Ïðèâåò, Ëàðèñèê!!!
Ïèøåò òåáå Âèêà!
Òû ïðåäñòàâëÿåøü, òâîåãî àäðåñà íåò â ñïèñêå àæ çà ìåñÿö!
ïðèøëîñü èç àäðåñíîé êíèãè âçÿòü, íî è îíà êàêàÿ-òî êîñÿ÷íàÿ ó ìåíÿ
ïîñëåäíåå âðåìÿ!
Ò.å. ìû ñ òîáîé öåëûé ìåñÿö íå ïåðåïèñûâàëèñü!
ß òóò íàøëà îäèí ñàéò, ïîñâÿù¸ííûé îïåðå è áàëåòó,
íî òàì åñòü òàêîî
* Bill Moran <[EMAIL PROTECTED]> [010331 09:28] wrote:
> Rick Bradley wrote:
> >
> > * Bill Moran ([EMAIL PROTECTED]) [010331 10:48]:
> > [...]
> > > Does anyone have a pointer to more detailed information on the potential
> > > security hole in access()? I've got a bit more research to do on thi
Bill Moran wrote:
| Mike Smith wrote:
| > This is actually an interesting case.
|
| I have some interesting clients. The reality of the matter is that their
| filesystem organization on the server is terrible. This could all be
| solved with a properly reorganized directory hierarchy - and that
Robert Watson wrote:
| On Sun, 1 Apr 2001, Greg Black wrote:
|
| > There is only one reason to use access() and that's to discover if a
| > file is accessible. Because of the race condition and the fact that
| > access() tells lies to setuid and setgid programs, it is both dangerous
| > and use
On Saturday, 31 March 2001 at 11:15:37 -0800, Jeremiah Gowdy wrote:
> Cc: [EMAIL PROTECTED], [EMAIL PROTECTED]
There's no need to copy the spammer. Did the message bounce, BTW?
> Received: from localhost (localhost [127.0.0.1])
> by hub.freebsd.org (Postfix) with SMTP
> id 8EA6A2E8167; Sat, 3
In local.freebsd.hackers you write:
>:02pm ghast /home/jamie %netscape
>ld.so failed: Can't find shared library "libXt.so.6.0"
>4:02pm ghast /home/jamie %runas ldconfig -r | grep libXt.so
>77:-lXt.6 => /usr/X11R6/lib/libXt.so.6
>I'm curious, is there something special about netsape th
On Sun, 1 Apr 2001, Greg Black wrote:
> There is only one reason to use access() and that's to discover if a
> file is accessible. Because of the race condition and the fact that
> access() tells lies to setuid and setgid programs, it is both dangerous
> and useless unless used with such care t
Mike Smith wrote:
> This is actually an interesting case.
I have some interesting clients. The reality of the matter is that their
filesystem organization on the server is terrible. This could all be
solved with a properly reorganized directory hierarchy - and that was my
first suggestion when th
> so in your oppinion it would be more preferable to either
> a) attempt the dlopen(3) on each entry in the path, and give the value of dlerror(3)
>to stderr for each one
> or
> b) attempt the dlopen(3) on each entry in the path and not give any error
>information because most items would
> Sorry ... didn't think anyone was interested, and it's off topic, but
> here it is in a nutshell:
>
> The client I'm working with is moving from a Novell server to a FreeBSD
> server using Samba. They're very unhappy with Samba's behaviour in only
> 1 respect: on the Novell server, files/direct
On Sat, Mar 31, 2001 at 01:44:25PM -0800, Mike Smith wrote:
> > in a project I'm currently working on I use the access(2) call when
> > going through a path for plugins to load. For each : delim on the path
> > it does an access(2) to see if there is a file there, and then it
> > uses dlopen(3) t
Greg Black wrote:
>
> Bill Moran wrote:
>
> | Thanks for the additional explanation. It has done a number of things
> | for me, one of which is convince me that (for my application) the use of
> | access() is not a security problem.
>
> You're almost certainly wrong in that conclusion; and even
> in a project I'm currently working on I use the access(2) call when
> going through a path for plugins to load. For each : delim on the path
> it does an access(2) to see if there is a file there, and then it
> uses dlopen(3) to open the file as a share object, and responds
> appropriatly to an
in a project I'm currently working on I use the access(2) call when
going through a path for plugins to load. For each : delim on the path
it does an access(2) to see if there is a file there, and then it
uses dlopen(3) to open the file as a share object, and responds
appropriatly to any errors i
Amen!
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
wrt- Dennis <[EMAIL PROTECTED]>- he doesn't think much of people here, and is
abusive. Let's just move on and let him go find other folks to pick fights
with.
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
Bill Moran wrote:
| Thanks for the additional explanation. It has done a number of things
| for me, one of which is convince me that (for my application) the use of
| access() is not a security problem.
You're almost certainly wrong in that conclusion; and even if
you're not wrong now there'll c
:02pm ghast /home/jamie %netscape
ld.so failed: Can't find shared library "libXt.so.6.0"
4:02pm ghast /home/jamie %runas ldconfig -r | grep libXt.so
77:-lXt.6 => /usr/X11R6/lib/libXt.so.6
I'm curious, is there something special about netsape that I should know?
This is FreeBSD 4.2-R an
Hi,
the packet scheduler is invoked by dummynet at every packet arrival
and then at multiple of 1/HZ intervals. If you use the default
kernel setting, HZ=100 so you have most times rounded to multiples
of 10ms. I have been running my kernels with HZ=1000 for the past
4-5 years so the resolution is
[trying to move this off -hackers]
If memory serves me right, Dennis wrote:
> At 02:18 PM 03/31/2001, David O'Brien wrote:
> >On Fri, Mar 30, 2001 at 08:49:55PM +0100, Koster, K.J. wrote:
> > > Its not a "proprietary tree". I dont have time to clean it up
> > > and submit patches.
> >
> >But you
At 02:18 PM 03/31/2001, David O'Brien wrote:
>On Fri, Mar 30, 2001 at 08:49:55PM +0100, Koster, K.J. wrote:
> > Its not a "proprietary tree". I dont have time to clean it up
> > and submit patches.
>
>But you do seem to have time to keep arguing with people???
>I'm sure you'll have time to bitch a
Thanks for the additional explanation. It has done a number of things
for me, one of which is convince me that (for my application) the use of
access() is not a security problem.
I'm going to put together a suggestion for the doc team on this. I think
it can probably be explained a little better i
Hackers,
Here's my question. I have the following FW rules:
ipfw add 5 divert natd tcp from any to any via ep1
ipfw add 6 divert 4422 tcp from any to any 3322 in
ipfw add 65000 allow ip from any to any
The first rule is for natd which performs the standard sort of network
addres
On Fri, Mar 30, 2001 at 08:49:55PM +0100, Koster, K.J. wrote:
> Its not a "proprietary tree". I dont have time to clean it up
> and submit patches.
But you do seem to have time to keep arguing with people???
I'm sure you'll have time to bitch again if 4.4 doesn't meet your needs
because you didn
Received: from localhost (localhost [127.0.0.1])
by hub.freebsd.org (Postfix) with SMTP
id 8EA6A2E8167; Sat, 31 Mar 2001 11:06:12 -0800 (PST)
(envelope-from owner-freebsd-hackers)
Weird.
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the mess
- Original Message -
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Saturday, March 31, 2001 11:06 AM
Subject: A message to [EMAIL PROTECTED]
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
>Are you bored and want some excitement?
>Las Vegas Has Just Sh
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Are you bored and want some excitement?
Las Vegas Has Just Showed Up In Your Neigbourhood!
In fact, you wont even have to leave your computer!
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Queensclub Online Casino
At 06:38 PM 03/30/2001, [EMAIL PROTECTED] wrote:
>Dennis writes:
>.
> > My competitors probably sell twice as many boards as I do and I'll bet
> that
> > I make more profit than they do. Selling more is not necessarily good.
> > Selling more can be very bad. WHO you sell to and HOW MUCH they
In message <[EMAIL PROTECTED]> David Malone writes:
: Don't you need fstat to do this? (In which case you may as well just
: open the file and fstat it anyway).
There are times when you are traversing the tree that you need to stat
before and after you open.
Warner
To Unsubscribe: send mail to
At 06:38 PM 03/30/2001, [EMAIL PROTECTED] wrote:
>Dennis writes:
>.
> > My competitors probably sell twice as many boards as I do and I'll bet
> that
> > I make more profit than they do. Selling more is not necessarily good.
> > Selling more can be very bad. WHO you sell to and HOW MUCH they
On Sat, Mar 31, 2001 at 11:18:09AM -0700, Warner Losh wrote:
> In message <[EMAIL PROTECTED]> Paul
>Herman writes:
> : Shouldn't the stat(2) manpage then also carry the same warning that
> : access(2) has (apparently dating back to 4.4BSD-Lite)? ...or maybe
> : even a suggestion to use fstat(2)
In message <[EMAIL PROTECTED]> Paul
Herman writes:
: Shouldn't the stat(2) manpage then also carry the same warning that
: access(2) has (apparently dating back to 4.4BSD-Lite)? ...or maybe
: even a suggestion to use fstat(2) instead...
No. stat can be used safely. In fact, it can even be use
On Sat, 31 Mar 2001, Paul Herman wrote:
> On Sat, 31 Mar 2001, Warner Losh wrote:
>
> > In message <[EMAIL PROTECTED]> Bill Moran writes:
> > : I'm a little confused here, if access() is such a serious security
> > : problem that it should _never_ be used, do we now have a major problem
> > : wi
I need some help. when i download midi music from the internet i can t play
it on my yamaha keyboard what do i need to convert it to the right format. bob
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
On Sat, 31 Mar 2001, Warner Losh wrote:
> In message <[EMAIL PROTECTED]> Bill Moran writes:
> : I'm a little confused here, if access() is such a serious security
> : problem that it should _never_ be used, do we now have a major problem
> : with a large amount of software in the base system?
>
>
In message <[EMAIL PROTECTED]> Rick Bradley writes:
: If the program is running with more privileges than the user this
: is a truck-sized hole (or at least SUV-sized).
Wouldn't that be SUSV2-sized hole?
Warner
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in
Rick Bradley wrote:
>
> * Bill Moran ([EMAIL PROTECTED]) [010331 10:48]:
> [...]
> > Does anyone have a pointer to more detailed information on the potential
> > security hole in access()? I've got a bit more research to do on this,
> > but I'd appreciate any pointers to speed me along.
>
> I'd
In message <[EMAIL PROTECTED]> Bill Moran writes:
: I'm a little confused here, if access() is such a serious security
: problem that it should _never_ be used, do we now have a major problem
: with a large amount of software in the base system?
Access(2) can be raced. If you say access("fred")
* Bill Moran ([EMAIL PROTECTED]) [010331 10:48]:
[...]
> Does anyone have a pointer to more detailed information on the potential
> security hole in access()? I've got a bit more research to do on this,
> but I'd appreciate any pointers to speed me along.
I'd say they docs are referring to the po
I'm working on a quick little programming project for a client and ran
across this in the man page for access(2)
"Access() is a potential security hole and should never be used."
Obviously, I could use stat() instead, but use of access() will make
this project so simple it's not even funny.
Since
* Chris Ptacek <[EMAIL PROTECTED]> [010330 14:24] wrote:
> Thanks, I figured this problem out this afternoon (now on to the others :)
> Turns out that the "library" code I was using was using user level memcpy.
>
>- Chris
>
> BTW: I am currently having a problem that if I load, unload, and t
Hello,
I did some measurements using Dummynet. It was just to see how
it works. Tests are made with 0,7MBit stream (each 429Bytes Packets),
5,10,15,25,50 and 75 MBit.
I tried a delay of 10ms for the testing connection.
The tests were done with a Smartbits6000 with the capability to
record the d
42 matches
Mail list logo