search for: netchild

FreeBSD 4.8-STABLE #1: Sun Apr 6 09:38:34 EDT 2003 # $FreeBSD: ports/www/squid/Makefile,v 1.99 2003/03/09 10:59:07 netchild Exp $ ... checking if IP-Filter header files are installed... no WARNING: Cannot find necessary IP-Filter header files Transparent Proxy support WILL NOT be enabled ... I seem to recall that ipf doesn't install its includes per default any longer ? Perhaps that's the problem here...

Hi! I ran into a problem with programs exec:ed by print/acroread8 picking up Linux libraries and thus failed to run. This includes the print program in the print dialogue and the browser configured in edit/preferences/internet. The reason is that the acroread launch script sets LD_LIBRARY_PATH which is propagated to its childs. See this PR:

Hello, I think there was already a thread on this. I just want to raise the question again if anyone has successfully booted an gdbe-encrypted filesystem (everything encrypted except the bootloader). The passphrase is entered at the bootloader prompt or embedded in the bootloader. I appreciate any tips. Thanks, - ronnel

On Nov 4, 2006, at 8:30 AM, Wesley Shields <wxs@atarininja.org> wrote: > > On Fri, Nov 03, 2006 at 07:54:59AM -0800, Ricardo A. Reis wrote: > [...] >> In the II COLARIS - Joanna Rutkowska alert the possible >> new technology of Malware's using hardware virtualization, present >> in AMD and INTEL new processor. >> >> I've two questions ...

...but in my opinion not a goal we need to persuade today since it wouldn't buy us much. But feel free to come up with some good arguments which I haven' thought of. Bye, Alexander. -- http://www.Leidinger.net/ Alexander @ Leidinger.net: PGP ID = B0063FE7 http://www.FreeBSD.org/ netchild @ FreeBSD.org : PGP ID = 72077137 Great acts are made up of small deeds. -- Lao Tsu

...mind)? If yes, which ones and how important are they for you? Bye, Alexander. -- Cheit's Lament: If you help a friend in need, he is sure to remember you-- the next time he's in need. http://www.Leidinger.net Alexander @ Leidinger.net: PGP ID = B0063FE7 http://www.FreeBSD.org netchild @ FreeBSD.org : PGP ID = 72077137

Hi Colin! I would like to know, that these following "vulnerabilities" does affect FreeBSD's reliability? If the answer is "yes", what version of FreeBSD affected, when will be fixed, etc. http://projects.info-pull.com/moab/MOAB-12-01-2007.html http://projects.info-pull.com/moab/MOAB-10-01-2007.html Thank you! -- kobi

In my recent security email, I got the following errors: cantona.dnswatchdog.com login failures: Aug 20 02:37:19 cantona sshd[9444]: fatal: Write failed: Operation not permitted Aug 20 04:30:42 cantona sshd[16142]: fatal: Write failed: Operation not permitted Aug 20 21:21:51 cantona sshd[45716]: fatal: Write failed: Operation not permitted So three questions: What is it? Should I be worried?

Hello, I have written this tiny little patch to the jail rc.d script, which allows user to set jail nice value. It doesn't change any default behaviour. Can that make it to the trees? Patch attached. -- Jan Srzednicki :: http://wrzask.pl/ "Remember, remember, the fifth of November" -- V for Vendetta -------------- next part

Hello, I have written this tiny little patch to the jail rc.d script, which allows user to set jail nice value. It doesn't change any default behaviour. Can that make it to the trees? Patch attached. -- Jan Srzednicki :: http://wrzask.pl/ "Remember, remember, the fifth of November" -- V for Vendetta -------------- next part

> [It's just a panic] > I was so transfixed on Josh stating that the attacker could as well > just mount a filesystem with suid root binaries and how that would be > more useful than a buffer overflow in the filesystem driver. I totally > missed the fact that we were talking about two bugs where the kernel > deliberately called panic() ;). > > So in this case I'd

I have FreeBSD-6.1 and it appears the default installation has a full complement of Kerberos5. But, /usr/src/kerberos5/README states: This subtree is world-exportable, as it does not contain any cryptographic code. At the time of writing, it did not even contain source code, only Makefiles and headers. Please maintain this "exportable" status quo. Thanks!

Hello. Has anyone here ever successfully set up a jail for X apps, connecting to an external X server? I'm trying an experimental sandbox setup here. I have a jail running on an aliased IP on my local machine and X programs connect out of the jail to my local X server via an SSH tunneled TCP connection. All other packets to and from the jail are denied by the packet filter. The trouble I am

Hello, I'm was looking through handbook and wikipedia and it appears FreeBSD doesn't support hardware (nor software) nx bit. There also doesn't seem to be any support for TPM (Trusted Platform Module). I was wondering if it is due to a general lack of interest and/or personal preference (gcc?) or are there other issues. The reason I'm asking is I'm currently doing a MSc degree

Hi security@ list, In my self written, large ipfw rule set, I had something that passed http to allow me to browse most but not all remote sites. For years I assumed the few sites I had difficulty with were cases pppoed MTU != 1500, from not having installed tcpmssd on my 4.*-RELEASE, but then running 6.1-RELEASE I realised that wasn't the problem. http://www.web.de Still failed, &

http://wiki.freebsd.org/JailResourceLimits Is this anthing people are working on? Is it on its way to RELENG_7? Is there a 7-version of the patch or anything? This would be a _VERY_ useful feature. -- Peter Ankerst?l peter@pean.org

550.ipfwlimit check in /etc/periodic/security takes into account only global/default verbosity limit and does not account for a specific logging limit set for a particular rule e.g.: $ ipfw -a l | fgrep log 65000 *521* 41764 deny log logamount *1000* ip from any to any $ sysctl -n net.inet.ip.fw.verbose_limit *100* >From security run output: ipfw log limit reached: 65000 519

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-07:01.jail Security Advisory The FreeBSD Project Topic: Jail rc.d script privilege escalation Category: core Module: etc_rc.d Announced:

or "How do I know my copy of FreeBSD is the same as yours?" I have recently been meditating on the issue of validating X.509 root certificates. An obvious extension to that is validating FreeBSD itself. Under "The Cutting Edge", the handbook lists 3 methods of synchronising your personal copy of FreeBSD with the Project's copy: Anonymous CVS, CTM and CVSup. There are

Hi, I have tried to enable IPSec support for my FreeBSD( 4.11-RELEASE) system. First, I copied the generic kernel configuration file to a file I called MYKERNEL: #cp /usr/src/sys/i386/conf/GENERIC /usr/src/sys/i386/conf/MYKERNEL Then, I added the following three lines to the options section of /usr/src/sys/i386/conf/MYKERNEL: options IPSEC options IPSEC_ESP options