Jason Hellenthal jhellenthal at dataix.net writes:
...
The file should not be executable, according to its purpose.
So the lpr.c should be changed from
if ((fd = open(buf, O_RDWR|O_CREAT, 0661)) 0) {
...
http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/165533
...
Above I
On Wed, Feb 29, 2012 at 02:24:58AM -0500, Jason Hellenthal wrote:
On Tue, Feb 28, 2012 at 04:24:47PM +, Anton Shterenlikht wrote:
On Tue, Feb 28, 2012 at 03:07:43PM +, jb wrote:
Anton Shterenlikht mexas at bristol.ac.uk writes:
This was discussed in questions@ with
On Wed, Feb 29, 2012 at 08:54:20AM +, jb wrote:
0641 ? Are you sure ?
Not at all ;)
Checking negative group permissions:
70834 -rw-rx 1 root daemon 4 Feb 21 12:54:02 2012
/var/spool/output/lpd/.seq
--
;s =;
___
Jason Hellenthal jhellenthal at dataix.net writes:
On Wed, Feb 29, 2012 at 08:54:20AM +, jb wrote:
0641 ? Are you sure ?
Not at all ;)
Checking negative group permissions:
70834 -rw-rx 1 root daemon 4 Feb 21 12:54:02 2012
/var/spool/output/lpd/.seq
on 29/02/2012 00:18 Kevin Oberman said the following:
APIC is required for SMP, but works on many older, single CPU systems
and removes the massive sharing of IRQs common on non-APIC systems.
OTOH, some ThinkPads simply won't boot with APIC. My old T43
(Pentium-M) had this issue. I had to
Anton Shterenlikht mexas at bristol.ac.uk writes:
...
To the best of my knowledge the security warning started
to appear recently. For the previous 2 years or so I haven't
seen it. Now, I didn't modify the default security scripts,
nor the lpd system. The file is created with this
As of r232144, SeaMonkey (a web browser) runs rather slowly and is
constantly eating 100% CPU time. Before r232144, SeaMonkey would start
up and run faster, and when it is not in use (is idling), its CPU
usage would slowly converge to 0.
I have a P4 processor [with HT], an r232012 world, and
jb jb.1234abcd at gmail.com writes:
...
I would suggest (if you can) that you change the .seq permissions to 0664 and
watch what happens to it - the purpose is to narrow down who/what changed its
mode.
Some history. logs. and some ad hoc watch script would do it.
Take a look at notify
On Wed, 2012-02-29 at 13:21 +, jb wrote:
jb jb.1234abcd at gmail.com writes:
...
I would suggest (if you can) that you change the .seq permissions to 0664
and
watch what happens to it - the purpose is to narrow down who/what changed
its
mode.
Some history. logs. and some ad
On Tue, Feb 28, 2012 at 10:37 PM, Alexander Leidinger
alexan...@leidinger.net wrote:
Quoting ~Lst slack...@gmail.com (from Tue, 28 Feb 2012 16:38:43 +0700):
2012/2/28 Steve Wills swi...@freebsd.org:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/27/12 10:53, Łukasz Wąsikowski wrote:
2012/2/29 Łukasz Wąsikowski luk...@wasikowski.net:
W dniu 2012-02-28 22:22, Arnaud Lacombe pisze:
FLOWTABLE on 8.x crashed BGP routers (kern/144917).
no crash dump, no backtrace, no follow-up whatsoever after 1 year and
2 years, what's your points ? You could really have chosen a better PR
Ian Lepore freebsd at damnhippie.dyndns.org writes:
...
It's not a
directory or executable file in the first place, so making it executable
for everyone except the owner and group is not some sort of subtle
security trick, it's just meaningless.
...
Is it meaningless ?
Example:
# cat
On Wed, Feb 29, 2012 at 08:57:16AM +, Anton Shterenlikht wrote:
On Wed, Feb 29, 2012 at 02:24:58AM -0500, Jason Hellenthal wrote:
On Tue, Feb 28, 2012 at 04:24:47PM +, Anton Shterenlikht wrote:
On Tue, Feb 28, 2012 at 03:07:43PM +, jb wrote:
Anton Shterenlikht mexas
On Wed, 2012-02-29 at 16:18 +, jb wrote:
Ian Lepore freebsd at damnhippie.dyndns.org writes:
...
It's not a
directory or executable file in the first place, so making it executable
for everyone except the owner and group is not some sort of subtle
security trick, it's just
On Wed, Feb 29, 2012 at 04:18:45PM +, jb wrote:
Ian Lepore freebsd at damnhippie.dyndns.org writes:
...
It's not a
directory or executable file in the first place, so making it executable
for everyone except the owner and group is not some sort of subtle
security trick, it's
On Wed, 2012-02-29 at 11:41 -0500, Jason Hellenthal wrote:
On Wed, Feb 29, 2012 at 04:18:45PM +, jb wrote:
Ian Lepore freebsd at damnhippie.dyndns.org writes:
...
It's not a
directory or executable file in the first place, so making it executable
for everyone except the
Ian Lepore freebsd at damnhippie.dyndns.org writes:
...
Again, the problem here seems to be the use of 0661 in the lpr program,
not the idea of negative permissions, not the new scan for the use of
negative permissions.
This will go away after the fix below is applied.
It's just an old
On Wed, Feb 29, 2012 at 10:18:13AM -0700, Ian Lepore wrote:
On Wed, 2012-02-29 at 11:41 -0500, Jason Hellenthal wrote:
On Wed, Feb 29, 2012 at 04:18:45PM +, jb wrote:
Ian Lepore freebsd at damnhippie.dyndns.org writes:
...
It's not a
directory or executable file in
.
I tried it, on both FreeBSD routers, web systems, and database
servers; all on 8.2+. It still causes massive instability. Disabling
the sysctl, and/or removing it from the kernel solved the problems.
Routing I can believe, but I'm wondering how close attention you paid
to the workload.
On Wed, 2012-02-29 at 13:00 -0500, Jason Hellenthal wrote:
On Wed, Feb 29, 2012 at 10:18:13AM -0700, Ian Lepore wrote:
On Wed, 2012-02-29 at 11:41 -0500, Jason Hellenthal wrote:
On Wed, Feb 29, 2012 at 04:18:45PM +, jb wrote:
Ian Lepore freebsd at damnhippie.dyndns.org writes:
On Tue Feb 28 12, Chuck Burns wrote:
On 2/28/2012 4:55 PM, Ade Lovett wrote:
On 2/28/2012 14:11, Alexander Best wrote:
any chance we can have a CFLAGS.gcc and CFLAGS.clang in the future?
that would
make certain things a lot easier. dealing with gcc specific options,
such as
On Wed, Feb 29, 2012 at 1:49 AM, Andriy Gapon a...@freebsd.org wrote:
on 29/02/2012 00:18 Kevin Oberman said the following:
APIC is required for SMP, but works on many older, single CPU systems
and removes the massive sharing of IRQs common on non-APIC systems.
OTOH, some ThinkPads simply
On Feb 28, 2012, at 5:46 AM, John Baldwin wrote:
On Tuesday, February 28, 2012 1:23:11 am Scott Long wrote:
I still think that it's useful to be able to disable ACPI. Just because
ACPI works well on modern hardware doesn't mean that everything crummy from
2000-2007 suddenly disappeared
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 02/29/12 13:17, K. Macy wrote:
.
I tried it, on both FreeBSD routers, web systems, and database
servers; all on 8.2+. It still causes massive instability.
Disabling the sysctl, and/or removing it from the kernel solved
the problems.
Inviato da iPad
Il giorno 01/mar/2012, alle ore 03:01, Steve Wills swi...@freebsd.org ha
scritto:
The failure I experienced was with web servers running 8.0 behind a F5
load balancer in an HA setup. Whenever the failover happened, the web
servers would continue sending to the wrong MAC
On 24.02.2012 12:37, Alex Keda wrote:
problem, first described:
http://lists.freebsd.org/pipermail/freebsd-current/2011-December/030528.html
on last days 2011 year, all work OK, without some custom kernel
new year - old problems =)
if I rename drm.ko - all OK.
with drm.ko - I have monitor off
On Wed, Feb 29, 2012 at 11:30:04AM -0500, Jason Hellenthal wrote:
On Wed, Feb 29, 2012 at 08:57:16AM +, Anton Shterenlikht wrote:
On Wed, Feb 29, 2012 at 02:24:58AM -0500, Jason Hellenthal wrote:
On Tue, Feb 28, 2012 at 04:24:47PM +, Anton Shterenlikht wrote:
On Tue,
27 matches
Mail list logo