Hopefully everyone will notice who use warwick but I guess their mirror
is not syncing at all anymore as it is STILL missing the meltdown patch.
https://anorien.csc.warwick.ac.uk/pub/OpenBSD/syspatch/6.2/amd64/
On Mon, 19 Mar 2018 18:59:45 +0300
> I have Sendmail + Majordomo setup which works for seven years
> excellent. Now I'm trying to update that setup to OpenSMTP with
> keeping Majordomo functionality for mail list management.
>
> What do "the best" software to work with OpenSMTP? Any suggestions
On Tue, 20 Mar 2018 10:38:43 +
> The OpenSMTPd mailing lists are mlmmj powered.
>
> http://www.OpenSMTPd.Org/list.html
I expect it is a good candidate for pledging too with it's individual
processes. I made a recent mental todo note on doing that, next time I
upgrade.
Figured this may be of interest to some.
https://blogs.technet.microsoft.com/srd/2018/03/23/kva-shadow-mitigating-meltdown-on-windows/
It seems there may be a speed issue of some kind. A past thread
mentions raw devices being fast but doesn't ntfs-3g use raw access.
ntfs-3g is the slowest then msdos gets around 2200 Kilobytes/s.
The same msdos stick gets 12000 Kilobytes/s on Win 10.
FFS is faster. Strange to me that usb hdd hav
>but the flashes run brutally slow using FFS. USB 2 flash run just fine.
hmm. I am seeing slow writing on usb2. Perhaps it is exacerbated on usb3?
On Wed, 28 Mar 2018 11:29:50 +0200
> Everything can be improved, it's a matter of dedication ;) But make
> sure you don't compare oranges to apples.
Thanks for the insight. I shall bear this complexity in mind when
pondering further.
On Tue, 10 Apr 2018 10:50:27 +0200
> There is a similar experience for someone with Virtualbox 5.2.8?
Hasn't Virtualbox always sucked. When I used Linux as one of my
workstation desktops many moons ago. Vmware ran OpenBSD fast, nicely and
easily.
Any of KVM/Xen/Vmware/Hyper-V are more accurate
On Tue, 10 Apr 2018 11:09:33 +0200
> Hi!
>
> I'm using Virtualbox for years with OpenBSD guest without any serious
> issue. But of course maybe it's a Virtualbox bug.
OK, good luck but bear in mind that Virtualbox once thought it was a
good idea to try to patch the running kernel.
https://marc
tmux new-session -d -s cgdb
tmux select-window -t cgdb
tmux select-pane -t cgdb:.0
# -h here seems to do vertical!?
tmux split-window -h -d -t cgdb
The last line of this appears to split vertically, while -v does
horizontal. Does that represent intended behaviour?
On 10/29/20 4:00 PM, Pierre Emeriaud wrote:
>>> Is there a reason why wg needs such a large bind?
>> I don't know why wg does that, because I haven't looked at the code.
>> Your configuration is definately pushing the limits.
> Allright many thanks Theo. Maybe Jason can chime in on this topic.
I b
On 10/29/20 5:20 PM, Kevin Chadwick wrote:
> I believe it actually operates at layer 2/3 below IP and uses the default gw
> IP
> to decide where to operate for a peer to peer link.
I'm not actually sure how that makes any sense as it uses UDP which is layer 4.
But this says l
When I run the following commands, the elansyssftp group isn't populated. Yet
using a differently named group seems to work. I seem to have been able to do
so, on two different systems.
useradd -m -s /sbin/nologin -p `cat /etc/ssh/ssh_host_ed25519_key.pub |
/usr/bin/encrypt -b a` admin
groupadd el
> For example, does 'admin' exist in /etc/passwd? What does "grep elansyssftp
> /etc/group" return?
I had played a little. So it shows /bin/ksh and test user etc.
/etc/passwd
admin:*:1018:1018::/home/admin:/bin/ksh
/etc/group
admin:*:1019:
elansyssftp:*:1018:test
Sorry, I think that I must h
On 1/19/21 10:59 AM, Kevin Chadwick wrote:
> Sorry, I think that I must have ran groupadd first which brought users and
> groups IDs, out of sync.
Ok, after failing to reproduce it this morning;
With admin safely jumping to 1020,
I worked it out.
groupadd elansys
useradd admin
userdel
I can live without exec promises. However I believe I have stumbled across an
issue on 6.8 and current.
When I try to exec /bin/sh where promises is a string of all possible promises
from the man page and the second parameter is exec promises.
unix.Pledge(promises, "")
I get
sh[97964]: pledge "s
On 1/21/21 2:18 PM, Stuart Henderson wrote:
> Run your code under ktrace and see what is actually passed to pledge(),
> that might give some clues.
>
>
840 beep CALL pledge(0xcf4000,0xcae384)
840 beep STRU promise="stdio rpath wpath cpath dpath tmppath inet mcast
fattr c
On 1/21/21 2:54 PM, Theo de Raadt wrote:
>>> Run your code under ktrace and see what is actually passed to pledge(),
>>> that might give some clues.
>>>
>>>
>>840 beep CALL pledge(0xcf4000,0xcae384)
>>840 beep STRU promise="stdio rpath wpath cpath dpath tmppath inet
>> mc
On 1/21/21 2:58 PM, Kevin Chadwick wrote:
>>>840 beep CALL pledge(0xcf4000,0xcae384)
>>>840 beep STRU promise="stdio rpath wpath cpath dpath tmppath inet
>>> mcast fattr chown flock unix d\
>>> ns getpw sendfd recvfd tape
On 1/21/21 3:06 PM, Theo de Raadt wrote:
>> This is just testing with the most permissable settings.
> That statement is wrong. The most permissable setting is to not use
> pledge, and use full POSIX.
>
True, perhaps that explains it. I should have done more testing and not assumed
it might be a
If rather than setuid, a root process calls
setgroups(1000)
setresgid(1000, 1000, 1000)
setresuid(1000, 1000, 1000)
Is there anything to worry about in regard to the caveat in execve(2)?
"If a program is setuid to a non-superuser, but is executed when the real uid is
"root", then the process has
On 2/15/21 2:14 PM, Ed Ahlsen-Girard wrote:
> I am confident that I can speak for for ... a non-zero number of
> people who use sysupgrade the way it says to on the box and would miss
> it if it went away.
+1
Even though it is a little surprising that some people don't realise how easy it
is
>
>
> There is just small ACK packets left. I wonder what is solution for
> small packets in OpenBSD
Checkout set prio in pf.conf...TCP ACKs with no data payload
On 7/6/21 12:27 PM, Valdrin MUJA wrote:
> Hi Folks,
>
> I want to add a small password protection mechanism to
> "boot -s" (single-user mode).
>
> Therefore, I'm working on /sys/stand/boot/boot.c, I've written
> some code in boot.c, and run "make", "make obj", "make install"
> in /sys/. However
On July 20, 2021 10:35:55 AM UTC, Kevin Chadwick wrote:
>On Mon, 19 Jul 2021, 12:47 Christian Weisgerber,
>wrote:
>
>> Look guys, it's simple.
>>
>> If you want IPv6 (SLAAC) autoconfiguration, you set "inet6 autoconf"
>> for that interface.
I'm not sure if this is a pipe dream but atleast I imagine the filesystem API
and /proc avoidance is likely possible.
"https://github.com/AppImage/AppImageKit/issues/98";
While searching for 'OpenBSD "bad package" CONTENTS' I somehow came
across this and got sucked in when I shouldn't have.
OpenBSD: Not Free Not Fuctional and Definetly Not Secure | BSD, the
truth
http://aboutthebsds{dot}wordpress{dot}com
Well I had a go at educating the author of this thread but
On Sat, 10 Aug 2013 17:51:43 +0100
Kaya Saman wrote:
> I
> think it's much harder to learn since the documentation is more 'sparse'
> and also much more limited in certain areas kernel PPP daemon for
> example :-) - it took me a while to figure out how to get PPPoE working.
Well I agree
> In my experience, now that video is out of the way, the thing to look
> out most for is getting a well supported built-in wireless card.
> That's starting to become difficult when buying new laptops because
> most drivers are lacking support for newer hardware variants.
Perhaps someone knows of
> When I want to shut down, I use on/off switch. No permissions needed.
I am evaluating parts for improving my OpenBSD desktops but
xfce4-session is not part of it so I haven't chimed in yet as I thought
others may do a better job.
However on Linux such as my TV's I always have a console user aut
> Personally, I'm an long time fvwm user. My partner wouldn't know where to
> start nor care to learn how to use that. Which is why I need to install a DE.
> Years ago I did use KDE3 and liked it but changed because I did not like KDE4.
Don't forget especially with xfce you can take just parts o
> Under X, KMS performance should be faster on a lot of
> hardware. The whole point of KMS is to bring modern, better
> supported drivers to OpenBSD (and get rid of the crappy X
> security model).
I hope that's true but I think the most important point is that it is
slower because it is so much s
> Hi Otto,
>
> yeah thats planned with new hardware but this is a kinda urgent
> situation so if its possible I need to do the upgrade on this OpenBSd
> version
Personally I'd still advocate getting a disk ready on 5.4/3 testing and
swapping the disk as it is not much different and will be quic
> > Oke,
> > What is then the best way to proceed ?
>
> Buy an ATI or Intel gfx card.
I assume you meant a system with an intel gfx chip and most use laptops
these days but this raised a thought with me.
What would be a cheap but decent enough, KMS supported VGA and or PCIEX
card model?
--
> Why? With a group of others, I started setting up an Internet
> Exchange in Calgary, and this has taken much time because it is highly
> politicized and has encountered some resistance.
So has your internet access (ISP) improved too since a while back or
just locally and what resistance did you
> Food for thought for everyone, but like I said, he doesn't care and
> won't think about it.
As I say I am far more concerned about 'modern' incompetent ISP's.
Uncaring ISPs or ISP's that can only care about profit (and so
advertising) or they are out of business and tasking them (perhaps to
the
previously on this list Stefan Sperling contributed:
>
> 5.4 will be out on Friday and I don't see why you shouldn't at least
> give it a try.
As already mentioned you can use mtier with 5.4 Release but if a
package you require isn't on mtier and needs updating then you can
either build the pack
previously on this list Stuart Henderson contributed:
> > its a joke
> >
> > "Strangest of all was the ability of infected machines to transmit small
> > amounts of network data with other infected machines even when their power
> > cords and Ethernet cables were unplugged and their Wi-Fi and
On 1/7/19 9:47 AM, Mihai Popescu wrote:
> Hello,
>
> Each first time i start chromium after reboot, i get this error:
> libGL error: failed to open drm device: No such file or directory
> libGL error: failed to load driver: r600
>
Your user(s) needs access to atleast /dev/drm0, if you want bette
On 4/4/19 10:57 AM, Cord wrote:
> Hi, my english seems very bad because my problem is not to make secure the
> ssh key. My problem is how do not be hacked.
> I have talked about the ssh key stealing to show signs that my pc was been
> compromised.
> I can for sure make secure my ssh key but how t
On 4/27/19 8:23 AM, Otto Moerbeek wrote:
> Additionally, in many cases using a symlink has unclear effects, since
> it is hard to determine if the first malloc call (malloc inits itself
> on first use) happens before of after the chroot call. I would argue
> that in many cases people were thinking
On 4/25/19 9:27 PM, Christian Weisgerber wrote:
> ... and this has now been supplanted by /usr/sbin/sysupgrade.
How difficult would it be to have a sysupgrade flag to make the upgrade newfs
/usr, to save having to rm the files shown in upgrade.html. (I guess it should
work for all users with sane
On 5/24/19 8:30 PM, Jean-Francois Simon wrote:
> Hi,
>
> Out of interest, I'd like to let you know a specific use of OpenBSD with PF,
> in
> virtualbox, 2 virtual network card Bridged to physical NIC, and building up a
> subnet with NAT and hence running Packet Filter as the machine's firewall.
>
It seems delve which is suggested by golang.org due to optimised binary support
expects a Linux /proc and Linux threads (FreeBSD delve github issue tracker). So
I guess without delve then building unoptimised binaries would be required which
is possibly to be expected when debugging. I'm not sure t
On 5/31/19 5:28 PM, Ted Unangst wrote:
> Kevin Chadwick wrote:
>> Does anyone debug golang on OpenBSD and can advise on llvm/gcc or provide any
>> other insight?
>
> I just use log.
>
Yep, not missing a trick then and apparently the old recommendation, Thanks all.
>FFS isn't a journaling filesystem so any 'wear', even on primitive
>flash storage, won't be enough to worry about.
I disagree, depending on a few variables. If you can't get a better device then
be prepared to replace the storage or count writes and create new files,
keeping the old. KARL and
Whilst getting current packages from the leaseweb mirror. I kept getting a stall
followed by poll:hangup with 6.5 openrsync -v -a --delete
Eventually all the packages download as it gets further each time.
I tried building the latest openrsync from the current src tree still on 6.5 but
I get the
> Even after many tries, I have not yet been able to corrupt the
> filesystem so fsck cannot repair it without manual intervention.
Another less severe corner fail case I have found is that on a couple of buggy
386 laptops (that will be replaced soon anyway) with temperamental over temp
shutdown
>Agree this is likely the problem, unfortunately in PHP-land sometimes
>you can't avoid it. For platforms such as Drupal (just to pick an
>example I am familiar with) some of the modules will run shell commands
>to do things such as send email.
>
>Allan
The php mail() function runs /bin/sh sendm
You can also use the femail-chroot package and build ksh with env CC="cc
-static" to get a sh binary that can go in /var/www/bin and even add a more
restrictive pledge to ksh if you like.
>> In the near future, webbrowsers will start to mark the non-https pages
"red".
I don't agree that https everywhere is a good thing for technical and
social reasons (making insecure sites look secure and pandering to
them/avoiding their discovery). I sense I may get even more irritated with
the b
In case it is of any help to anyone. I tried 11n on a ar9271 a few weeks
ago and also an ar2133. Both would give athn0: device timeouts but the usb
ar9271 needed a ifconfig down up to recover whereas the card recovered by
itself. Using 11g made them far less likely and whilst I have hardly used
the
On 23 Mar 2017 12:30 am, "Stefan Sperling" wrote:
On Wed, Mar 22, 2017 at 02:42:19PM +0000, Kevin Chadwick wrote:
> In case it is of any help to anyone. I tried 11n on a ar9271 a few weeks
> ago and also an ar2133. Both would give athn0: device timeouts but the usb
> ar927
On 8 Apr 2017 6:56 pm, "Kevin Chadwick" wrote:
On 8 Apr 2017 3:44 pm, "Jordon" wrote:
> On Apr 8, 2017, at 3:38 AM, Stefan Sperling wrote:
>
> On Fri, Apr 07, 2017 at 05:06:22PM -0500, Jordon wrote:
>> My new wifi adapter finally arrived today (AR9271) so
On Fri, 21 Apr 2017 22:39:39 +1000
wrote:
> Thanks for the start points, Christian and Philip.
> I would have never thought about those use cases.
> I'll definitely look into this further.
I rewrote some code for key generation for particular memory
handling/protection reasons and it certainly p
On Fri, 21 Apr 2017 16:02:20 + (UTC)
Stuart Henderson wrote:
> >
> > Email is not instant messaging.
> >
> > Customers need educated to that fact.
>
> How do you educate them to that when they send to their gmail account
> and it shows up on their phone within seconds?
>
> Sometimes there
On Fri, 21 Apr 2017 09:21:48 -0700
Kurt H Maier wrote:
> Greylisting is a hack, an abuse of a side-effect. Most such
> approaches have deleterious side effects. This particular side
> effect is why I don't like greylisting in general, even though it's
> fairly effective.
Do you answer your pho
On Fri, 21 Apr 2017 13:51:36 -0700
Kurt H Maier wrote:
> What I don't do it set an outgoing voicemail greeting informing
> correspondents that my time is more valuable than theirs, and if they
> want to contact me I have a list of hoops through which they must
> jump.
>
> That would make me an a
On Sun, 16 Nov 2014 11:45:46 -0500
trondd wrote:
> I installed xombrero, but my snapshot is old and I need to update. No
> issues so far. Maybe it's specific sites?
There are definately bugs beyond memory leaks in webkit and libs and a
simple hunch tells me the webkit devs are more interested i
On Thu, 04 Dec 2014 08:35:11 +1300
worik wrote:
> > For ones that lack MMU or floating-point, Linux is it.
> >
> > Other ones that have MMU and FP can run OpenBSD, although significant
> > porting effort is required. And they have 8MB to 16MB flash, which means
> > you are running a ramdisk kerne
On Wed, 03 Dec 2014 22:53:22 +0100
Alexander Hall wrote:
> >> If you want strong, short passwords that look ridiculous:
> >>
> >> dd if=/dev/random bs=1 count=9 | b64encode password
> >>
> >
> >And then try to remember that mess, or type it, especially into
> >a smartphone. Gaak! 8-O
>
> base
Just a heads up really. I had companieshouse.gov.uk tell us that
xombrero was vulnerable to poodle and not allow us to continue our
submission, though they let us fill half of it out. The poodle checking
websites also say it is vulnerable but I believe if I remember rightly
from the webkit list tha
On Sat, 21 Feb 2015 12:22:34 + (UTC)
Stuart Henderson wrote:
> (exception being if I want to save packages that match a snapshot I've
> installed on a number of systems).
I do that for offline systems. For online systems where I know which
packages I want then I use PKG_CACHE and check all pa
On Sun, 1 Mar 2015 13:52:37 -0500
Jonathan Thornburg wrote:
> > That deprecation is not going to happen. Keep using what you are
> > using now.
>
> I grok that (the current implementation of) vnd crypto is weak. What's
> the current migration/fixing/transition plan for this? (I can't find an
> > And, just for the records, I bet that 99% of use of lynx is just sysadmin
> > stuff on CLI systems
The reason I install lynx from ports is simpy because it opens the
packages directory in seconds rather than 10s of seconds compared to
even xombrero which is quicker that firefox or chrome.
H
On Fri, 6 Mar 2015 19:13:13 +
Peter Fraser wrote:
> At the moment I intend to use nginx, because of the SSI problem.
You can use pound for ssi ssl and httpd behind it if you want to?
On Sat, 14 Mar 2015 19:39:01 -0300
Hugo Osvaldo Barrera wrote:
> Oh, I hadn't checked that for SNI. I'll have to wait then; multiple IPv4
> addresses are expensive, and CAs will charge for wildcard certs. :(
>
> Is SNI on the roadmap already?
pound proxy does SNI and works well on port 443 in fr
On Sat, 7 Mar 2015 14:33:20 + (UTC)
Stuart Henderson wrote:
> I just tried a handful of online banking sites in the qualys checker.
> Only *one* of the ones I tried (nice job triodos) supports PFS at all.
Cool, we opened an account with triodos last week too.
I always knew SSL allows DOS amp
On Sat, 21 Mar 2015 14:14:22 -0700
luke...@onemodel.org wrote:
> Thanks to all who've commented: this has been educational & useful.
Systrace is also an option but the policy writing could be a little
work, the regex support is certainly helpful there.
systrace -A is very helpful
then edit files
So I could renice the processes cron runs but decided to renice the
whole of cron instead/as well.
I therefore added a renice line to rc.local but rc.local runs before
cron. What is the best way to do this... add a line to edit the daemon
line in /etc/rc.d/cron as needed on startup?
Or did I see
On Sun, 22 Mar 2015 14:18:41 -0400
Ted Unangst wrote:
> Kevin Chadwick wrote:
> > So I could renice the processes cron runs but decided to renice the
> > whole of cron instead/as well.
> >
> > I therefore added a renice line to rc.local but rc.local runs before
> &
On Wed, 25 Mar 2015 12:40:11 -0500
Theodore Wynnychenko wrote:
> I took the server.key and server.crt files to an older machine (actually, the
> one I am trying to replace) that is running 4.9 (I
> think) and apache.
Why not see if you can get it working with pound from packages/ports
(very quic
On Wed, 25 Mar 2015 18:02:30 +0100
Alex Naumov wrote:
> I just want to ask about snmpd(8). As I can see, snmpd don't create
> pid file in /var/run directory.
> Is it correct?
> How to reboot this daemon? There is just sock-file.
It is more reliable to look up the PID from the list of processes
wh
On Thu, 26 Mar 2015 08:30:23 +0100
mxb wrote:
> >
> > Thank you for the suggestion. I was not aware of "pound."
>
> I’d rather go for relayd. Which is out of the box. No need to install “yet
> another port and make sure it is up2date”.
httpd is based on relayd code which would reduce the scop
On Fri, 27 Mar 2015 00:56:31 -0500
Theodore Wynnychenko wrote:
> If there is anything else to try, please let me know.
>> Running current:
>> OpenBSD 5.7-current (RAMDISK_CD) #818: Wed Mar 18 18:59:52 MDT 2015
>>dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/RAMDISK_CD
A snapshot
> > > Don't do it! Seriously, the upgrade process is easy, and is worth
> > > becoming familiar with. At least give it a shot since you're
> > > planning on reinstalling anyway. I think you'll be pleasantly
> > > surprised!
> >
> > Just out of curiosity, do you think the easiest method is to use
> For instance on one mailserver I took over, I noticed that after adding
> a Spamhaus sbl-xbl check, required rDNS, and other basic stuff like
> requiring a legitimate HELO/EHLO, spam attempts dropped by perhaps a
> factor of 100. It was shocking.
>
When you required rDNS I bet false positives
> For instance on one mailserver I took over, I noticed that after adding
> a Spamhaus sbl-xbl check, required rDNS, and other basic stuff like
> requiring a legitimate HELO/EHLO, spam attempts dropped by perhaps a
> factor of 100. It was shocking.
>
Required rDNS, so false positives went up by
On Tue, 06 Nov 2012 08:18:29 +
Peter Kay wrote:
> I'm pretty certain my USB hub doesn't need to be uplinked to charge
> devices (the computer definitely does not need to be on)
It depends on your motherboard whether usb are powered when off. It
will need to be on on many computers especially
On Thu, 15 Nov 2012 07:45:40 -0300
Marcos Ariel Laufer wrote:
> I've been using OpenBSD since 2.6, this never happened to me with any
> other USB hard disks. This one in particular i bought it a couple of
> days ago.
I wonder if it freezes other OS or causes problems before even the bios
boot
> >Because they can just hack it on top of their crusty old ftp server
> >software, whereas using sftp would need much bigger changes?
>
> SSL/TLS makes everything more secure
Never more so than when HSTS is enabled and you can't access paypal
because your clock is wrong due to a dead bios
> I don't know anything about
> spectrwm (or KDE or X for that matter :)
You can have two displays in xorg.conf or one split in two on two
screens as well as some other modes. There are various benefits to each
depending on the need for dragging and fullscreen etc.. So an app can
remember the ge
> 1: I'm not sure there are no developers that would like to see this in
>base, but they could have other priorities; wanting something not
>necessarily means having (time) to do the work. The important
>difference is that you don't hear them.
I find gpg useful.
I think the main barr
> I finally got to deploying greyscanner on my mailservers,
> and did something similar: trap every recipient address
> with two or more digits in the user part (one digit could
> be a typo, say a '2' before the '@'). This catches most of it.
I forget, did you previously say whitelisting with grey
On Thu, 27 Dec 2012 18:43:44 +0100
pe...@bsdly.net (Peter N. M. Hansteen) wrote:
> As default i wanna log which packet my firewall blocked.
> >
> > So how can i
> > log all blocked packets and my firewall can be still up and
> > running?
Hopefully I will never need them but I have various pf co
On Sun, 30 Dec 2012 15:36:39 +0100
Jan Stary wrote:
> > This should not be an issue (this is also my response to Rogier).
> > Ext3 is nothing more than ext2 with extra journaling features
> > enabled,
>
> So in particular, the ext3 inode structure
> is precisely the ext2 inode structure?
I kn
> Hi,
>
> I installed Virtualbox 2.2.4 and everything is 100%.
>
You hope so but make it clear if you ever hit problems that you are not
on bare metal as bug reports have been looked at and been found to be
the fault of Virtualbox in the past with Theo commenting on their forum
that he couldn't
> Buy a refurbished ThinkPad, still better older ThinkPad
Anyone know of a good place to look for and what model the latest
thinkpad with fullscreen/without widescreen would be.
I'm guessing fullscreen and usb3 and pci express is an impossible mix
never minding throwing in running superbly on Op
> > Did you actually test that ? vi wants /var/tmp rw as well...
> >
>
> Nah, just going from memory. It's been a while. However, the same
> logic applies: Look at what partition /var is on and mount it too.
It will work just fine without /var. I believe it just puts a temporary
recovery fi
> I had to disable it as soon as I found out so the relevant logs are
> probably too far up the buffer, but I'll set up a test server ASAP and
> study the tcpdump in detail.
I forget if mobiles do more prefetching on dns and/or tcp on mobiles but
perhaps that's worth considering as a culprit.
Doe
> I am really starting to like it!
I love it too but maybe one day long after we have KMS we may get to
install it on anyones laptop and know that it is highly likely to keep
itself upto date with current packages as a desktop all by itself. Of
course you can't always do that even with debian due
> > Every firewall/router product that I have purchased has been
> > compromised so far.
>
> I don't believe this at all. Not one bit.
I could believe it but that doesn't mean that I do. 90% of the routers
on my street will be insecure and even using old sps, upnp or wep. SKY
is the worst, the
> > If I buy a car, and don't know how to operate it, and cause harm, nobody
> > would blame the manufacturer.
Never heard of a Toyota recall such as the accelerator pedal sending
cars into walls all by themselves. If cars were as bad as routers we
wouldn't need to worry about traffic atleast
I have easy to use setups of fvwm and xfce.
I recently started building xfce and I notice it pulled in polkit which
I am not a fan of for multiple reasons mainly because sudo is simply
better in every way except shipping permissions by default. Which IMO
is a plus though it could ship commented en
I was about to buy two thinkpads which are often suggested when the
OpenBSD laptop question is raised but the 93 in stock have disappeared
since saturday, aaargh.
There are still core2duos and lesser spec'd systems available which
has prompted me to ask the question I had pondered on.
Does anyone
On Wed, 6 Mar 2013 07:36:58 +0100
Matthieu Herrb wrote:
> Stay away from nVidia
> mobile chipsets and from recent AMD integated graphics.
>
> Since AMD's commercial names vs chipset names correspondance is a
> not clear to me, I don't know exactly how to check if a given AMD
> chipset is supporte
> > Log message:
> > Significantly increase the wordlist for ddb hangman,
> > and update our device independent DRM code and the Intel DRM code
> > to be mostly in sync with Linux 3.8.3. Among other things this
> > brings support for kernel modesetting and enables use of
> > the rings on gen6+ Int
> The only
> halfway sane reason I can think of not to use packages but ports
Hoping not to open commentry on the matter but so people are aware and
perhaps to avoid the next question, there are some security pluses of
using ports (checksums via ssh, landry's testing/beta firefoxes a little
earlie
On Thu, 28 Mar 2013 21:16:38 -0600
Steve Williams wrote:
> It's designed to work with sites that use "spf" records, and it
> doesn't know about ip6, not an issue in my case
>
> If you are interested in my script, feel free to contact me off list
SPF for spamd. I'd be interested if you don't min
> ports makefile are verifying downloaded (sources) file with checksum.
And you can download the ports makefiles via ssh cvs if you want
protection going forward.
--
___
'Write programs that do one thing and do it well. Write p
201 - 300 of 891 matches
Mail list logo