On Fri, Jan 12, 2007 at 03:32:08PM +0200, Gilboa Davara wrote:
> I know that I can bind an application to certain CPU set (in this case
> core0,1) using taskset.
> How can I make sure the same process only (as far as possible) allocates
> memory from the CPU0 memory bank?
numactl(8)
==
On Thu, Feb 15, 2007 at 04:06:42PM +0200, Shachar Shemesh wrote:
> > BTW, certain operations (atomic operations/counters/etc) -require- asm
> > code.
> >
> In an age where GCC, probably the least optimizing compiler among all
> popular compilers, is able to unroll loops and submit them, in para
On Sat, Dec 08, 2007 at 11:50:17PM +0200, Shachar Shemesh wrote:
> In the parent I do:
>
>pid_t ret=waitpid(first_child, &status, 0);
>
>ptrace( PTRACE_DETACH, ret );
>
>ret=waitpid(first_child, &status, 0);
>
>
> Instead of DETACH I already tried PTRACE_CONT and PTRACE_SYSCALL.
>
On Sun, Dec 09, 2007 at 07:59:59AM +0200, Shachar Shemesh wrote:
> >You are leaving out the last two arguments of ptrace() in the parent,
> The man page says I'm allowed to do so in case the other arguments are
> not used.
But they are.
> > so
> >they take garbage values, causing an unknown sig
On Fri, May 02, 2008 at 03:13:13PM +0300, Shachar Shemesh wrote:
> Hi all,
>
> I'm having some strange time with /proc//mem. The manual page says:
> > /proc/[number]/mem
> > This file can be used to access the pages of a process's
> >memory through open(2), read(2), and lseek(
On Sun, Feb 27, 2005 at 12:05:21PM +0200, Jonathan Ben Avraham wrote:
> >The average NIS58/hour + socials (which translates to NIS 81 total with
> >socials factored in) is very low, also. Ouch. Poor samins.
> >
> >:-) I beg you to reconsider... Well... I know, I know. I saw worse,
> >actually, bu
I want to create a detailed salary database, allowing people to see
what others like themselves are earning. If you've ever looked for a
job or even wanted to know where your current terms stand compared to
the rest of the market, I'm sure you needed something like this.
The usual salary surveys
(This is the last message about this topic, thanks for your patience.)
Last week I wrote:
I want to create a detailed salary database, allowing people to see
what others like themselves are earning. If you've ever looked for a
job or even wanted to know where your curren
> here's the situation:
> i have a file, and i want to open it only when no other process is
> writing to it. but i don't have control over the possibly writing
> process, so i can't do advisory or mandatory locking.
> basically, i want to treat a file received by scp only after the
> download is
On Wed, Jul 12, 2006 at 12:23:44PM +0300, Ehud Karni wrote:
> > Last time I checked, "$" in regexp meant "match end of line". '$Id'
> > would mean, if I understand this correctly, an "Id" coming AFTER the end
> > of the line (an impossible combination, I know, but still). If I want
> > grep to und
On Tue, Sep 05, 2006 at 11:58:39AM +0300, Erez D wrote:
> i did listen on both sides,
>
> if i use send, or write (from the server) i get :
> write: Transport endpoint is not connected
> if i use sendto, i get:
> sendto: Cannot assign requested address
If you want to use send() or write(), yo
On Sat, Sep 23, 2006 at 07:18:38PM +0300, guy keren wrote:
> > foo / # chroot /chroot /bin/bash
> > bash-3.1# ./bar
> > foo / # ls
> > bin boot chroot dev etc home lib lost+found mnt opt proc root
> > sbin
> > sys tmp usr var
> > foo / #
>
> your program is flawed, and you didn'
> > If you
> > simply write in the documentation "don't use that member", intellegient
> > programmers won't use it. And unintellegient programmers will make stupid
> > mistakes no matter how you try to protect them.
>
> For example, one of the OSes I use defines jmp_buf as:
>
> struct __jmp_bu
> > [EMAIL PROTECTED] wrote:
> >
> > > I've heard that there is something called the IGLU cabal, which controls
> > > IGLU, and makes all decisions. Who is on that cabal?
> >
> > The people on the cabal include myself, me, moi, men'ya, and min.
>
> Marc,, stop harassing the poor fool. There is n
> > On Mon, 24 Jul 2000, Ury Segal wrote:
> > > char * sprintf( s, format, va_list);
>
> Oh. Yet another ANSI incompatibility from Sun Microsystems? You
> should probably forgive these guys. They were born before ANSI C
> and before POSIX. Modern BSD systems return int, as expected.
This beh
> To tell you the truth, I was counting on you, choo, specifically, when
> posting the message ;-). This solved the problem indeed. I did not invent
> passing a NULL pointer to pthread_create() - I lifted it from UNP as
> well. Apparently the thread library became less permissive since then.
No,
In <[EMAIL PROTECTED]>, Isaac Aaron <[EMAIL PROTECTED]> writes:
> Does anybody know a shell command that allows me to run something in the
> background immediately?
Use nohup if you're using a Bourne shell (sh) descendant.
Just use `&' if you're using a C shell (csh) descendant.
For this purpo
In <[EMAIL PROTECTED]>, Ariel Biener
<[EMAIL PROTECTED]> writes:
> > > Does anybody know a shell command that allows me to run something in the
> > > background immediately?
> >
> > Use nohup if you're using a Bourne shell (sh) descendant.
> >
> > Just use `&' if you're using a C shell (csh) d
In <[EMAIL PROTECTED]>, Ariel Biener
<[EMAIL PROTECTED]> writes:
> Most things you run in the backround (like ftp, irc, and such) install
> their own handlers.
``Oh, really?''
% find /usr/src/usr.bin/ftp/ | xargs grep SIGHUP
%
And as for IRC, it EXITS on a SIGHUP.
In <[EMAIL PROTECTED]>, Ariel Biener
<[EMAIL PROTECTED]> writes:
> Second, ftp WILL exit when it loses the control terminal. Try it, from
> bash or tcsh.
I explained this behavior previously.
When the terminal goes away, the program will start getting
errors on write()s to the
In <[EMAIL PROTECTED]>, Ariel Biener
<[EMAIL PROTECTED]> writes:
> I was referring to something else completely, and thus this
> misunderstanding.
>
> To better explain.
>
> If you try backgrounding a process why it waits for input:
>
> host:~> ftp host
> ftp> ^Z
> Suspended
> host:~> bg
> [1
Gaal Yahas wrote:
> Join the Useless Use of cat Crazies! Rewrite that as
>
> awk -F: '($3 > 100) {print $1}' < /etc/passwd > /etc/allusers
>
> (note field #2 is the password)
>
> Err. Waitaminute!!! I'm supposed be advocating Perl:
>
> perl -lne '/^(.*?):.*?:(\d+)/&&$2>100&&pr
Nadav Har'El wrote:
> A system administrator told me today that he was required by Israeli
> law to use only the DES encryption option of ssh (the weakest ssh encryption,
> which is by default not compiled in because it's so weak), and that other
> encryptions supported by ssh (idea, 3des, etc.)
Alex Shnitman wrote:
> I'm setting up IP filters on a firewall, and I need to add rules that
> allow NFS mounting to pass through (don't worry, not from outside,
> between two parts of the network here). What ports do I need to open?
You usually can't tell.
> I inherited the firewall setup from
Ariel Biener wrote:
> It just occured to me that one could run a script immediately after the
> portmapper and the rpc services are up to create a dynamic firewalls
> ruleset.
[...]
> Now, assuming you have a static ruleset
> > we are looing for information about auditing in linux esepcially the
> > following topics:
> > audit deamon
> > audit file structure
>
> there is no audit daemon in linux (or in unix systems in general) in the
> full sense of the word - however, there is 'syslogd' - the system logger
> daem
Gal Goldschmidt wrote:
> I am not here to start an Holy war, but what so good about Solaris7?
> I just had to configure 7.2 and compered to RH6 it sucks.
> Just to configure the network I had to do unconfigure system
> and then reboot.
Then you don't know what you are doing.
> Then somehow it d
"Stanislav Malyshev a.k.a Frodo" wrote:
>
> s>> As it seems to me now, I will either have to start learning the
> s>> PPP source, or get myself another router.
>
> Router would be not bad :) If you can't or won't, you will have to make
> some PPP - or fool pppd into thinking that you have serial
Valentin Ossman wrote:
> > Obviously, you can't just replace the point to point link the PPP
> > implementation thinks it is using with a multi-point link and have it
> > just work. RFC 2516 is an informational RFC published by UUNET and
> > other companies involved with a similar setup to the o
Isaac Aaron wrote:
>
> Do you have any opinion on how good it works?
> Can I rely on it's functionality for something like a backup agent?
I won't comment on the binary compatibility issues, but be VERY careful
if you intend to use a Solaris backup application under Linux.
Many backup programs
Yaron Zabary wrote:
> I've been using FreeBSD for a couple of years now. IMO, its strong
> points (compared to Linux) are:
>
> . Its networking code is better.
This seems to be an argument flogged about greatly, but it REALLY depends
on what you mean by ``better''.
Performance wise, I don't
"Stanislav Malyshev a.k.a Frodo" wrote:
> YZ>> I've been using FreeBSD for a couple of years now. IMO, its strong
> YZ>> points (compared to Linux) are:
>
> I'm a bit surprised how many myphologized is a mind of an average
> advocate. What you say is "standard 'Linux sucks' advocate kit". As m
In <[EMAIL PROTECTED]>, Vadim Vygonets <[EMAIL PROTECTED]> writes:
> > Well, ITYM "non-compliant". In fact, just yesterday I've read an article
> > that says BSD is better because in Linux you have just Alan and Linus in
> > full control of code, while in BSD it's full team.
>
> In most BSD sys
In <[EMAIL PROTECTED]>, Itamar Shtull-Trauring <[EMAIL PROTECTED]> writes:
> I heard a talk by Ted T'so in New York, where he talked a bit about XFS. He
> said that XFS is extremely integrated with Irix's VM system, so that adding
> it to Linux using the existing codebase may require major chang
> The problem is that they are several teen agrees that will probably give away
> their passwords and very soon i will have the whole hacker world in my server.
>
> Since i must give them telnet (ssh actually) access and i can't restrict the
> servers witch the ssh will be from (they are using d
Or Sagi wrote:
> > So if you don't trust your internal users - DON'T give them accounts. Going
> > from regular user to root is trivial and only a matter of time (even if
> > you're superadmin).
>
> *every* computer connected to the net, or with users on it can be
> compromised.
That's misleadi
In <[EMAIL PROTECTED]>, Or Sagi
<[EMAIL PROTECTED]> writes:
> > ``Adequately protected'', in this case, refers to allowing a very specific
> > (and minimal) set of services to be reachable from the network. Because of
> > their small numbers, they can be inspected and secured.
>
> They can be
In <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Alexander L. Belikoff)
writes:
> So?! Just make all SUID binaries mode 4750 belonging to some
> designated group (suid) and make only _trusted_ users members of that
> group. Of course, the untrusted guys will have problems changing
> passwords / runnin
In <[EMAIL PROTECTED]>, guy keren
<[EMAIL PROTECTED]> writes:
> On 26 Sep 1999, Adam Morrison wrote:
>
> > The point being, again, that you probably can't rewrite you entire
> > system securely. But you can implement and verify a few select
> >
> > To give an example, you don't need to know a lot to run OpenBSD. But
> > the security people at OpenBSD do know what they're doing. (Notethat
> > I'm NOT saying that OpenBSD is 100% secure.)
>
> then in your own words, openBSD is insecure (i.e. anything less then 100%
> is insecure)?
See
Alex Shnitman wrote:
> I don't know how exactly his configuration works, but FWIW if you're
> using shadow passwords from a Solaris server, a user cannot ypcat
> passwd.adjunct, only root can. And if you're going to authenticate
> users from a central service on the network, be it NIS or anything
> Just like MAPS RBL and MAPS ORBS.
ORBS is not related to MAPS.
> You just choose which level of spam
> protection you want on your mail server. For low risk you can do none
> or just MAPS RBL, if you want more protection you can use ORBS, and if
> you're really d
> > I wonder what is the figure for Linux if I would take into account the Xwindows
>interface and/or various libraries that meant to hide it. And what about the various
>window managers ?
>
> This figure is misleading anyway. Pure Unix has 5 system calls - open(),
> read(), write(), close() a
> > Actually, it's more of a philosophical question; the MAPS RBL only
> > lists IP addresses which are associated with `hard' network abusers,
> > e.g. bulk friendly ISPs, etc. So sites choosing to block traffic (or
> > SMTP) from IP addresses listed on the RBL know fairly well that they
> > wo
> > that isn't what always happens. Theoretically, users of the DUL accept
> > the fact that they won't receive email from dynamic IP addresses. But,
> > as we've just seen, not all dynamic IP users are spammers. I think the
> > DUL is an inferior solution. Who says dynamic IP email is bad?
> > In spam-fighter lingo, a ``bulk friendly ISP'' is an ISP willing to
> > tolerate its users sending unsolicited bulk email, which is one of the
> > more common definitions for spam. (Although not all spam fighters
> > agree on that definition.)
>
> What about solicited bulk email? A customer
Nadav Har'El wrote:
> > > hours in the mail queue waiting to be sent. Anyway, when you send email
> > > directly from your dynamic IP, and the remote server does not answer, what
> > > do you do? You shouldn't give up, because the server may be temporarily
> >..
> >
> > The solution is to queue t
This, of course, shows that xerox.com is blocking email
from addresses in the DUL.
The cause for confusion here is that YOUR machine seemed
to believe that it was mail.netvision.net.il, and thus the
bounce you received was from [EMAIL PROTECTED]
To wit, notice the headers from your message whi
> The MIME-attached message was posted to the Linux-IL mailing
> list, which I happen to be the owner of. I would like to point
> out that Unsolicited Commercial E-mail (also known as SPAM) is
> not appreciated on the mailing list, whether it's about making
> money fast or 15th century historic c
> > This ``spam'' was sent to the mailing list on Sun, 21 Nov 199
> > 16:20:37. An apology explaining that the message was sent here
> > by mistake followed 1:06 minutes later.
>
> Yes. Apology is not enough.
The point was that the vast majority of spam is not followed immediately
by an apolo
Ely Levy wrote:
>
> [EMAIL PROTECTED] - the dangers of ftp conversions on misconfigured systems/ftpd
>(specifically wu-ftpd)
>
[useless advisory deleted.]
Is this really necessary?
People interested in this should subscribe to bugtraq, or whatever.
===
> I'm almost sure and dont' kill me if I'm wrong that ssh works above the
> telnet protocol and not replacing it..
Uh, it works ``above the telnet protocol'' in as much as FTP, SMTP, or
HTTP work ``above the telnet protocol''.
> maybe one day ssh would replace telnetd but meanwhile for comptibi
> Part of linux is its security believe it or not,
> almost everything we talk about I can find you some other mailing list
> that talk about it
> if it's about hardisk Ip masquarting ssh and even hebrew in linux has its
> own mailing list.
> You might want to read all those security news groups
> > yea I think that if there is new software annocemnt or new linux kernel
> > realsed and it's related to the topic we talk about at the time it could
> > be forwarded
> >
>
> My god. If that's true, then let me out of this list. FAST!
No need to get off the list, just plonk him into your kill
> True. It's a bug. KDE fires up licq automatically so I have never
> noticed this bug. Now how do we fix it (without checking for a process
> named 'licq' or anything like that. How do you make sure a fifo has
> someone on the other end?)
OPEN(2) Linux Programmer's Manual
> i tend to agree with ely about one thing here - there was a thread
> discussing vulnerabilities in wuftpd, and he simply forwarded something
> that relevant to that specific thread. this by itself adds some value to
> the discussion. perhaps as a compromise, next time, ely, simply send a
> refer
> I completely agree with you.
> There is no justification for using telnet nowadays.
> If you need debugging protocols by typing into ports, use
> netcat.Sometimes
> telnet, with all its handshaking, will even take you back into
> problemland. Netcat
> is clean.
Um, that's not
> 1) They named the new version of their operating system Solaris 2, and
>retroactively named SunOS: Solaris 1;
]...]
> By the way: Sun noticed that the confusion that arose from step #1 was
> not enough, and that some managers in the install base world still
> thought they
> Interesting issue IMO. I'd like to pursue this a bit further...
>
> You all mentioned that I 'must' publish the source code if I use a GPL
> source code in my app. How hard must I work to publish this code? Is it
> enough to:
> 1. Write 'if you want the source code e-mail me' in the installat
> What I heard (and please note, this was from a programmer, not a
> lawyer)
Just a note: I don't think that anyone's being a lawyer or not is
relevant. AFAIK -- and I'd love to hear otherwise -- the GPL has not
been tested in court. Thus, there are no REAL precedents on what can
or cannot
> This exploit for the latest Bind holes (hope you
> all upgraded to P5 already) promises to break chroot().
> As I know, chroot shouldn't be returnable from by anyone.
> In many cases chroot is treated as a major security feature
> (think of linuxconf demo site, when they run their demo
> linuxc
> Let's say I want to know who (what process) accesses my .plan file. Or I
> want to know every time some process accesses my /etc/passwd. Every time
> a file, any file on my system, is accessed, I want to be notified. In
> what way can I accomplish this under linux?
[...]
> The
Sigh. I tried to make two basic points, both of which were apparently missed
by most of the people who replied.
"Stanislav Malyshev a.k.a Frodo" <[EMAIL PROTECTED]>:
> AM>> What most of you are missing in your zealotness is that the discussed
> AM>> service is based on reparse points, a new te
> OE>> storage of just one instance is something else. If you just symlink
> OE>> some files to a single file, and the owner of that file deletes it,
> OE>> you're screwed. What this thingy does is take care of all of that (again,
>
> Hardlink?
What most of you are missing in your zealotness is
> Another thing, If i have IP class 192.168.XXX.XXX no one can access to it
> from outside, right ?
> Isn't it secure by itself ? No one can access my workstations (or private
> servers) unless he is on the same network with the same ip class, right ?
If you have a network that is not connected
> Don't hold your breath; Contrary to kernel-based solutions (mainly
> Solar's Linux Kernel Patch from Openwall Project -
> http://www.openwall.com/linux/ ), this one deals only with some
> specific functions (e.g. strcpy) so it is not a general solution
> against buffer-overflows.
In fact, it is
"Stanislav Malyshev a.k.a Frodo" wrote:
> What I don't like in OpenBSD is when someone discovers security hole they
> pop up and say "we've fixed it yet back in 1997". So why didn't you share
> it? Just to keep the claim of "most secure OS" or just because they don't
> care?
Because they fixed s
> AM>> Because they fixed so MANY holes, it isn't practical.
>
> What isn't practical, sending CC of CVS diff fixing the hole to
> maintainer of the tool? Or to bugtrack? Or publishing it on some page?
If you seriously think that, then you don't have a clue as to the
extent of the work the Open
> Jonathan, don't read between the lines, he just wants to move the users,
> homedirs and such, not passwords.
Here's a big ``reading between the lines'' type of suggestion: if this
is for dialup users using CHAP, their passwords may be the same as their
CHAP secret and thus available in plain t
> I just read Bezroukov guy article about Linus being bad boy
> http://www.softpanorama.org/People/Torvalds/Linus_Torvalds_biography.shtml
>
> And the sad thing is what he predicts becomes reality.
> As of 23-Feb-1999 Alan Cox is FreeBSD committer for VM.
Um, it's not the same Alan Cox.
==
Gaal Yahas writes:
> > That's what I was saying - there is a way to detect promiscous interfaces
> > (read: sniffers) on the network (if it's Linux which is sniffing).
> > Something to do with ARP queries and the way Linux handles these queries,
> > IIRC. The rest had escaped my memory - use arc
[EMAIL PROTECTED] writes:
> > There are some techniques for identifying a machine that has its
> > interface is promiscuous mode (i.e. is running a sniffer).
> > Specifically, since a machine in promiscuous mode is essentially
> > processing every packet on its segment, its response times will
>
Oh, joy! Part of your message slipped by me. Apologies for polluting the
list.
> > There are some techniques for identifying a machine that has its
> > interface is promiscuous mode (i.e. is running a sniffer).
> > Specifically, since a machine in promiscuous mode is essentially
> > process
"Peter L. Peres" wrote:
> >MYVARIABLE=`telnet some.host.name 1234 | grep "the interesting line" | ..`
>
> With current bash/telnet this does not work as expected. Telnet chokes if
> its stdin is not a tty. I had to do things like `yes|telnet somewhere|...`.
http://pobox.com/~djb/software/ptyge
Orr Dunkelman writes:
> Oded, I strongly recommend on using other function the the given crypt
> function. In unix there are two crypt functions - one uses ENIGMA, the
> german rotor machine used in the second world war, the second uses a
> variant of Date Encryption Standard (DES).
There's a co
Ariel Biener wrote:
> Which will result in the script fo fail if $PARAM is undefined.
>
> Vadim's suggestion wasn't just a matter of semantics.
>
> --Ariel
> > Vadim Vygonets <[EMAIL PROTECTED]> writes:
> >
> > > > [ "$PARAM" != "SOMETHING" ] || {
> > > > ;}
> > > I think that it's better to do
Ariel Biener wrote:
> To all the helpfull people:
I don't care to participate in religious wars, which is basically what this
thread is about. But factual mistakes need to be corrected.
> I believe that when you create shell scripts, they'd better be generic,
> unless there is a special reason
77 matches
Mail list logo
