Displaying 7 results from an estimated 7 matches for "sysctl_int".
2003 May 24
1
ipfirewall(4)) cannot be changed
root@vigilante /root cuaa1# man init |tail -n 130 |head -n 5
3 Network secure mode - same as highly secure mode, plus IP packet
filter rules (see ipfw(8) and ipfirewall(4)) cannot be changed and
dummynet(4) configuration cannot be adjusted.
root@vigilante /root cuaa1# sysctl -a |grep secure
kern.securelevel: 3
root@vigilante /root cuaa1# ipfw show
00100 0 0 allow
2003 Apr 11
14
PATCH: Forcible delaying of UFS (soft)updates
...p->b_dev->si_drv1;
int s;
+ stratcalls++;
if (adp->device->flags & ATA_D_DETACHING) {
bp->b_error = ENXIO;
bp->b_flags |= B_ERROR;
--- /usr/src/sys.org/kern/vfs_subr.c Sun Oct 13 18:19:12 2002
+++ kern/vfs_subr.c Sat Apr 12 01:56:16 2003
@@ -116,6 +116,10 @@ SYSCTL_INT(_vfs, OID_AUTO, reassignbufme
static int nameileafonly = 0;
SYSCTL_INT(_vfs, OID_AUTO, nameileafonly, CTLFLAG_RW, &nameileafonly, 0, "");
+int stratcalls = 0;
+int sync_extdelay = 0;
+SYSCTL_INT(_vfs, OID_AUTO, sync_extdelay, CTLFLAG_RW, &sync_extdelay, 0, "");
+
#i...
2004 Nov 21
1
mac_portacl and automatic port allocation
Hello,
I really like the idea behind mac_portacl but I find it difficult to use
it because of one issue. When an unprivileged program binds to high
automatic port with a call to bind(2) and port number set to 0 the
system chooses the port to bind to itself. This mechanismus is used by
number of programs, most commonly by ftp clients in active mode.
Unfortunately this 0 is checked by the
2004 Apr 20
1
[patch] Raw sockets in jails
...SNIP SNIP ------------------------
--- sys/kern/kern_jail.c.bak Mon Apr 19 16:55:40 2004
+++ sys/kern/kern_jail.c Mon Apr 19 17:56:03 2004
@@ -53,6 +53,11 @@
&jail_sysvipc_allowed, 0,
"Processes in jail can use System V IPC primitives");
+int jail_allow_raw_sockets = 0;
+SYSCTL_INT(_security_jail, OID_AUTO, allow_raw_sockets, CTLFLAG_RW,
+ &jail_allow_raw_sockets, 0,
+ "Prison root can create raw sockets");
+
/* allprison, lastprid, and prisoncount are protected by allprison_mtx. */
struct prisonlist allprison;
struct mtx allprison_mtx;
--- sys/netinet/...
2014 May 14
3
[CFT] ASLR, PIE, and segvguard on 11-current and 10-stable
Hey All,
[NOTE: crossposting between freebsd-current@, freebsd-security@, and
freebsd-stable at . Please forgive me if crossposting is frowned upon.]
Address Space Layout Randomization, or ASLR for short, is an exploit
mitigation technology. It helps secure applications against low-level
exploits. A popular secure implementation is known as PaX ASLR, which is
a third-party patch for Linux. Our
2014 May 14
3
[CFT] ASLR, PIE, and segvguard on 11-current and 10-stable
Hey All,
[NOTE: crossposting between freebsd-current@, freebsd-security@, and
freebsd-stable at . Please forgive me if crossposting is frowned upon.]
Address Space Layout Randomization, or ASLR for short, is an exploit
mitigation technology. It helps secure applications against low-level
exploits. A popular secure implementation is known as PaX ASLR, which is
a third-party patch for Linux. Our
2006 Nov 17
1
gjournal on 6.x wont build
Hi all,
I was intending on trying out gjournal on a new disk i've added in my
desktop. I had a look to see what the most recent patch provided by
Pawel and found
http://people.freebsd.org/~pjd/patches/gjournal6_20061024.patch
I created the directories as per Pawel's original post
(http://lists.freebsd.org/pipermail/freebsd-fs/2006-June/001962.html)
and the patch succeeded with no failed