On Tue, Apr 25, 2017 at 10:07:37AM +, Stuart Henderson wrote:
> On 2017-04-25, Peter J. Philipp wrote:
> > Hi,
> >
> > In the past I've been examining signed binaries in the OpenBSD system.
> > I wrote some kernel code for this, but I'm stuck before it got good. In
> > particular the problem
On 2017-04-28, Peter Bill wrote:
> I found a website that provides man.openbsd.org via HTTPS:
>
> https://twitter.com/FiloSottile/status/845068942762762241
>
> https://man.filippo.io/
>
> Have a great weekend!
>
>
You can do the same yourself with relayd.
I found a website that provides man.openbsd.org via HTTPS:
https://twitter.com/FiloSottile/status/845068942762762241
https://man.filippo.io/
Have a great weekend!
Might be useful, particularly in scripting...
Behaves like losetup.
Index: sbin/mount_vnd/mount_vnd.c
===
RCS file: /cvs/src/sbin/mount_vnd/mount_vnd.c,v
retrieving revision 1.20
diff -u -p -r1.20 mount_vnd.c
--- sbin/mount_vnd/moun
On 2017-04-27, Ted Unangst wrote:
> Michael Hendricks wrote:
>> I would like to have pledge on the command line so I can restrict an ad-hoc
>> process during execution. For example:
>>
>> $ pledge "stdio" sed -e "s/foo/bar/g" output.txt
>>
>> I can't modify sed, for example, because I don't alw
In case someone finds this thread in the future, I would like to add
that I have now received a possible solution to the problem
out-of-band. The solution is to use pair(4):
The following setup works for me, although it is a bit too convoluted:
# cat /etc/hostname.pair0
up
# cat /etc/hostname.pa
> Michael Hendricks wrote:
> > I would like to have pledge on the command line so I can restrict an ad-hoc
> > process during execution. For example:
> >
> > $ pledge "stdio" sed -e "s/foo/bar/g" output.txt
> >
> > I can't modify sed, for example, because I don't always want it pledged
> > that
Michael Hendricks wrote:
> I would like to have pledge on the command line so I can restrict an ad-hoc
> process during execution. For example:
>
> $ pledge "stdio" sed -e "s/foo/bar/g" output.txt
>
> I can't modify sed, for example, because I don't always want it pledged
> that tightly. Since
That is not possible.
pledge only works on behalf of a process itself.
In the simplest case, a call to pledge is done between the first part
of a program "initialization" and the second part of a program "main
loop".
It serves no purpose if done earlier, and as you noted execve resets
pledge, to
I would like to have pledge on the command line so I can restrict an ad-hoc
process during execution. For example:
$ pledge "stdio" sed -e "s/foo/bar/g" output.txt
I can't modify sed, for example, because I don't always want it pledged
that tightly. Since execve removes pledges, I can't see a w
Hi there,
I was playing arround wit relayd just to get a feeling for it. So I
started with relaying a ssh connection to a machine behind my gateway.
But it seems there is some kind of config value I miss because after
like 8 minutes the open ssh connection gets suddenly closed. Running
rela
@Ted :
Good to know, thanks for details.
@Theo :
I am not the OP of the torrent topic. The topic was from thuban. I have no need
for a torrent but had only this ideas / doubts about it.
Am 27. April 2017 18:43:29 MESZ schrieb Theo de Raadt :
>> Christoph R. Murauer wrote:
>> > True but let m
I think the bootloader is seeing more RAM than is actually there. Regions
0-15 are contiguous, except for a 256kB hole at 640kB, and total 2.25GB
(2304MB) memory. Not sure about regions 16 & 17, but they're tiny
(~13MB). Region 18 is exactly 510GB, so we have 2.25 + 510 = 512.25 GB, or
256MB mor
Great work !
Bryan Adams - Summer of 69 - Parody
Long Life to Puffy
Cheers
> Christoph R. Murauer wrote:
> > True but let me be a littlebit paranoid. Would it not be possible to create
> > a new .fs / .iso with new keys in /etc/signify/* and new SHA256 / .sig
> > files to place bad content and distribute it using a torrent ? I came
> > across this idea as I readed long
Christoph R. Murauer wrote:
> True but let me be a littlebit paranoid. Would it not be possible to create a
> new .fs / .iso with new keys in /etc/signify/* and new SHA256 / .sig files to
> place bad content and distribute it using a torrent ? I came across this idea
> as I readed long time ago
True but let me be a littlebit paranoid. Would it not be possible to create a
new .fs / .iso with new keys in /etc/signify/* and new SHA256 / .sig files to
place bad content and distribute it using a torrent ? I came across this idea
as I readed long time ago some ideas how goverments could dist
> yes, but unlike those distros the openbsd installers aren't measured in
> gigabytes.
>
Of course, the point doesn't apply to miniroot* but to installxx.xx.
It doesn't remove the problem of long download for some and servers
bandwidth possible issue.
Using miniroot* still requires to download f
Christoph R. Murauer wrote:
> Let's say, you provide a torrent for the .fs and .iso files. Who trusts a
> SHA256.sig file from an unofficial torrent ?
The whole point of signing the SHA256 is you don't have to trust the person
who gives it to you.
Let's say, you provide a torrent for the .fs and .iso files. Who trusts a
SHA256.sig file from an unofficial torrent ?
If you look at the errata page, you see, that you have to patch the system to
keep it up to date and, there are no official updates of the .fs and .iso files
after a patch. Ev
On Thu, Apr 27, 2017 at 11:28:33AM -0300, Friedrich Locke wrote:
> Hi folks,
>
> i wonder if there is an obsd 6.1 cd set to order ?
> If not, when will it be released ?
>
> Thanks.
>
Related: https://marc.info/?l=openbsd-misc&m=149232307018311&w=2
Hi folks,
i wonder if there is an obsd 6.1 cd set to order ?
If not, when will it be released ?
Thanks.
- On Apr 27, 2017, at 2:07 PM, Nicolas Schmidt
schmi...@mathematik.hu-berlin.de wrote:
> Many distros sport torrents: NetBSD, Debian, and Ubuntu to name some.
> Rationale
> behind this is simple: torrents download with ridiculous speed if they are
> popular enough.
To be fair, popular downl
yes, but unlike those distros the openbsd installers aren't measured in
gigabytes.
The site mentioned by OP (http://openbsd.somedomain.net) is up to date,
and has the torrents mentioned.
it just seems, nobody cares.
On 2017 Apr 27 (Thu) at 15:07:38 +0200 (+0200), Nicolas Schmidt wrote:
:Many d
ISO is burned down to the CD you buy.
To install you really just need to PXE.
> 27 apr. 2017 kl. 13:55 skrev Thuban :
>
> Hello,
> I was wondering if there is any particular reason explaining why there
> is no torrent file to retrieve OpenBSD *.fs and *.iso.
>
> I've been looking on the list
Many distros sport torrents: NetBSD, Debian, and Ubuntu to name some. Rationale
behind this is simple: torrents download with ridiculous speed if they are
popular enough.
Best,
Nicolas
> Am 27.04.2017 um 14:36 schrieb Markus Rosjat :
>
> Hi,
>
> I think it's kinda pointless to have a torrent
On 2017-04-26, Predrag Punosevac wrote:
> Adam Thompson wrote:
>
>> I stand by my statement that just buying a cheap SSL cert will, for
>> anything other than the simple case of an online, directly-connected,
>> webserver, be cheaper than the labour required to obtain a LetsEncrypt
>> certificat
On 2017-04-26, Reyk Floeter wrote:
> On Wed, Apr 26, 2017 at 11:15:57AM -0700, Mike Larkin wrote:
>> On Wed, Apr 26, 2017 at 06:47:17PM +0200, Karl Pettersson wrote:
>> > Arch Linux works well as a vmd guest. Some notes about my experiences
>> > installing the system:
>> >
>> > * The Arch instal
Hi,
I think it's kinda pointless to have a torrent for this. You got enough
good mirrors to download from anyway. And nowadays it's not a biggy to
download a iso or so of somewhat 200mb.
and yes I'm the proud owner of some awesome puffy shirts too (if someone
is concerned about the download
On April 27, 2017 7:55:42 AM EDT, Thuban wrote:
>Hello,
>I was wondering if there is any particular reason explaining why there
>is no torrent file to retrieve OpenBSD *.fs and *.iso.
>
>I've been looking on the list and only found this site that doesn't
>seems up to date [1].
>
>If the reason is
Hello,
I was wondering if there is any particular reason explaining why there
is no torrent file to retrieve OpenBSD *.fs and *.iso.
I've been looking on the list and only found this site that doesn't
seems up to date [1].
If the reason is a lack of human ressources, I think I can handle it.
Re
Hi there,
I basically want to know if its okay to set permission on a file or
directory for a LDAP user even if there is no local user on this machine.
Hope someone understand what I mean, background is setting up a
mailserver with usermanagement over LDAP. The naive way for me would be
crea
On Thu, Apr 27, 2017 at 07:51:18AM +0200, Harald Dunkel wrote:
> Hi folks,
>
> AFAICS tinc is included in the packages for 6.1, but surely
> that doesn't mean its safe to use without looking.
>
> Are there security concerns against running tinc on an OpenBSD
> gateway as an alternative to IPsec a
On 27. Apr 7:51:18, Harald Dunkel wrote:
> Hi folks,
>
> AFAICS tinc is included in the packages for 6.1, but surely
> that doesn't mean its safe to use without looking.
>
> Are there security concerns against running tinc on an OpenBSD
> gateway as an alternative to IPsec and openvpn in a +50 r
> Are there security concerns against running tinc on an OpenBSD
> gateway as an alternative to IPsec and openvpn in a +50 road
> warriors setup? What is your impression of this tool in daily
> usage? Which VPN solution would you prefer?
I'm using tinc 1.1pre14 (not the port) with hostname.if in t
35 matches
Mail list logo
