2:50 AM Chris Bennett
wrote:
> See, I'm a US citizen in a country that has these nasty FISA courts and
> a variety of new-ish unconstitutional laws that allow the President and
> others to plant fake content on my server, snatch me up, deny me a
> lawyer, detain me forever
On Tue, Apr 14, 2020 at 1:37 PM Consus wrote:
> On Tue, Apr 14, 2020 at 05:10:14PM +0200, Oddmund G. wrote:
> > I know all this, Ottavio. I have been using GNU+Linux since 1994 after
> > several years with Ultrix/VMS/OpenVMS @DEC: Slackware in the beginning, then
> > Debian until the forced introd
On Tue, Apr 14, 2020 at 3:38 PM Consus wrote:
> It is modular to a degree, but separating services requires a bit of
> work so yeah, in this area systemd sucks. Documentation is pretty good
> though. I don't like the complexity of the thing, but I've never been
> stuck because there is not enough
That's a poorly phrased question, to be honest.
In one sense the point in time where the job is scheduled has to be
different -- it's a point in time in a different 24 hour period.
But in another sense (a sense closer to what you probably intended)
the point in time can't be guaranteed to be diff
On Sat, Apr 18, 2020 at 12:25 PM Aham Brahmasmi wrote:
> The examples and Theo's reply helped in understanding the nuance. It
> might seem logical and common sense on further thought, as Janne has
> pointed out. But at least in my case, it was not immediately apparent.
Yeah, after rethinking it,
On Sat, May 9, 2020 at 1:05 PM Kevin Chadwick wrote:
> Careful of what sources you trust! If a processor was storing the keys used,
> non
> volatile then people would have found out. Software encryption wouldn't save
> you
> either. If there is a back door it won't have anything to do with AES-N
On Mon, May 11, 2020 at 9:17 PM wrote:
> I was told on the chat that Linux GNU software has hardly visible NSA
> backdoors and IMHO most funding for Linux seems to be from USA ?
This is beyond incompetent. You've got the wrong mailing list for this
kind of issue, you haven't identified the versi
Both git and OpenBSD run on patches.
That said, OpenBSD has a cultural restriction of requiring people to
inspect the patches before incorporating them. Adopting git would be a
step away from that practice.
Does that help make sense of the current situation?
--
Raul
On Mon, Jul 22, 2019 at 11:
You haven't provided enough information to give a definitive answer.
Installing OpenBSD should get you up and working again. But you'll
need to study the documentation and learn how to pull information from
logs and generally be able to keep an eye on things if you want other
people to be able to
I would fix the issue, or use something else to get that done or
abandon that project.
(I am not sure why you would imagine that using OpenBSD implies not
using other operating systems. It's *because* I use other operating
systems that I like using OpenBSD.)
Thanks,
--
Raul
On Wed, Aug 28, 201
On Fri, Sep 6, 2019 at 2:40 PM JohnS wrote:
> Why next construction doesn't work?
>
> read x; while [ "$x" != [abc] ]; do echo "Not a, b or c"; break; done
People have been focusing on the syntax of arguments for test (the
left bracket operation), but there's no 'next' here.
You are reading x ju
You should probably look at what you see there.
--
Raul
On Thu, Sep 19, 2019 at 3:35 PM sven falempin wrote:
>
> Sorry to disturb ,
>
> what is filling my /var/spool/smtpd/offline directory ?
>
> Smtpd is off on my device ( no mailing ) weekly/monthly active or not
> it feels this directory
> (
On Fri, Oct 18, 2019 at 8:23 AM wrote:
> That's not to even start on the fact that it's little more than process
> switching and virtual memory on steroids, so the extra seperation on top of
> what the OS already provides is little more than smoke and mirrors.
My mental model of computer secur
On Tue, Nov 5, 2019 at 1:58 PM Marc Chantreux wrote:
> yes ... what's the point of using another format than postscript
> directly. ...
That's not a really question (nor does it fit here).
> that said: i'll really give troff a try again when i will figure out how
> to create templates for the do
On Fri, Nov 15, 2019 at 1:17 PM Roderick wrote:
> On Fri, 15 Nov 2019, Ian Darwin wrote:
> > Who needs cat when you have echo?
>
> Echo? Necessary?! Terrible waste of paper in a teletype terminal!
> I remember editing with sos in TOPS 10 after giving the command:
> tty noecho.
This is starting to
On Tue, Dec 31, 2019 at 11:46 AM Roderick wrote:
> I am curious to know why tcl, my fovourite scripting lanuage, would
> not be a candidate.
If OpenLuaBSD would be a welcome fork, I don't see why OpenTCLBSD
would be any worse.
Doesn't mean anyone wants to write it.
--
Raul
On Tue, Dec 31, 2019 at 1:32 PM wrote:
> I'm curious to know if there are any languages other than C and perl in
> use in OpenBSD base.
It's pretty easy to download the sources for base, and then:
tar zxf src.tar.gz
find . -type f -name '*.*' | sed 's/^.*\.//' | sort | uniq -c | sort
-n | tail -
This might be relevant:
hw.setperf=0
See also: https://man.openbsd.org/cpu.4
--
Raul
On Tue, Dec 31, 2019 at 1:57 PM Leo wrote:
>
> hi
>
> my russian friend has a trouble running OpenBSD
> on his laptop, he reports that Turbo Boost is
> not working (OpenBSD limits him to 1100 MHz),
> he also
On Wed, Aug 28, 2019 at 10:41 AM Mohamed salah
wrote:
> I wanna put something in discussion, what's your motivational to use
> OPENBSD what not other bsd's what not gnu/Linux, if something doesn't work
> fine on openbsd and you love this os so much what will do?
I wanted a machine with tcp and ud
Have you looked at:
man col
?
(Especially for the -b option...)
And, for that matter, have you looked at
man col | cat -vet | less
?
Alternatively, have you tried using any web searches on this topic?
Thanks,
--
Raul
On Mon, Mar 2, 2020 at 12:01 PM Marc Chantreux
wrote:
>
> hello,
>
>
You might also try testing that memory on that machine is not faulty.
(I've been struggling with an ongoing onslaught of machines with faulty memory.)
FYI,
--
Raul
On Fri, Mar 6, 2020 at 6:19 PM Raymond, David wrote:
>
> You might try an alternate desktop/window manager such as lxqt or
> icew
On Sun, Sep 27, 2015 at 4:49 PM, Jean-Francois Simon
wrote:
> If one had to find a hardware most difficult to compromize which one would
> you take ?
None.
The hardware most difficult to compromise would be hardware with
nothing on it to compromise. An acceptable second place would be
hardware w
On Tue, Oct 6, 2015 at 2:48 PM, Benny Lofgren wrote:
> It is well known and understood since decades what's on these first
> sectors of a) a disk, b) of the BSD usable area and c) of each partition
> (type). Why are you having trouble accepting that things are the way
> they are and that they WORK
On Fri, Oct 23, 2015 at 7:58 AM, Daniel Bolgheroni
wrote:
> On Fri, Oct 23, 2015 at 04:43:50AM -0400, Mayuresh Kathe wrote:
>> i had heard rumours about the openbsd core team having a part of openbsd
>> built using 'pcc', is it true? if yes, did that effort not produce desirable
>> results?
>
> Th
On Fri, Oct 30, 2015 at 8:13 AM, français wrote:
> The OpenBSD developers approve “optimizing assembler” and compilers?
You are overgeneralizing from jokes.
--
Raul
On Fri, Nov 6, 2015 at 10:26 AM, Ted Unangst wrote:
> If I'm not mistaken, machines that do hardware checksumming will show an
> incorrect checksum in tcpdump.
That sounds like it should be a problem with some specific machines,
rather than a protocol issue.
Do you recall which machines exhibite
All protocols are, to some degree or another. Especially when you look
at all the irrelevant complexity of a full implementation.
Sometimes there's no good answers.
--
Raul
On Mon, Nov 16, 2015 at 8:25 AM, Eric Furman wrote:
> Yea, but ftp is a shitty protocol that should have died
> a mercifu
On Fri, Nov 20, 2015 at 11:20 AM, français wrote:
> Who teach the true message about the true free software?
You are asking a false question.
--
Raul
On Tue, Dec 1, 2015 at 5:21 PM, Tinker wrote:
> So your current solution is *NOT* data-safe toward "mis-write":s and other
> write errors that go unnoticed at write time.
>
> While I agree that the probability that the writes to both disks and to
> their checksum areas would fail are really low, t
On Tue, Dec 1, 2015 at 6:49 PM, Tinker wrote:
> At least as for me, I'd be happy to go with the merkle tree hash-based
> solution even if the overhead was extremely large, like anywhere up to 80%
> lower IO performance would be fine with me. I would guess that that not is
> the case though, I thin
On Tue, Dec 8, 2015 at 3:23 PM, Ted Unangst wrote:
> Michael McConville wrote:
>> Yes, but it is certainly "Websense" difficult, "Verizon traffic
>> monetization dept." difficult, "nosy VPN/exit node operator" difficult,
>> and "guy in cafe with Wireshark" difficult.
>
> But we don't care about an
On Tue, Dec 8, 2015 at 11:22 PM, Nick Holland
wrote:
> https is a joke. IF and WHEN it works properly, it's too complex for
> the real world to understand (ahem...and even recognize).
That's not the joke, though - that's the punchline.
(1) "Secure" and "Security" mean different (and often confl
On Fri, Dec 11, 2015 at 7:10 AM, Tati Chevron wrote:
> Why would we trust your mirror?
A couple things to keep in mind here:
(1) Security can never be perfect.
(2) Security does not have to be perfect.
(That said... sometimes traditional computer security seems like
people are trying to put ban
On Sat, Dec 12, 2015 at 6:34 AM, Aurélien Vallée
wrote:
> It seems like most other unixes out there do have a way to retrieve the
full
> path of a running program, mainly through /proc (be it /proc/pid/exe on
> Linux, or /proc/pid/path/a.out on Solaris (TBV).
An issue, though, is that this path d
On Mon, Dec 21, 2015 at 11:19 AM, Read, James C wrote:
> I'm not sure what you mean by 'powerful enough'. Somebody who installs OpenBSD
> and cannot access the internet now has a double problem 1) he can't access the
> internet 2) he therefore can't search online for information about how to fix
>
On Wed, Dec 23, 2015 at 5:14 AM, Dragos Ruiu wrote:
> If you aren't paranoid enough to worry about it, then you've already lost.
What did you lose?
--
Raul
On Tue, Dec 22, 2015 at 7:33 PM, Luke Small wrote:
> What point is there to having an automated machine, when you have to do
> everything manually.
You are generalizing improperly.
> I somewhat get why GUIs are maybe insecure, sloppy,
> not as robust and maybe a little tacky.
When you use a GUI
What would a "malicious application of hypervisor" look like?
How would that be different from a "malicious application of hardware"?
Generally speaking, we're talking "grey boxes" here, I imagine. And, I
guess, I'd expect either unwanted internet traffic or unwanted radio
traffic. Detection of e
I do not see keepenv in your doas.conf
--
Raul
On Wed, Jan 13, 2016 at 11:17 AM, Philippe Meunier wrote:
> Hello,
>
> Could someone be kind enough to explain to me the cause of the
> following?
>
> $ cat /home/meunier/bin/foo
> #!/bin/ksh
> echo "it works!"
> $ /usr/bin/which foo
> /home/meuni
https://en.wikipedia.org/wiki/Sturgeon%27s_law might also be relevant.
--
Raul
On Tue, Feb 16, 2016 at 12:29 PM, David Vasek wrote:
> On Tue, 16 Feb 2016, Alexey Suslikov wrote:
>
>> Jorge Luis gmail.com> writes:
>>
>>> Is true that the BSD developers were inspired to make their code free
>>>
Assumption is invalid. Flaws are widely documented (e.g. fixed
supply). Probably wrong list, also.
Thanks,
--
Raul
On Wed, Nov 15, 2017 at 8:46 AM, James wrote:
> While a little off topic it is security related so I hope you don't mind.
>
> This is the misc list, right?
>
> Assumption 1.
> bit
It seems that opengl is ... getting sort of lost.
Once upon a time, we had jzopengl.
I even remember trying to put together a lab covering opengl v2.0+ -
but I got stalled on dealing with version issues. Also, I remember
being urged to *not* cover opengl v1.0 in that effort. I complied, but
this
On Thu, Jan 4, 2018 at 10:49 AM, Daniel Wilkins wrote:
> From what I understand, AMD has come out and explicitly said that their
> architecture isn't and has never been vulnerable, while Intel's said that
> it affects every processor in the last 20+ years and that it's "not a big
> deal for most u
On Thu, Jan 11, 2018 at 12:16 PM, L. V. Lammert wrote:
> On Thu, 11 Jan 2018, STeve Andre' wrote:
>
>> Don't bother. Wiping the disk twice is enough. If you are storing state
>> secrets melt the disk.
>>
> An anvil big hammer also works well and gives some exercise in the
> process.
Might be
On Thu, Jan 18, 2018 at 12:31 AM, Theo de Raadt wrote:
> Sometimes it is almost like there is a stream of people who want us
> to stop trying.
>
> And quit. Some of you can see it, right?
yes. :(
Worse, i am concerned that i might have been contributing to that
effect - not intentionally, but
On Fri, Mar 30, 2018 at 9:58 AM, 3 wrote:
> perhaps my poor english prevented you from understanding the question
perhaps
> my initial approach does work. u are have comments about route-to?
If people do not understand the words you use to represent the ideas
you were thinking, does that matter
On Fri, Mar 30, 2018 at 10:35 AM, 3 wrote:
> i showed my idea on the example of pf's config- this language should
> be familiar to you
...
> no more effective ways. the variant with pfctl is a kolhoz-style(ugly
> and ineffective), it requires a lot of work to convert data into
> netflow format
Yo
On Sun, Feb 21, 2021 at 1:38 PM Stuart Henderson wrote:
> I don't honestly think it's worth going to the trouble of disabling.
> Look at the other software you run which isn't enabled in OpenBSD by
> default - that's where your attack surface is ;)
Also look at your hardware, and look at the docu
OpenBSD is a volunteer organization.
If you want to volunteer to host an ipv6 mirror, I think the licensing
already allows that.
Please correct me if I'm wrong.
Thanks,
--
Raul
On Mon, Oct 23, 2023 at 2:00 AM Armin Jenewein wrote:
>
> No idea what you perceive here as a "rant", my apologies
On Wed, Oct 25, 2023 at 8:16 PM Justin Yates Fletcher
wrote:
> On Wed, 2023-10-25 at 21:12 +0200, Mike Fischer wrote:
> >
> > > Am 25.10.2023 um 17:57 schrieb Theo de Raadt :
> > > Mike Fischer wrote:
> > > > > Am 25.10.2023 um 17:29 schrieb Theo de Raadt
> > > We changed a lot of kernel scheduli
If you want to track which executable was running which pid at a
specific time, you need to put that information in a log, so you can
associate pid and time with the executable path.
--
Raul
On Tue, Mar 5, 2024 at 10:26 AM ofthecentury wrote:
>
> Well, that's not very noice. Where is security?
(1) Wrong mailing lists - these are not linux mailing lists.
(2) ... (I am not going to go over the legal mistakes you've made,
because of (1))...
(3) Anyways, ... people do make mistakes... But, please stop making
these mistakes.
Thanks,
--
Raul
On Mon, Dec 24, 2018 at 10:55 AM wrote:
>
> B
Perhaps worth noting that a lot of this gcc quirkiness (and, via peer
pressure, clang quirkiness) was spawned in response to overly brittle
copyright laws and enforcement. (The expiration times have been
extended excessively to satisfy the likes of Disney, and the
enforcement seems to necessarily b
If someone is using your ssh key and you do not want that to happen,
please replace your keys.
Thanks,
--
Raul
On Wed, Apr 3, 2019 at 2:58 PM Cord wrote:
>
> Hi,
> I have some heavy suspect that my openbsd box was been hacked for the second
> time in few weeks. The first time was been some we
On Wed, May 15, 2019 at 3:05 PM James Huddle wrote:
> What I am trying to do (thank you Troy Martin), is work through
> the standard answers and missteps toward a more secure OS,
> starting with OpenBSD and a flashlight. It is my humble opinion
> that the optimal number of users for (say) a lapto
This looks like violent agreement. (It's perhaps worth noting that if
you change the first word here from "No" to "Yes" that the idea being
expressed does not change.)
Thanks,
--
Raul
On Thu, May 23, 2019 at 1:35 PM Patrick Harper wrote:
>
> No, the installation program should make setup as ea
1 - 100 of 183 matches
Mail list logo
