Re: different ways to disable https in apache...

On Sat, May 14, 2005 at 03:21:04PM -0700 I heard the voice of Jason Stone, and lo! it spake thus: > > more importantly, mod_ssl modifies the apache module api, It should be noted that one implication of this is that other modules go squirrely when the API changes. For instance, if you install th

Re: mount -u -r drops nosuid ?

On Mon, Nov 21, 2005 at 08:43:42AM -0500 I heard the voice of Lowell Gilbert, and lo! it spake thus: > > I think it is safer (less room to shoot yourself in the foot) to > have the flags be exactly the ones you specified in the remount (no > more, no less) than to have to know exactly what the sta

Re: ipfw check-state issue

On Wed, Nov 23, 2005 at 01:15:29PM -0500 I heard the voice of Lowell Gilbert, and lo! it spake thus: > > Nor do I understand those URLs in the RFC1918 rules... That, AFAIK, is gmail being "helpful". -- Matthew Fuller (MF4839) | [EMAIL PROTECTED] Systems/Network Administrator | http://ww

Re: FreeBSD Security Survey

On Tue, May 23, 2006 at 04:39:38AM +0200 I heard the voice of Clemens Renner, and lo! it spake thus: > > For example, when upgrading MySQL -- even with mysql_enable=YES in > rc.conf, portupgrade will stop the sever but not restart it. Is > there any plausible reason for this behaviour? In the inte

Re: [patch] libcrypt & friends - modular crypt format support in /etc/login.conf

On Tue, Feb 10, 2015 at 07:26:07AM -0500 I heard the voice of Derek (freebsd lists), and lo! it spake thus: > > 2. introduces a new api, crypt_makesalt which will generate an > appropriate salt for any algorithm selected It has been an endlessly-repeated source of pain to me that there isn't a s

OpenSSL library version (in ports)

Since r290207 brought OpenSSL 1.0.2 into -CURRENT, the base and ports OpenSSL libs have the same shlib version. This causes (at the least!) some rather odd confusion. Should the port be nudged up ahead like it has been in the past? -- Matthew Fuller (MF4839) | fulle...@over-yonder.net S

Re: Two Dumb Questions

Ronald F. Guilmette, and lo! it spake thus: > > Here's my point: If you really have already managed to become the > man-in-the-middle anyway, then couldn't you just dummy up any and > all responses, including those for DNS, in such a way as to make it > all appear to the victim that everything wa