search for: fortification

...e tests for __USE_FORTIFY_SOURCE (which is what _FORTIFY_SOURCE controls) in the glibc headers are followed by "&& !defined __cplusplus"! It also doesn't activate at all unless you're using GCC >= 4.1 so if your GCC is older, it'll have no effect at all on speed or fortification. The only thing which seems to actually be activated for C++ is some stuff to do with "__builtin_object_size", which seems to allow checking of the size of buffers known at compile time. We don't make much use of static sized buffers, and we use snprintf where available, but it does...

On Tue, Feb 3, 2015 at 11:48 AM, Valeri Galtsev <galtsev at kicp.uchicago.edu> wrote: > >> I think the intent is: "Don't use a password likely to be included in >> the list that an attacker would try". Of course if services would >> rate-limit the failures > > Which sysadmins do for ages when they configure their machines. And I > don't think

...people access them are pretty much a commodity now. If you are spending time building something exotic for a common purpose, isn't that a waste? > Just a simple example: I have at least 3 classes of boxes configured > ultimately different and having very different level of > security/fortification. Do you seriously suggest that system vendor will > ship all three level of security configurations? Yes, 3 seems about right. > Do you seriously think > that needing quite high level of security for some box I will not go over > all settings influencing it myself? Will you not? Of c...

...things that should have been done right in the first > place? > Sounds so I almost have to feel shame for securing my boxes no matter what job vendor did ;-) Just a simple example: I have at least 3 classes of boxes configured ultimately different and having very different level of security/fortification. Do you seriously suggest that system vendor will ship all three level of security configurations? Do you seriously think that needing quite high level of security for some box I will not go over all settings influencing it myself? Will you not? We are not Windows admins, we rely on what we configu...

...urpose, isn't that a waste? Do I have to take that people who are not sysadmins themselves just hate an existence of sysadmins? > >> Just a simple example: I have at least 3 classes of boxes configured >> ultimately different and having very different level of >> security/fortification. Do you seriously suggest that system vendor will >> ship all three level of security configurations? > > Yes, 3 seems about right. > >> Do you seriously think >> that needing quite high level of security for some box I will not go >> over >> all settings infl...

...ouble starting NUT (driver victronups) version 2.2.2-67.1 (for > OpenSuSe 11.1) with follow error: > > /usr/lib/ups/driver/victronups -a match500 > Network UPS Tools - GE/IMV/Victron UPS driver 0.1.9 (2.2.2) > the driver is faulty. the difference with the version you compiled is the fortification flag... you'll have to get a debuging sessions (possibly after installing NUT' debug symbols). I'll there give the hand to Opensuse guys... cheers, Arnaud > *** stack smashing detected ***: /usr/lib/ups/driver/victronups terminated > ======= Backtrace: ========= > /lib/libc...

> On Jul 28, 2015, at 11:27, Warren Young <wyml at etr-usa.com> wrote: > > On Jul 25, 2015, at 6:22 PM, Bob Marcan wrote: >> >> 1FuckingPrettyRose >> "Sorry, you must use no fewer than 20 total characters." >> 1FuckingPrettyRoseShovedUpYourAssIfYouDon'tGiveMeAccessRightFuckingNow! >> "Sorry, you cannot use punctuation."

...ever contract the disease because it cannot spread properly through the population. > It?s more like saying the guy who left his front door unlocked all day is a threat to the neighbor?s house. That?s only true in a world where you have armed gangs running through the streets looking for free fortifications from which to attack neighboring houses. That is the analogous situation to the current botnet problem. If that were our physical security situation today, then I would be advocating fortifying our physical dwellings, too. Thankfully, that is not the case where I live. The difference appears t...

...pabilities using public-key-based forced commands. In another use case unprivileged users could write scripts that evaluate "$SSH_ORIGINAL_COMMAND" and then either execute sftp-server in a jail "$SSH_ORIGINAL_COMMAND" after "review" (e.g. matches a certain regexp) and fortification. External users would access the system in a user-defined restricted way to: upload data, trigger processing of data, download processed data. I created a patch against the debian sid distribution of OpenSSH 6.4-p1-1 "sftp-server.c" that introduces a command line option "-j" (...

...t password, what?s the point? Let them lose data, and they?ll learn. >> It?s more like saying the guy who left his front door unlocked all day is a threat to the neighbor?s house. > > That?s only true in a world where you have armed gangs running through the streets looking for free fortifications from which to attack neighboring houses. That is the analogous situation to the current botnet problem. > > If that were our physical security situation today, then I would be advocating fortifying our physical dwellings, too. > > Thankfully, that is not the case where I live. >...

...ing test tests/i915/gem_tiled_wc: skip on platforms without GGTT benchmarks/gem_latency: change gtt to device coherent mapping i915/gem_tiled_.*blits: skip the tests on newer gens i915/gem_set_tiling_vs_pwrite: disable test on gens without fences lib/igt_vec: assertion fortification saigowth (1): tests/i915/gem_exec_fence: Add __for_each_physical_engine to utilize all engines. git tag: igt-gpu-tools-1.25 https://xorg.freedesktop.org/archive/individual/app/igt-gpu-tools-1.25.tar.xz MD5: 4c148d3be97607859168ed70b15e8b2f igt-gpu-tools-1.25.tar.xz SHA1: 525a2f44b4ca2d0e...