From owner-freebsd-arch Sun Oct 8 2: 3:27 2000 Delivered-To: freebsd-arch@freebsd.org Received: from smtp02.iafrica.com (smtp02.iafrica.com [196.7.0.140]) by hub.freebsd.org (Postfix) with ESMTP id D242737B503; Sun, 8 Oct 2000 02:03:21 -0700 (PDT) Received: from [196.7.18.138] (helo=grimreaper.grondar.za ident=root) by smtp02.iafrica.com with esmtp (Exim 1.92 #1) id 13iCMY-000JyS-00; Sun, 8 Oct 2000 11:03:18 +0200 Received: from grimreaper.grondar.za (mark@localhost [127.0.0.1]) by grimreaper.grondar.za (8.11.1/8.11.1) with ESMTP id e9892ZK11999; Sun, 8 Oct 2000 11:02:35 +0200 (SAST) (envelope-from mark@grimreaper.grondar.za) Message-Id: <200010080902.e9892ZK11999@grimreaper.grondar.za> To: John Baldwin Cc: "David O'Brien" , arch@FreeBSD.ORG Subject: Re: moving manpages out of /sys/modules References: In-Reply-To: ; from John Baldwin "Thu, 05 Oct 2000 11:53:54 MST." Date: Sun, 08 Oct 2000 11:02:35 +0200 From: Mark Murray Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > On 03-Oct-00 David O'Brien wrote: > > I believe before someone mentioned that they'd like to move the manpages > > out of /sys/modules. Is anyone against doing this for ibcs2.8, joy.8, > > linux.8, osf1.8, svr4.8. > > Please do. And please move the shell scripts while you are at it. Most of those shell scripts are a waste of space. I see no reason for a script that simply does "kldload foo". M -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sun Oct 8 14:47:39 2000 Delivered-To: freebsd-arch@freebsd.org Received: from citusc17.usc.edu (citusc17.usc.edu [128.125.38.177]) by hub.freebsd.org (Postfix) with ESMTP id BEEDE37B502; Sun, 8 Oct 2000 14:47:33 -0700 (PDT) Received: (from kris@localhost) by citusc17.usc.edu (8.9.3/8.9.3) id OAA35704; Sun, 8 Oct 2000 14:46:22 -0700 (PDT) Date: Sun, 8 Oct 2000 14:46:22 -0700 From: Kris Kennaway To: Poul-Henning Kamp Cc: Matt Dillon , Warner Losh , Jeroen Ruigrok van der Werven , arch@freebsd.org Subject: Re: cvs commit: src/etc inetd.conf Message-ID: <20001008144622.D35605@citusc17.usc.edu> Reply-To: arch@freebsd.org References: <200010081956.e98JuJB00920@earth.backplane.com> <89920.971035843@critter> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <89920.971035843@critter>; from phk@critter.freebsd.dk on Sun, Oct 08, 2000 at 10:10:43PM +0200 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sun, Oct 08, 2000 at 10:10:43PM +0200, Poul-Henning Kamp wrote: > In message <200010081956.e98JuJB00920@earth.backplane.com>, Matt Dillon writes: > > > Do any committers have any objections to me disabling ntalk, finger, > > telnet, rsh, and ftp by default in -current? And sandboxing 'named' by > > default in -current? > > ntalk: OK > finger: OK finger: already disabled > telnet: not OK > rsh: not OK rsh: already disabled. > ftp: not OK > named: OK No objections from me on modifying the rest either - but you might as well disable inetd as well since there's nothing left :-) OTOH, perhaps enabling one of the internal auth services by default (e.g. the 'error' one) would be useful. FWIW, I expect OpenSSH to have much improved sftp support by the time 5.0 comes around - it's already in a working state, although there are probably bugs. Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sun Oct 8 15:30:49 2000 Delivered-To: freebsd-arch@freebsd.org Received: from citusc17.usc.edu (citusc17.usc.edu [128.125.38.177]) by hub.freebsd.org (Postfix) with ESMTP id 307F937B503; Sun, 8 Oct 2000 15:30:48 -0700 (PDT) Received: (from kris@localhost) by citusc17.usc.edu (8.9.3/8.9.3) id PAA35913; Sun, 8 Oct 2000 15:30:57 -0700 (PDT) Date: Sun, 8 Oct 2000 15:30:57 -0700 From: Kris Kennaway To: Matt Dillon Cc: Terry Lambert , Bruce Evans , Peter Wemm , Chuck Paterson , Alfred Perlstein , John Baldwin , arch@FreeBSD.ORG, John Polstra , Daniel Eischen , Greg Lehey Subject: Re: Mutexes and semaphores Message-ID: <20001008153057.A35887@citusc17.usc.edu> References: <200010050458.VAA07440@usr07.primenet.com> <200010050722.e957MbF33401@earth.backplane.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200010050722.e957MbF33401@earth.backplane.com>; from dillon@earth.backplane.com on Thu, Oct 05, 2000 at 12:22:37AM -0700 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, Oct 05, 2000 at 12:22:37AM -0700, Matt Dillon wrote: > Who gives a fart about getpid() ... now time() is a function that > would benefit greatly from a globally shared userland read-only page! Unfortunately it's fairly often used in benchmarks against "that penguin thing" as a "null" syscall. I've even seen one benchmark which used getpid() to claim zero scaling of syscall latency with increasing process load under Linux compared to a more physically possible linear scaling under FreeBSD. Older versions used to cache the pid in userland, I think, but they removed that when they added their kernel threads stuff. I don't know if it's treated specially in the SMP case, but it sounds like the kind of thing they would do to try and win benchmarks. Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sun Oct 8 23: 1:59 2000 Delivered-To: freebsd-arch@freebsd.org Received: from dt051n37.san.rr.com (dt051n37.san.rr.com [204.210.32.55]) by hub.freebsd.org (Postfix) with ESMTP id 48EC137B66F for ; Sun, 8 Oct 2000 23:01:58 -0700 (PDT) Received: from gorean.org (Studded@master [10.0.0.2]) by dt051n37.san.rr.com (8.9.3/8.9.3) with ESMTP id XAA70255; Sun, 8 Oct 2000 23:01:57 -0700 (PDT) (envelope-from DougB@gorean.org) Message-ID: <39E15F54.9709110A@gorean.org> Date: Sun, 08 Oct 2000 23:01:56 -0700 From: Doug Barton Organization: Triborough Bridge & Tunnel Authority X-Mailer: Mozilla 4.75 [en] (X11; U; FreeBSD 5.0-CURRENT-100 i386) X-Accept-Language: en MIME-Version: 1.0 To: arch@freebsd.org Cc: Jordan Hubbard , Matt Dillon , Warner Losh , Jeroen Ruigrok van der Werven Subject: Re: cvs commit: src/etc inetd.conf References: <521.971068411@winston.osd.bsdi.com> <39E15630.7B4A8FE6@gorean.org> <20001008223626.B39735@citusc17.usc.edu> <39E15B3C.80560313@gorean.org> <20001008225026.D39735@citusc17.usc.edu> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Kris Kennaway wrote: > I don't understand what you're saying. When a box is installed, and > rebooted for the first time, both telnetd and sshd emerge in a usable > state with no other intervention required. Right, because the host key is generated in rc.network. If that fails, no sshd. -- "The dead cannot be seduced." - Kai, "Lexx" Do YOU Yahoo!? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Mon Oct 9 9:49:53 2000 Delivered-To: freebsd-arch@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id 5345837B503; Mon, 9 Oct 2000 09:49:41 -0700 (PDT) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id MAA12998; Mon, 9 Oct 2000 12:49:40 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Mon, 9 Oct 2000 12:49:39 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: freebsd-fs@FreeBSD.org Cc: freebsd-arch@FreeBSD.org, trustedbsd-discuss@TrustedBSD.org Subject: Re: VOP_ACCESS() and new VADMIN/VATTRIB? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG (Apologies again for wide-cross posting :-). As described in my prior e-mail, I have updated my local tree to make use of a new VADMIN right for testing access control requests requiring "ownership" of a file system object to succeed. I've attached below the patches required to support this change in UFS/FFS, although I have not yet updated the other file systems. I'd like to go ahead and commit this support, as it is required for mandatory access control (centralizing the VADMIN decision means MAC policies can block VADMIN requests centrally in VOP_ACCESS() for file system that support labeling, rather than having MAC checks scattered through reems of file system code). However, I'd like to get someone (or several someone's :-) to review the code for correctness. In particular, I'm concerned about VFS locking issues: VOP_ACCESS() requires an exclusive lock on its vp argument, which is good since VOP_GETACL() and label retrieval functions will require a lock in UFS, but the requirement for a lock to test ip->i_uid directly wasn't explicit previously as part of the locking protocol. I believe I've managed to demonstrate to myself that in locations where the VADMIN VOP_ACCESS() test occurs, a lock will always be held on the pertinent vnodes, but I'd like confirmation. If it wasn't require before, the code was probably buggy anyway, but those bugs will become far more visible in a world where VOP_ACCESS() could involve a blocking call to access ACLs or label information. Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services Index: sys/sys/vnode.h =================================================================== RCS file: /home/ncvs/src/sys/sys/vnode.h,v retrieving revision 1.130 diff -u -r1.130 vnode.h --- sys/sys/vnode.h 2000/10/04 01:29:15 1.130 +++ sys/sys/vnode.h 2000/10/09 16:29:27 @@ -218,12 +218,13 @@ /* * Modes. Some values same as Ixxx entries from inode.h for now. */ -#define VSUID 04000 /* set user id on execution */ -#define VSGID 02000 /* set group id on execution */ -#define VSVTX 01000 /* save swapped text even after use */ -#define VREAD 00400 /* read, write, execute permissions */ -#define VWRITE 00200 -#define VEXEC 00100 +#define VADMIN 010000 /* permission to administer vnode */ +#define VSUID 004000 /* set user id on execution */ +#define VSGID 002000 /* set group id on execution */ +#define VSVTX 001000 /* save swapped text even after use */ +#define VREAD 000400 /* read, write, execute permissions */ +#define VWRITE 000200 +#define VEXEC 000100 /* * Token indicating no attribute value yet assigned. Index: sys/kern/vfs_subr.c =================================================================== RCS file: /home/ncvs/src/sys/kern/vfs_subr.c,v retrieving revision 1.285 diff -u -r1.285 vfs_subr.c --- sys/kern/vfs_subr.c 2000/10/06 08:04:48 1.285 +++ sys/kern/vfs_subr.c 2000/10/09 16:29:33 @@ -3050,6 +3050,7 @@ /* Check the owner. */ if (cred->cr_uid == file_uid) { + dac_granted |= VADMIN; if (file_mode & S_IXUSR) dac_granted |= VEXEC; if (file_mode & S_IRUSR) @@ -3116,6 +3117,10 @@ if ((acc_mode & VWRITE) && ((dac_granted & VWRITE) == 0) && !cap_check_xxx(cred, NULL, CAP_DAC_WRITE, PRISON_ROOT)) cap_granted |= VWRITE; + + if ((acc_mode & VADMIN) && ((dac_granted & VADMIN) == 0) && + !cap_check_xxx(cred, NULL, CAP_FOWNER, PRISON_ROOT)) + cap_granted |= VADMIN; if ((acc_mode & (cap_granted | dac_granted)) == acc_mode) { /* XXX audit: privilege used */ Index: sys/ufs/ufs/ufs_lookup.c =================================================================== RCS file: /home/ncvs/src/sys/ufs/ufs/ufs_lookup.c,v retrieving revision 1.40 diff -u -r1.40 ufs_lookup.c --- sys/ufs/ufs/ufs_lookup.c 2000/09/18 16:13:01 1.40 +++ sys/ufs/ufs/ufs_lookup.c 2000/10/09 16:29:34 @@ -476,9 +476,8 @@ * implements append-only directories. */ if ((dp->i_mode & ISVTX) && - suser_xxx(cred, p, PRISON_ROOT) && - cred->cr_uid != dp->i_uid && - VTOI(tdp)->i_uid != cred->cr_uid) { + VOP_ACCESS(vdp, VADMIN, cred, cnp->cn_proc) && + VOP_ACCESS(tdp, VADMIN, cred, cnp->cn_proc)) { vput(tdp); return (EPERM); } Index: sys/ufs/ufs/ufs_vnops.c =================================================================== RCS file: /home/ncvs/src/sys/ufs/ufs/ufs_vnops.c,v retrieving revision 1.150 diff -u -r1.150 ufs_vnops.c --- sys/ufs/ufs/ufs_vnops.c 2000/10/04 01:29:17 1.150 +++ sys/ufs/ufs/ufs_vnops.c 2000/10/09 16:29:36 @@ -411,13 +411,17 @@ if (vp->v_mount->mnt_flag & MNT_RDONLY) return (EROFS); /* - * Privileged processes in jail() are permitted to modify - * arbitrary user flags on files, but are not permitted - * to modify system flags. + * Callers may only modify the file flags on objects they + * have VADMIN rights for. */ - if (cred->cr_uid != ip->i_uid && - (error = suser_xxx(cred, p, PRISON_ROOT))) + if ((error = VOP_ACCESS(vp, VADMIN, cred, p))) return (error); + /* + * Unprivileged processes and privileged processes in + * jail() are not permitted to set system flags. + * Privileged processes not in jail() may only set system + * flags if the securelevel <= 0. + */ if (!suser_xxx(cred, NULL, 0)) { if ((ip->i_flags & (SF_NOUNLINK | SF_IMMUTABLE | SF_APPEND)) && @@ -450,7 +454,8 @@ if (vap->va_uid != (uid_t)VNOVAL || vap->va_gid != (gid_t)VNOVAL) { if (vp->v_mount->mnt_flag & MNT_RDONLY) return (EROFS); - if ((error = ufs_chown(vp, vap->va_uid, vap->va_gid, cred, p)) != 0) + if ((error = ufs_chown(vp, vap->va_uid, vap->va_gid, cred, + p)) != 0) return (error); } if (vap->va_size != VNOVAL) { @@ -480,8 +485,15 @@ return (EROFS); if ((ip->i_flags & SF_SNAPSHOT) != 0) return (EPERM); - if (cred->cr_uid != ip->i_uid && - (error = suser_xxx(cred, p, PRISON_ROOT)) && + /* + * From utimes(2): + * If times is NULL, ... The caller must be the owner of + * the file, have permission to write the file, or be the + * super-user. + * If times is non-NULL, ... The caller must be the owner of + * the file or be the super-user. + */ + if ((error = VOP_ACCESS(vp, VADMIN, cred, p)) && ((vap->va_vaflags & VA_UTIMES_NULL) == 0 || (error = VOP_ACCESS(vp, VWRITE, cred, p)))) return (error); @@ -529,11 +541,17 @@ register struct inode *ip = VTOI(vp); int error; - if (cred->cr_uid != ip->i_uid) { - error = suser_xxx(cred, p, PRISON_ROOT); - if (error) + /* + * To modify the permissions on a file, must possess VADMIN + * for that file. + */ + if ((error = VOP_ACCESS(vp, VADMIN, cred, p))) return (error); - } + /* + * Privileged processes may set the sticky bit on non-directories, + * as well as set the setgid bit on a file with a group that the + * process is not a member of. + */ if (suser_xxx(cred, NULL, PRISON_ROOT)) { if (vp->v_type != VDIR && (mode & S_ISTXT)) return (EFTYPE); @@ -571,12 +589,18 @@ uid = ip->i_uid; if (gid == (gid_t)VNOVAL) gid = ip->i_gid; + /* + * To modify the ownership of a file, must possess VADMIN + * for that file. + */ + if ((error = VOP_ACCESS(vp, VADMIN, cred, p))) + return (error); /* - * If we don't own the file, are trying to change the owner - * of the file, or are not a member of the target group, - * the caller must be superuser or the call fails. + * To change the owner of a file, or change the group of a file + * to a group of which we are not a member, the caller must + * have privilege. */ - if ((cred->cr_uid != ip->i_uid || uid != ip->i_uid || + if ((uid != ip->i_uid || (gid != ip->i_gid && !groupmember(gid, cred))) && (error = suser_xxx(cred, p, PRISON_ROOT))) return (error); @@ -1095,15 +1119,14 @@ if (xp->i_number == ip->i_number) panic("ufs_rename: same file"); /* - * If the parent directory is "sticky", then the user must - * own the parent directory, or the destination of the rename, - * otherwise the destination may not be changed (except by - * root). This implements append-only directories. + * If the parent directory is "sticky", then the caller + * must possess VADMIN for the parent directory, or the + * destination of the rename. This implements append-only + * directories. */ if ((dp->i_mode & S_ISTXT) && - suser_xxx(tcnp->cn_cred, NULL, PRISON_ROOT) && - tcnp->cn_cred->cr_uid != dp->i_uid && - xp->i_uid != tcnp->cn_cred->cr_uid) { + VOP_ACCESS(tdvp, VADMIN, tcnp->cn_cred, p) && + VOP_ACCESS(tvp, VADMIN, tcnp->cn_cred, p)) { error = EPERM; goto bad; } To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Mon Oct 9 19:19:13 2000 Delivered-To: freebsd-arch@freebsd.org Received: from smtp03.primenet.com (smtp03.primenet.com [206.165.6.133]) by hub.freebsd.org (Postfix) with ESMTP id 047A837B66E for ; Mon, 9 Oct 2000 19:19:06 -0700 (PDT) Received: (from daemon@localhost) by smtp03.primenet.com (8.9.3/8.9.3) id TAA25605; Mon, 9 Oct 2000 19:09:50 -0700 (MST) Received: from usr01.primenet.com(206.165.6.201) via SMTP by smtp03.primenet.com, id smtpdAAAwbay9X; Mon Oct 9 19:09:42 2000 Received: (from tlambert@localhost) by usr01.primenet.com (8.8.5/8.8.5) id TAA13943; Mon, 9 Oct 2000 19:11:12 -0700 (MST) From: Terry Lambert Message-Id: <200010100211.TAA13943@usr01.primenet.com> Subject: Re: cvs commit: src/etc inetd.conf To: arch@FreeBSD.ORG Date: Tue, 10 Oct 2000 02:11:11 +0000 (GMT) Cc: phk@critter.freebsd.dk (Poul-Henning Kamp), dillon@earth.backplane.com (Matt Dillon), imp@village.org (Warner Losh), jruigrok@via-net-works.nl (Jeroen Ruigrok van der Werven) In-Reply-To: <20001008144622.D35605@citusc17.usc.edu> from "Kris Kennaway" at Oct 08, 2000 02:46:22 PM X-Mailer: ELM [version 2.5 PL2] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > > Do any committers have any objections to me disabling ntalk, finger, > > > telnet, rsh, and ftp by default in -current? And sandboxing 'named' by > > > default in -current? Won't this make it difficult to bootstrap a headless 1U box? Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Mon Oct 9 20:15:58 2000 Delivered-To: freebsd-arch@freebsd.org Received: from smtp01.primenet.com (smtp01.primenet.com [206.165.6.131]) by hub.freebsd.org (Postfix) with ESMTP id 80E3637B670; Mon, 9 Oct 2000 20:15:51 -0700 (PDT) Received: (from daemon@localhost) by smtp01.primenet.com (8.9.3/8.9.3) id UAA19914; Mon, 9 Oct 2000 20:15:03 -0700 (MST) Received: from usr01.primenet.com(206.165.6.201) via SMTP by smtp01.primenet.com, id smtpdAAAHtaiZM; Mon Oct 9 20:14:55 2000 Received: (from tlambert@localhost) by usr01.primenet.com (8.8.5/8.8.5) id UAA15932; Mon, 9 Oct 2000 20:15:38 -0700 (MST) From: Terry Lambert Message-Id: <200010100315.UAA15932@usr01.primenet.com> Subject: Re: VOP_ACCESS() and new VADMIN/VATTRIB? To: rwatson@FreeBSD.ORG (Robert Watson) Date: Tue, 10 Oct 2000 03:15:38 +0000 (GMT) Cc: freebsd-fs@FreeBSD.ORG, freebsd-arch@FreeBSD.ORG, trustedbsd-discuss@TrustedBSD.org In-Reply-To: from "Robert Watson" at Oct 09, 2000 12:49:39 PM X-Mailer: ELM [version 2.5 PL2] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Robert Watson wrote: > (Apologies again for wide-cross posting :-). > > As described in my prior e-mail, I have updated my local tree to make use > of a new VADMIN right for testing access control requests requiring > "ownership" of a file system object to succeed. I've attached below the > patches required to support this change in UFS/FFS, although I have not > yet updated the other file systems. I'd like to go ahead and commit this > support, as it is required for mandatory access control (centralizing the > VADMIN decision means MAC policies can block VADMIN requests centrally in > VOP_ACCESS() for file system that support labeling, rather than having MAC > checks scattered through reems of file system code). > > However, I'd like to get someone (or several someone's :-) to review the > code for correctness. In particular, I'm concerned about VFS locking > issues: VOP_ACCESS() requires an exclusive lock on its vp argument, which > is good since VOP_GETACL() and label retrieval functions will require a > lock in UFS, but the requirement for a lock to test ip->i_uid directly > wasn't explicit previously as part of the locking protocol. I believe > I've managed to demonstrate to myself that in locations where the VADMIN > VOP_ACCESS() test occurs, a lock will always be held on the pertinent > vnodes, but I'd like confirmation. If it wasn't require before, the code > was probably buggy anyway, but those bugs will become far more visible in > a world where VOP_ACCESS() could involve a blocking call to access ACLs or > label information. I don't believe there are any locking issues; however, I do have some problems with the direction this code is going. It seems to me that these patches centralize some code, at the expense of future ability to reuse and/or maintain the code, without assuming a default vaccess() based implementation. > --- sys/ufs/ufs/ufs_lookup.c 2000/09/18 16:13:01 1.40 > +++ sys/ufs/ufs/ufs_lookup.c 2000/10/09 16:29:34 > @@ -476,9 +476,8 @@ > * implements append-only directories. > */ > if ((dp->i_mode & ISVTX) && > - suser_xxx(cred, p, PRISON_ROOT) && > - cred->cr_uid != dp->i_uid && > - VTOI(tdp)->i_uid != cred->cr_uid) { > + VOP_ACCESS(vdp, VADMIN, cred, cnp->cn_proc) && > + VOP_ACCESS(tdp, VADMIN, cred, cnp->cn_proc)) { > vput(tdp); > return (EPERM); > } The removal of the PRISON check hides the semantics and assumes the use of vaccess() as the default for use by VOP_ACCESS(). This means that if I derive a different FS from the UFS code, and don't use your new code, I'm suddenly vulnerable to a credential exploit. One of the main reasons that I disliked the "default" stuff when it went in was a similar hidden semantics problem it caused by forcing me to explicitly invlude a VFSOP/VNOP for code for which I wanted the default behaviour from a VFS stacking layer ("EOPNOTSUPP"). The problem with this, and which I think gets exacerbated by the credential code changes you are proposing, is that for any VNOP or VFSOP that's unknown to a stacking layer in an arbitrary stack, is that if it is known to an underyling layer (perhaps the underlying layer is newer than that stacked on top of it), there is no way to preclude exposing the underlying layers additional semantics to a caller, even if you wish to only expose a minimal set... you can't. I also think that this is perhaps a case where you want to provide an alternate VNOP array, and expose this is a seperate VFS. I'd argue that the capabilities code should be approached in a similar fashion, although given the extent, impact, and initialization problems inherent to such code, it seems to me that it should be a seperate stacking layer in its own right: basically the same place where I would put the quota code, and implement read-only mounts (through an implied stacking request). You could easily achieve the same effect by replacing the ufs_access call and the other calls you are changing, rather than wiring it into UFS proper. At the very least, I think that it's important to document your assumptions and their impact on the semantics that they bring in with them, should this code go forward, as is. Any VFS author who follows you will inherit these assumptions, and it's encumbant on you to insure that they don't inherit a loaded gun aimed at their foot. I have to say that my preference is that this type of code, which fits very well into the model of a semantics imposition stacking layer, really wants to wait until stacking is fixed, and to be implemented where it fits best. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Mon Oct 9 20:25:14 2000 Delivered-To: freebsd-arch@freebsd.org Received: from citusc17.usc.edu (citusc17.usc.edu [128.125.38.177]) by hub.freebsd.org (Postfix) with ESMTP id A40BA37B503 for ; Mon, 9 Oct 2000 20:25:12 -0700 (PDT) Received: (from kris@localhost) by citusc17.usc.edu (8.9.3/8.9.3) id UAA02157; Mon, 9 Oct 2000 20:25:40 -0700 (PDT) Date: Mon, 9 Oct 2000 20:25:40 -0700 From: Kris Kennaway To: Terry Lambert Cc: arch@FreeBSD.ORG, Poul-Henning Kamp , Matt Dillon , Warner Losh , Jeroen Ruigrok van der Werven Subject: Re: cvs commit: src/etc inetd.conf Message-ID: <20001009202540.A2128@citusc17.usc.edu> References: <20001008144622.D35605@citusc17.usc.edu> <200010100211.TAA13943@usr01.primenet.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200010100211.TAA13943@usr01.primenet.com>; from tlambert@primenet.com on Tue, Oct 10, 2000 at 02:11:11AM +0000 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, Oct 10, 2000 at 02:11:11AM +0000, Terry Lambert wrote: > > > > Do any committers have any objections to me disabling ntalk, finger, > > > > telnet, rsh, and ftp by default in -current? And sandboxing 'named' by > > > > default in -current? > > Won't this make it difficult to bootstrap a headless 1U box? The point, which many people in this discussion somehow keep missing, is that when you do a default installation of recent versions of FreeBSD, the machine reboots with ssh enabled and working. Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Mon Oct 9 20:59:39 2000 Delivered-To: freebsd-arch@freebsd.org Received: from pcnet1.pcnet.com (pcnet1.pcnet.com [204.213.232.3]) by hub.freebsd.org (Postfix) with ESMTP id 50FEF37B66C for ; Mon, 9 Oct 2000 20:59:37 -0700 (PDT) Received: (from eischen@localhost) by pcnet1.pcnet.com (8.8.7/PCNet) id XAA02186; Mon, 9 Oct 2000 23:49:11 -0400 (EDT) Date: Mon, 9 Oct 2000 23:49:10 -0400 (EDT) From: Daniel Eischen To: Kris Kennaway Cc: Terry Lambert , arch@FreeBSD.ORG, Poul-Henning Kamp , Matt Dillon , Warner Losh , Jeroen Ruigrok van der Werven Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: <20001009202540.A2128@citusc17.usc.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, 9 Oct 2000, Kris Kennaway wrote: > On Tue, Oct 10, 2000 at 02:11:11AM +0000, Terry Lambert wrote: > > > > > Do any committers have any objections to me disabling ntalk, finger, > > > > > telnet, rsh, and ftp by default in -current? And sandboxing 'named' by > > > > > default in -current? > > > > Won't this make it difficult to bootstrap a headless 1U box? > > The point, which many people in this discussion somehow keep missing, > is that when you do a default installation of recent versions of > FreeBSD, the machine reboots with ssh enabled and working. Don't you first need to add your keys before ssh is usable? I think that at least telnet and ftp should be enabled by default. Make the secure settings optional. -- Dan Eischen To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Mon Oct 9 21:12:12 2000 Delivered-To: freebsd-arch@freebsd.org Received: from citusc17.usc.edu (citusc17.usc.edu [128.125.38.177]) by hub.freebsd.org (Postfix) with ESMTP id 11B4437B66C for ; Mon, 9 Oct 2000 21:12:09 -0700 (PDT) Received: (from kris@localhost) by citusc17.usc.edu (8.9.3/8.9.3) id VAA02352; Mon, 9 Oct 2000 21:12:32 -0700 (PDT) Date: Mon, 9 Oct 2000 21:12:32 -0700 From: Kris Kennaway To: Daniel Eischen Cc: Kris Kennaway , Terry Lambert , arch@FreeBSD.ORG, Poul-Henning Kamp , Matt Dillon , Warner Losh , Jeroen Ruigrok van der Werven Subject: Re: cvs commit: src/etc inetd.conf Message-ID: <20001009211232.A2340@citusc17.usc.edu> References: <20001009202540.A2128@citusc17.usc.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from eischen@vigrid.com on Mon, Oct 09, 2000 at 11:49:10PM -0400 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, Oct 09, 2000 at 11:49:10PM -0400, Daniel Eischen wrote: > On Mon, 9 Oct 2000, Kris Kennaway wrote: > > On Tue, Oct 10, 2000 at 02:11:11AM +0000, Terry Lambert wrote: > > > > > > Do any committers have any objections to me disabling ntalk, finger, > > > > > > telnet, rsh, and ftp by default in -current? And sandboxing 'named' by > > > > > > default in -current? > > > > > > Won't this make it difficult to bootstrap a headless 1U box? > > > > The point, which many people in this discussion somehow keep missing, > > is that when you do a default installation of recent versions of > > FreeBSD, the machine reboots with ssh enabled and working. > > Don't you first need to add your keys before ssh is usable? No. It does password-based authentication by default, always has. Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Mon Oct 9 21:31: 1 2000 Delivered-To: freebsd-arch@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id 14DE037B502 for ; Mon, 9 Oct 2000 21:30:59 -0700 (PDT) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.11.0/8.11.0) with ESMTP id e9A4SjY11108; Mon, 9 Oct 2000 22:28:45 -0600 (MDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id WAA17517; Mon, 9 Oct 2000 22:28:44 -0600 (MDT) Message-Id: <200010100428.WAA17517@harmony.village.org> To: Daniel Eischen Subject: Re: cvs commit: src/etc inetd.conf Cc: Kris Kennaway , Terry Lambert , arch@FreeBSD.ORG, Poul-Henning Kamp , Matt Dillon , Jeroen Ruigrok van der Werven In-reply-to: Your message of "Mon, 09 Oct 2000 23:49:10 EDT." References: Date: Mon, 09 Oct 2000 22:28:44 -0600 From: Warner Losh Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message Daniel Eischen writes: : Don't you first need to add your keys before ssh is usable? No. Works great with unix passwords. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Mon Oct 9 21:43:17 2000 Delivered-To: freebsd-arch@freebsd.org Received: from smtp05.primenet.com (smtp05.primenet.com [206.165.6.135]) by hub.freebsd.org (Postfix) with ESMTP id CADB237B66F for ; Mon, 9 Oct 2000 21:43:15 -0700 (PDT) Received: (from daemon@localhost) by smtp05.primenet.com (8.9.3/8.9.3) id VAA29771; Mon, 9 Oct 2000 21:35:57 -0700 (MST) Received: from usr01.primenet.com(206.165.6.201) via SMTP by smtp05.primenet.com, id smtpdAAA25aag6; Mon Oct 9 21:35:51 2000 Received: (from tlambert@localhost) by usr01.primenet.com (8.8.5/8.8.5) id VAA18406; Mon, 9 Oct 2000 21:35:26 -0700 (MST) From: Terry Lambert Message-Id: <200010100435.VAA18406@usr01.primenet.com> Subject: Re: cvs commit: src/etc inetd.conf To: kris@citusc.usc.edu (Kris Kennaway) Date: Tue, 10 Oct 2000 04:35:25 +0000 (GMT) Cc: eischen@vigrid.com (Daniel Eischen), kris@citusc.usc.edu (Kris Kennaway), tlambert@primenet.com (Terry Lambert), arch@FreeBSD.ORG, phk@critter.freebsd.dk (Poul-Henning Kamp), dillon@earth.backplane.com (Matt Dillon), imp@village.org (Warner Losh), jruigrok@via-net-works.nl (Jeroen Ruigrok van der Werven) In-Reply-To: <20001009211232.A2340@citusc17.usc.edu> from "Kris Kennaway" at Oct 09, 2000 09:12:32 PM X-Mailer: ELM [version 2.5 PL2] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG >>>>>>> Do any committers have any objections to me disabling ntalk, >>>>>>> finger, telnet, rsh, and ftp by default in -current? And >>>>>>> sandboxing 'named' by default in -current? >>>> >>>> Won't this make it difficult to bootstrap a headless 1U box? >>> >>> The point, which many people in this discussion somehow keep missing, >>> is that when you do a default installation of recent versions of >>> FreeBSD, the machine reboots with ssh enabled and working. >> >> Don't you first need to add your keys before ssh is usable? > > No. It does password-based authentication by default, always has. Don't you need an ssh client before ssh is usable? I have "telnet" and "ftp" everywhere. Won't this make it difficult to bootstrap a headless 1U box from a Windows or Macintosh box? I'd bootstrap it from FreeBSD, but of course, FreeBSD can't use my Winmodem, so I'm left with no connection to the net, or no ssh to the 1U box, take your pick. Doesn't anyone else use laptops when bootstrapping rack mounted equipment? I guess we could all go out and buy a PCMCIA modem for our laptops, just so that we can have telnet and ftp disabled by default... Personally, I think this one-upmansship with OpenBSD is silly; no one is "secure by default", and anyone claiming they are is just leading users down the primrose path, until the next CERT advisory makes them out to be a liar. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Mon Oct 9 21:54:43 2000 Delivered-To: freebsd-arch@freebsd.org Received: from cain.gsoft.com.au (genesi.lnk.telstra.net [139.130.136.161]) by hub.freebsd.org (Postfix) with ESMTP id CE23737B66D for ; Mon, 9 Oct 2000 21:54:35 -0700 (PDT) Received: from cain.gsoft.com.au (doconnor@cain [203.38.152.97]) by cain.gsoft.com.au (8.8.8/8.8.8) with ESMTP id OAA03384; Tue, 10 Oct 2000 14:21:40 +0930 (CST) (envelope-from doconnor@gsoft.com.au) Message-ID: X-Mailer: XFMail 1.4.0 on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 In-Reply-To: <200010100435.VAA18406@usr01.primenet.com> Date: Tue, 10 Oct 2000 14:21:40 +0930 (CST) From: "Daniel O'Connor" To: Terry Lambert Subject: Re: cvs commit: src/etc inetd.conf Cc: (Jeroen Ruigrok van der Werven) Cc: (Jeroen Ruigrok van der Werven) , (Warner Losh) , (Matt Dillon) , (Poul-Henning Kamp) , arch@FreeBSD.ORG, (Daniel Eischen) , (Kris Kennaway) Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On 10-Oct-00 Terry Lambert wrote: > Won't this make it difficult to bootstrap a headless 1U box > from a Windows or Macintosh box? Download an SSH client for Windows or the Mac. A quick web search shows up several. > I'd bootstrap it from FreeBSD, but of course, FreeBSD can't > use my Winmodem, so I'm left with no connection to the net, > or no ssh to the 1U box, take your pick. Get a PCMCIA modem? > I guess we could all go out and buy a PCMCIA modem for our > laptops, just so that we can have telnet and ftp disabled by > default... Uhh, the number of people who have a laptop with a winmodem, no PCMCIA modem, and no SSH client for Windows who bootstrap 1U RU servers is pretty small. Go and download one and put yourself in the majority :) > Personally, I think this one-upmansship with OpenBSD is silly; > no one is "secure by default", and anyone claiming they are is > just leading users down the primrose path, until the next CERT > advisory makes them out to be a liar. If you think its one-upmanship, good for you, but lots of people think that 'off by default' is a good thing. (and some of them even install on headless servers!) --- Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Mon Oct 9 23:26:58 2000 Delivered-To: freebsd-arch@freebsd.org Received: from echunga.lemis.com (freebie.lemis.com [192.109.197.137]) by hub.freebsd.org (Postfix) with ESMTP id 2E42F37B503; Mon, 9 Oct 2000 23:26:43 -0700 (PDT) Received: (from grog@localhost) by wantadilla.lemis.com (8.11.0/8.9.3) id e973vqA28717; Sat, 7 Oct 2000 13:27:52 +0930 (CST) (envelope-from grog) Date: Sat, 7 Oct 2000 13:27:52 +0930 From: Greg Lehey To: Terry Lambert Cc: John Baldwin , Daniel Eischen , arch@FreeBSD.ORG, Alfred Perlstein , Mark Murray , Jake Burkholder , Boris Popov , freebsd-smp@FreeBSD.ORG Subject: Re: Mutexes and semaphores Message-ID: <20001007132752.A28665@wantadilla.lemis.com> References: <20001005113139.C27736@fw.wintelcom.net> <200010052142.OAA15421@usr05.primenet.com> <200009251938.MAA29311@usr02.primenet.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <200009251938.MAA29311@usr02.primenet.com>; from tlambert@primenet.com on Mon, Sep 25, 2000 at 07:38:22PM +0000 Organization: LEMIS, PO Box 460, Echunga SA 5153, Australia Phone: +61-8-8388-8286 Fax: +61-8-8388-8725 Mobile: +61-418-838-708 WWW-Home-Page: http://www.lemis.com/~grog X-PGP-Fingerprint: 6B 7B C3 8C 61 CD 54 AF 13 24 52 F8 6D A4 95 EF Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Monday, 25 September 2000 at 19:38:22 +0000, Terry Lambert wrote: >>> If we are going to support recursive mutex, I think it would be >>> better to add separate calls/macros/data types to support them, >>> so the the mtx mutexes can be simplified. Calls to mtx_enter >>> with the recursive mutex type wouldn't even compile. >> >> Err, the recursive nature of the mutexes is very trivial. It >> doesn't affect the complexity of the mutexes at all. > > Yes, it does. Ownership precludes hand-off. Recusrion support > implies permission and tacit approval. > > A mutex is not recursive. There are things you simply can not > implement when recursion is permitted for all of your primitives. > > The most obvious argument is still that a mutex is intended to > protect data, not code. Recursion is only required if the mutex > is actually protecting reentrancy of code, not access to data. On Thursday, 5 October 2000 at 21:42:28 +0000, Terry Lambert wrote: >>> There is another problem; printf's inside a kthread corrupt like >>> crazy. They look very unthreadsafe. >> >> do NOT use printf without Giant. > > This strikes me as being rather inane. > > If printf won't work without holging the lock, then it damn well > should acquire the lock if it isn't already held, and release it > if it acquired it, before returning. Make up your mind. Greg -- Finger grog@lemis.com for PGP public key See complete headers for address and phone numbers To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Oct 10 1:25:20 2000 Delivered-To: freebsd-arch@freebsd.org Received: from smtp03.primenet.com (smtp03.primenet.com [206.165.6.133]) by hub.freebsd.org (Postfix) with ESMTP id 7125237B503; Tue, 10 Oct 2000 01:25:16 -0700 (PDT) Received: (from daemon@localhost) by smtp03.primenet.com (8.9.3/8.9.3) id BAA12092; Tue, 10 Oct 2000 01:23:38 -0700 (MST) Received: from usr06.primenet.com(206.165.6.206) via SMTP by smtp03.primenet.com, id smtpdAAAj8aGHx; Tue Oct 10 01:23:27 2000 Received: (from tlambert@localhost) by usr06.primenet.com (8.8.5/8.8.5) id BAA13123; Tue, 10 Oct 2000 01:24:55 -0700 (MST) From: Terry Lambert Message-Id: <200010100824.BAA13123@usr06.primenet.com> Subject: Re: Mutexes and semaphores To: grog@lemis.com (Greg Lehey) Date: Tue, 10 Oct 2000 08:24:54 +0000 (GMT) Cc: tlambert@primenet.com (Terry Lambert), jhb@FreeBSD.ORG (John Baldwin), eischen@vigrid.com (Daniel Eischen), arch@FreeBSD.ORG, bright@wintelcom.net (Alfred Perlstein), mark@grondar.za (Mark Murray), jburkhol@home.com (Jake Burkholder), bp@butya.kz (Boris Popov), freebsd-smp@FreeBSD.ORG In-Reply-To: <20001007132752.A28665@wantadilla.lemis.com> from "Greg Lehey" at Oct 07, 2000 01:27:52 PM X-Mailer: ELM [version 2.5 PL2] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > A mutex is not recursive. There are things you simply can not > > implement when recursion is permitted for all of your primitives. > > > > The most obvious argument is still that a mutex is intended to > > protect data, not code. Recursion is only required if the mutex > > is actually protecting reentrancy of code, not access to data. [ ... ] > >> do NOT use printf without Giant. > > > > This strikes me as being rather inane. > > > > If printf won't work without holging the lock, then it damn well > > should acquire the lock if it isn't already held, and release it > > if it acquired it, before returning. > > Make up your mind. I see no conflict. The printf should not fail unless it is the result of a data protection failure. Testing to see that the giant lock (which is not a mutex) is held, if it is truly a requirement to hold it, is not a problem. Acquiring the giant lock only if it is not already acquired, and only releasing it if it wre you who acquired it, is not recursion. Maybe I'm missing some subtlety here that you're not? Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Oct 10 1:46:38 2000 Delivered-To: freebsd-arch@freebsd.org Received: from wantadilla.lemis.com (wantadilla.lemis.com [192.109.197.80]) by hub.freebsd.org (Postfix) with ESMTP id 0C8C537B503; Tue, 10 Oct 2000 01:46:31 -0700 (PDT) Received: (from grog@localhost) by wantadilla.lemis.com (8.11.0/8.9.3) id e9A8kL289653; Tue, 10 Oct 2000 18:16:21 +0930 (CST) (envelope-from grog) Date: Tue, 10 Oct 2000 18:16:21 +0930 From: Greg Lehey To: Terry Lambert Cc: John Baldwin , Daniel Eischen , arch@FreeBSD.ORG, Alfred Perlstein , Mark Murray , Jake Burkholder , Boris Popov , freebsd-smp@FreeBSD.ORG Subject: Re: Mutexes and semaphores Message-ID: <20001010181621.M87663@wantadilla.lemis.com> References: <20001007132752.A28665@wantadilla.lemis.com> <200010100824.BAA13123@usr06.primenet.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <200010100824.BAA13123@usr06.primenet.com>; from tlambert@primenet.com on Tue, Oct 10, 2000 at 08:24:54AM +0000 Organization: LEMIS, PO Box 460, Echunga SA 5153, Australia Phone: +61-8-8388-8286 Fax: +61-8-8388-8725 Mobile: +61-418-838-708 WWW-Home-Page: http://www.lemis.com/~grog X-PGP-Fingerprint: 6B 7B C3 8C 61 CD 54 AF 13 24 52 F8 6D A4 95 EF Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tuesday, 10 October 2000 at 8:24:54 +0000, Terry Lambert wrote: >>> A mutex is not recursive. There are things you simply can not >>> implement when recursion is permitted for all of your primitives. >>> >>> The most obvious argument is still that a mutex is intended to >>> protect data, not code. Recursion is only required if the mutex >>> is actually protecting reentrancy of code, not access to data. I suppose I should have left this last paragraph of the quote out. The intention of mutexes is left to the programmer. While I agree that I'd rather use them to protect data than code, there's nothing in the nature of a mutex that requires that. >>>> do NOT use printf without Giant. >>> >>> This strikes me as being rather inane. >>> >>> If printf won't work without holging the lock, then it damn well >>> should acquire the lock if it isn't already held, and release it >>> if it acquired it, before returning. >> >> Make up your mind. > > I see no conflict. The printf should not fail unless it is > the result of a data protection failure. > > Testing to see that the giant lock (which is not a mutex) is > held, if it is truly a requirement to hold it, is not a problem. Giant is a mutex. > Acquiring the giant lock only if it is not already acquired, and > only releasing it if it wre you who acquired it, is not recursion. Well, for some definition of "recursion". I don't know if the term "recursive" is even appropriate for this behaviour. But if you find yourself in a position where you need to check whether you need to acquire a mutex, then "recursion" is the cheapest way to go. > Maybe I'm missing some subtlety here that you're not? Well, also that your alternative is even untidier than recursion. The whole original discussion boils down to "properly written code only needs to lock once". I tend to agree with this viewpoint, but it's clear that by that measure we have a lot of improperly written code. Recursion isn't the problem, it's the solution. You're advocating rejecting the solution ("because recursion is bad") and replacing it with a worse solution ("did we lock? OK, then we need to unlock now"). At the very least, that requires auxiliary variables which aren't part of the mutex, which is very untidy, especially if you have to debug the thing. Greg -- Finger grog@lemis.com for PGP public key See complete headers for address and phone numbers To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Oct 10 8:55:42 2000 Delivered-To: freebsd-arch@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id A3BAE37B66C for ; Tue, 10 Oct 2000 08:55:36 -0700 (PDT) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id LAA28449; Tue, 10 Oct 2000 11:54:09 -0400 (EDT) (envelope-from rwatson@FreeBSD.org) Date: Tue, 10 Oct 2000 11:54:09 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Kris Kennaway Cc: Terry Lambert , arch@FreeBSD.org, Poul-Henning Kamp , Matt Dillon , Warner Losh , Jeroen Ruigrok van der Werven Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: <20001009202540.A2128@citusc17.usc.edu> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, 9 Oct 2000, Kris Kennaway wrote: > On Tue, Oct 10, 2000 at 02:11:11AM +0000, Terry Lambert wrote: > > > > > Do any committers have any objections to me disabling ntalk, finger, > > > > > telnet, rsh, and ftp by default in -current? And sandboxing 'named' by > > > > > default in -current? > > > > Won't this make it difficult to bootstrap a headless 1U box? > > The point, which many people in this discussion somehow keep missing, > is that when you do a default installation of recent versions of > FreeBSD, the machine reboots with ssh enabled and working. As I pointed out earlier, there needs to be a way for the administrator to securely retrieve the SSH key so that they can log in securely. Otherwise the whole point of using SSH is lost. If they just blindly accept the key without some sort of confirmation, it might as well be telnet. For console-based install, this is fine if we print out the key finger print after the first reboot (although ideally we'd generate it during sysinstall and formally present it to the administrator). For a headless install, there is currently no way to get the key in a secure manner. If the answer is, ``Well, it's a local network segment, you should be fine,'' that applies equally well to telnet, which, as I also mentioned before, has been standardized a lot longer, has much more interoperability, is more stable, etc. Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Oct 10 8:58: 7 2000 Delivered-To: freebsd-arch@freebsd.org Received: from critter.freebsd.dk (flutter.freebsd.dk [212.242.40.147]) by hub.freebsd.org (Postfix) with ESMTP id 1004037B502; Tue, 10 Oct 2000 08:58:05 -0700 (PDT) Received: from critter (localhost [127.0.0.1]) by critter.freebsd.dk (8.11.0/8.9.3) with ESMTP id e9AFw2N72358; Tue, 10 Oct 2000 17:58:02 +0200 (CEST) (envelope-from phk@critter.freebsd.dk) To: Robert Watson Cc: Kris Kennaway , Terry Lambert , arch@FreeBSD.ORG, Matt Dillon , Warner Losh , Jeroen Ruigrok van der Werven Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: Your message of "Tue, 10 Oct 2000 11:54:09 EDT." Date: Tue, 10 Oct 2000 17:58:02 +0200 Message-ID: <72356.971193482@critter> From: Poul-Henning Kamp Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message , Robe rt Watson writes: > >On Mon, 9 Oct 2000, Kris Kennaway wrote: > >> On Tue, Oct 10, 2000 at 02:11:11AM +0000, Terry Lambert wrote: >> > > > > Do any committers have any objections to me disabling ntalk, finger, >> > > > > telnet, rsh, and ftp by default in -current? And sandboxing 'named' by >> > > > > default in -current? >> > >> > Won't this make it difficult to bootstrap a headless 1U box? >> >> The point, which many people in this discussion somehow keep missing, >> is that when you do a default installation of recent versions of >> FreeBSD, the machine reboots with ssh enabled and working. > >As I pointed out earlier, there needs to be a way for the administrator to >securely retrieve the SSH key so that they can log in securely. And as I pointed out earlier: having ssh doesn't help people who have only a windows box to connect from. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD coreteam member | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Oct 10 9:12:42 2000 Delivered-To: freebsd-arch@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id A4AE037B66C; Tue, 10 Oct 2000 09:12:39 -0700 (PDT) Received: (from des@localhost) by flood.ping.uio.no (8.9.3/8.9.3) id SAA34072; Tue, 10 Oct 2000 18:09:54 +0200 (CEST) (envelope-from des@ofug.org) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: Poul-Henning Kamp Cc: Robert Watson , Kris Kennaway , Terry Lambert , arch@FreeBSD.ORG, Matt Dillon , Warner Losh , Jeroen Ruigrok van der Werven Subject: Re: cvs commit: src/etc inetd.conf References: <72356.971193482@critter> From: Dag-Erling Smorgrav Date: 10 Oct 2000 18:09:54 +0200 In-Reply-To: Poul-Henning Kamp's message of "Tue, 10 Oct 2000 17:58:02 +0200" Message-ID: Lines: 10 User-Agent: Gnus/5.0802 (Gnus v5.8.2) Emacs/20.4 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Poul-Henning Kamp writes: > And as I pointed out earlier: having ssh doesn't help people who have > only a windows box to connect from. There are numerous ssh clients that run on Windows, and some of them are even not only free, but open-source as well (mindterm, for instance) DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Oct 10 9:20:22 2000 Delivered-To: freebsd-arch@freebsd.org Received: from critter.freebsd.dk (flutter.freebsd.dk [212.242.40.147]) by hub.freebsd.org (Postfix) with ESMTP id 06FF237B502; Tue, 10 Oct 2000 09:20:20 -0700 (PDT) Received: from critter (localhost [127.0.0.1]) by critter.freebsd.dk (8.11.0/8.9.3) with ESMTP id e9AGKDN72472; Tue, 10 Oct 2000 18:20:13 +0200 (CEST) (envelope-from phk@critter.freebsd.dk) To: Dag-Erling Smorgrav Cc: Robert Watson , Kris Kennaway , Terry Lambert , arch@FreeBSD.ORG, Matt Dillon , Warner Losh , Jeroen Ruigrok van der Werven Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: Your message of "10 Oct 2000 18:09:54 +0200." Date: Tue, 10 Oct 2000 18:20:13 +0200 Message-ID: <72470.971194813@critter> From: Poul-Henning Kamp Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message , Dag-Erling Smorgrav writes: >Poul-Henning Kamp writes: >> And as I pointed out earlier: having ssh doesn't help people who have >> only a windows box to connect from. > >There are numerous ssh clients that run on Windows, and some of them >are even not only free, but open-source as well (mindterm, for instance) I know, but I don't want to make the learning curve harder than it need to be. Besides, it's not always possible to get permission to install software on corporate windows machines. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD coreteam member | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Oct 10 9:23:11 2000 Delivered-To: freebsd-arch@freebsd.org Received: from earth.backplane.com (placeholder-dcat-1076843290.broadbandoffice.net [64.47.83.26]) by hub.freebsd.org (Postfix) with ESMTP id 1C57737B503; Tue, 10 Oct 2000 09:23:08 -0700 (PDT) Received: (from dillon@localhost) by earth.backplane.com (8.11.0/8.9.3) id e9AGKoo13270; Tue, 10 Oct 2000 09:20:50 -0700 (PDT) (envelope-from dillon) Date: Tue, 10 Oct 2000 09:20:50 -0700 (PDT) From: Matt Dillon Message-Id: <200010101620.e9AGKoo13270@earth.backplane.com> To: Poul-Henning Kamp Cc: Robert Watson , Kris Kennaway , Terry Lambert , arch@FreeBSD.ORG, Warner Losh , Jeroen Ruigrok van der Werven Subject: Re: cvs commit: src/etc inetd.conf References: <72356.971193482@critter> Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG : :In message , Robe :rt Watson writes: :> :>On Mon, 9 Oct 2000, Kris Kennaway wrote: :> :>> On Tue, Oct 10, 2000 at 02:11:11AM +0000, Terry Lambert wrote: :>> > > > > Do any committers have any objections to me disabling ntalk, finger, :>> > > > > telnet, rsh, and ftp by default in -current? And sandboxing 'named' by :>> > > > > default in -current? :>> > :>> > Won't this make it difficult to bootstrap a headless 1U box? :>> :>> The point, which many people in this discussion somehow keep missing, :>> is that when you do a default installation of recent versions of :>> FreeBSD, the machine reboots with ssh enabled and working. :> :>As I pointed out earlier, there needs to be a way for the administrator to :>securely retrieve the SSH key so that they can log in securely. : :And as I pointed out earlier: having ssh doesn't help people who have :only a windows box to connect from. : :-- :Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 :phk@FreeBSD.ORG | TCP/IP since RFC 956 I'm pretty sure there are at least two windows-based packages that work with ssh, FSecure is one of them. I don't see much of a point trying to restrict ourselves to the lowest common denominator - some joe sysadmin who isn't willing to run unix on a laptop or who isn't willing to buy a single program for windows to access a machine securely. Setting up ssh on a rackmount FreeBSD box is trivial. It's actually easier to do then setting up telnet. For example, in order to get initial access to the box from the console one can simply download and run a simple script which pulls the public key to be used for root's authorized_keys file into ~root/.ssh/authorized_keys. Bang, you now have secure access to the machine. This is a whole lot better then pulling an encrypted password over the net to populate master.passwd in order to be able to telnet in, and also a whole lot better then telling everyone and his grandmother the root password so they can login via telnet. I was this to initialize rack mount boxes at BEST four years ago. I had a little boot floppy which would copy the system via NFS, including ~root and its authorized_keys file. I had the private key softlinked from another partition so it wasn't accessible via NFS. You stick the floppy in, and 10 minutes later you had a complete system installed on the rack mount box including security and access elements. Nobody is saying we should remove these programs, only that they should not be turned on by default. They should be commented out in inetd.conf (like everything else in inetd.conf) so the machine isn't poked full of holes when someone turns inetd on without looking at inetd.conf. I can't imagine why anyone would do that, I guess the world is full of bozos. None of the arguments Jordan or Poul are making make any sense to me. What they are saying to me is basically that they aren't willing to require that joe sysop be bothered with lifting just his little finger to configure a FreeBSD box. -Matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Oct 10 9:24: 0 2000 Delivered-To: freebsd-arch@freebsd.org Received: from earth.backplane.com (placeholder-dcat-1076843290.broadbandoffice.net [64.47.83.26]) by hub.freebsd.org (Postfix) with ESMTP id 8870137B503; Tue, 10 Oct 2000 09:23:58 -0700 (PDT) Received: (from dillon@localhost) by earth.backplane.com (8.11.0/8.9.3) id e9AGNwY13314; Tue, 10 Oct 2000 09:23:58 -0700 (PDT) (envelope-from dillon) Date: Tue, 10 Oct 2000 09:23:58 -0700 (PDT) From: Matt Dillon Message-Id: <200010101623.e9AGNwY13314@earth.backplane.com> To: Robert Watson Cc: Kris Kennaway , Terry Lambert , arch@FreeBSD.org, Poul-Henning Kamp , Warner Losh , Jeroen Ruigrok van der Werven Subject: Re: cvs commit: src/etc inetd.conf References: Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG :As I pointed out earlier, there needs to be a way for the administrator to :securely retrieve the SSH key so that they can log in securely. Otherwise :the whole point of using SSH is lost. If they just blindly accept the key : : Robert N M Watson :robert@fledge.watson.org http://www.watson.org/~robert/ The public key you stick in your authorized_keys file is... well, public. You can retrieve it over an unsecure network just fine and it doesn't really matter who sniffs it. A good sysop will change the key every month or two just to maintain control over leakage of the private key (since people need the private key to be able to ssh to the box being installed), but that's about it. It's a whole lot better then transfering an encrypted password file and distributing the plaintext root password to all the sysads (not to mention the fact that no sysad in their right mind enables plaintext password logins to root over a network). -Matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Oct 10 9:52:42 2000 Delivered-To: freebsd-arch@freebsd.org Received: from critter.freebsd.dk (flutter.freebsd.dk [212.242.40.147]) by hub.freebsd.org (Postfix) with ESMTP id 6BC8237B502; Tue, 10 Oct 2000 09:52:39 -0700 (PDT) Received: from critter (localhost [127.0.0.1]) by critter.freebsd.dk (8.11.0/8.9.3) with ESMTP id e9AGqZN72576; Tue, 10 Oct 2000 18:52:35 +0200 (CEST) (envelope-from phk@critter.freebsd.dk) To: Matt Dillon Cc: Robert Watson , Kris Kennaway , Terry Lambert , arch@FreeBSD.ORG, Warner Losh , Jeroen Ruigrok van der Werven Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: Your message of "Tue, 10 Oct 2000 09:20:50 PDT." <200010101620.e9AGKoo13270@earth.backplane.com> Date: Tue, 10 Oct 2000 18:52:35 +0200 Message-ID: <72574.971196755@critter> From: Poul-Henning Kamp Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <200010101620.e9AGKoo13270@earth.backplane.com>, Matt Dillon writes: > I don't see much of a point trying to restrict ourselves to the lowest > common denominator - some joe sysadmin who isn't willing to run unix on > a laptop or who isn't willing to buy a single program for windows to > access a machine securely. I am not asking for us to "restrict ourselves to the lowest common denominator". I'm asking that we leave the lower bound where it is. I am very happy that machines come online with sshd working now, that's a great step forward in many cases, just not in all cases. Besides: Considering that we have not allowed remote root logins for quite some time, having telnetd enabled on a freshly installed box poses no security hole: there are no accounts to break in to. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD coreteam member | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Oct 10 9:54:57 2000 Delivered-To: freebsd-arch@freebsd.org Received: from mail.rpi.edu (mail.rpi.edu [128.113.100.7]) by hub.freebsd.org (Postfix) with ESMTP id 69F2837B66E; Tue, 10 Oct 2000 09:54:54 -0700 (PDT) Received: from [128.113.24.47] (gilead.acs.rpi.edu [128.113.24.47]) by mail.rpi.edu (8.9.3/8.9.3) with ESMTP id MAA175732; Tue, 10 Oct 2000 12:54:45 -0400 Mime-Version: 1.0 X-Sender: drosih@mail.rpi.edu Message-Id: In-Reply-To: References: Date: Tue, 10 Oct 2000 12:54:45 -0400 To: Robert Watson , Kris Kennaway From: Garance A Drosihn Subject: Re: cvs commit: src/etc inetd.conf Cc: Terry Lambert , arch@FreeBSD.ORG, Poul-Henning Kamp , Matt Dillon , Warner Losh , Jeroen Ruigrok van der Werven Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG At 11:54 AM -0400 10/10/00, Robert Watson wrote: >On Mon, 9 Oct 2000, Kris Kennaway wrote: > > > On Tue, Oct 10, 2000 at 02:11:11AM +0000, Terry Lambert wrote: > > > > > > Do any committers have any objections to me disabling > > > > > > ntalk, finger, telnet, rsh, and ftp by default in > > > > > > -current? And sandboxing 'named' by default in -current? > > > > > > Won't this make it difficult to bootstrap a headless 1U box? > > > > The point, which many people in this discussion somehow keep missing, > > is that when you do a default installation of recent versions of > > FreeBSD, the machine reboots with ssh enabled and working. > >As I pointed out earlier, there needs to be a way for the administrator >to securely retrieve the SSH key so that they can log in securely. >Otherwise the whole point of using SSH is lost. If they just blindly >accept the key without some sort of confirmation, it might as well be >telnet. Well, I don't agree with that. It isn't perfect, but it is not the same as a telnet session. On the other hand, I HAVE had new installs where sshd did NOT come up, for whatever reason, and if that had happened on a headless machine then I'd really like to have telnet as an option. Yes, I'm sure we will never again have a bug in the setup of sshd, but it couldn't hurt to wait until after we have a longer track record with it. But let's ignore my opinions for the moment, and let me offer a solution to this thread. We don't seem to have everyone agreeing that it would be good to disable telnetd by default. So, how about we disable everything BUT telnetd? To provide some improvement in security, change /root/.cshrc so that it checks for telnetd being enabled, and writes a message to the console anytime root logs in while telnetd is enabled. People who don't want telnetd at all will see that message, and will remember to disable it from /etc/inet.conf. People who do want telnetd will swear about how obnoxious the message is, and delete that check from /root/.cshrc (or some other appropriate place). We can then leave things that way until some future point, where everyone is more comfortable with telnet being disabled in the default install. Could everyone agree that as a good change to make for now? Would everyone agree that all the other proposed changes (including the sandboxing of named) would be a good idea? --- Garance Alistair Drosehn = gad@eclipse.acs.rpi.edu Senior Systems Programmer or drosih@rpi.edu Rensselaer Polytechnic Institute To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Oct 10 10:16:33 2000 Delivered-To: freebsd-arch@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id B986337B66E for ; Tue, 10 Oct 2000 10:16:25 -0700 (PDT) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id NAA29399; Tue, 10 Oct 2000 13:14:45 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Tue, 10 Oct 2000 13:14:45 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Matt Dillon Cc: Kris Kennaway , Terry Lambert , arch@FreeBSD.org, Poul-Henning Kamp , Warner Losh , Jeroen Ruigrok van der Werven Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: <200010101623.e9AGNwY13314@earth.backplane.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, 10 Oct 2000, Matt Dillon wrote: > :As I pointed out earlier, there needs to be a way for the administrator to > :securely retrieve the SSH key so that they can log in securely. Otherwise > :the whole point of using SSH is lost. If they just blindly accept the key > : > : Robert N M Watson > :robert@fledge.watson.org http://www.watson.org/~robert/ > > The public key you stick in your authorized_keys file is... well, > public. You can retrieve it over an unsecure network just fine and > it doesn't really matter who sniffs it. A good sysop will change the > key every month or two just to maintain control over leakage of the > private key (since people need the private key to be able to ssh to > the box being installed), but that's about it. It's a whole lot better > then transfering an encrypted password file and distributing the plaintext > root password to all the sysads (not to mention the fact that no sysad > in their right mind enables plaintext password logins to root over > a network). I'm referring to the host public key, which is used by the client to authenticate the connection to the server. If the client cannot retrieve it in a secure manner, it cannot securely authenticate that it has connected to the right host. Right now, in absence of any defined PKI for SSH, the commonly accepted mechanism is to compare the a priori known host key fingerprint with the one printed by the SSH client: if they are the same, and the hostname being bound is the same, accept the key. In the current install, that fingerprint does not become available until after the first boot with SSH enabled. Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Oct 10 10:25:18 2000 Delivered-To: freebsd-arch@freebsd.org Received: from peach.ocn.ne.jp (peach.ocn.ne.jp [210.145.254.87]) by hub.freebsd.org (Postfix) with ESMTP id 6F13937B66C; Tue, 10 Oct 2000 10:25:15 -0700 (PDT) Received: from newsguy.com (p46-dn02kiryunisiki.gunma.ocn.ne.jp [211.0.245.111]) by peach.ocn.ne.jp (8.9.1a/OCN/) with ESMTP id CAA25527; Wed, 11 Oct 2000 02:22:34 +0900 (JST) Message-ID: <39E35015.1F7C97B8@newsguy.com> Date: Wed, 11 Oct 2000 02:21:25 +0900 From: "Daniel C. Sobral" X-Mailer: Mozilla 4.7 [en] (Win98; I) X-Accept-Language: en,pt-BR MIME-Version: 1.0 To: Matt Dillon Cc: Poul-Henning Kamp , Robert Watson , Kris Kennaway , Terry Lambert , arch@FreeBSD.ORG, Warner Losh , Jeroen Ruigrok van der Werven Subject: Re: cvs commit: src/etc inetd.conf References: <72356.971193482@critter> <200010101620.e9AGKoo13270@earth.backplane.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Matt Dillon wrote: > > I don't see much of a point trying to restrict ourselves to the lowest > common denominator - some joe sysadmin who isn't willing to run unix on > a laptop or who isn't willing to buy a single program for windows to > access a machine securely. Buy? Free ssh for windows abound. There's even at least one scp, though the one I have in mind does not support RSA keys, which is not the default for our sshd anyway. Since people have been naming names, here is more one: TeraTerm Pro with SSH enhancement. Supports RSA, TIS, forwarding, X servers, and up to vt320 and vt382, including colors. Free. > Setting up ssh on a rackmount FreeBSD box is trivial. It's actually > easier to do then setting up telnet. For example, in order to get > initial access to the box from the console one can simply download and > run a simple script which pulls the public key to be used for root's > authorized_keys file into ~root/.ssh/authorized_keys. Bang, you now > have secure access to the machine. This is a whole lot better then Since we have some nice daily/weekly/monthly scripts, can we add this function to then, with any likely knobs and turned off by default? -- Daniel C. Sobral (8-DCS) dcs@newsguy.com dcs@freebsd.org capo@linux.bsdconspiracy.net the ants all left because mtn. dew is sold out again To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Oct 10 10:29:43 2000 Delivered-To: freebsd-arch@freebsd.org Received: from earth.backplane.com (placeholder-dcat-1076843290.broadbandoffice.net [64.47.83.26]) by hub.freebsd.org (Postfix) with ESMTP id 2F1F437B66C; Tue, 10 Oct 2000 10:29:41 -0700 (PDT) Received: (from dillon@localhost) by earth.backplane.com (8.11.0/8.9.3) id e9AHTe913811; Tue, 10 Oct 2000 10:29:40 -0700 (PDT) (envelope-from dillon) Date: Tue, 10 Oct 2000 10:29:40 -0700 (PDT) From: Matt Dillon Message-Id: <200010101729.e9AHTe913811@earth.backplane.com> To: Robert Watson Cc: Kris Kennaway , Terry Lambert , arch@FreeBSD.org, Poul-Henning Kamp , Warner Losh , Jeroen Ruigrok van der Werven Subject: Re: cvs commit: src/etc inetd.conf References: Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG :I'm referring to the host public key, which is used by the client to :authenticate the connection to the server. If the client cannot retrieve :it in a secure manner, it cannot securely authenticate that it has :connected to the right host. Right now, in absence of any defined PKI for :SSH, the commonly accepted mechanism is to compare the a priori known host :key fingerprint with the one printed by the SSH client: if they are the :same, and the hostname being bound is the same, accept the key. In the :current install, that fingerprint does not become available until after :the first boot with SSH enabled. : : Robert N M Watson : :robert@fledge.watson.org http://www.wthatatson.org/~robert/ Most people don't care, they just type 'yes' when ssh complains about seeing a new host for the first time and it gets recorded. So why should they care on a first-time install? I certainly don't care... while it is entirely proper for ssh to complain, it doesn't follow that a sysop has to listen to it. This is certainly not a show stopper. Besides, you get no assurances at all with telnet so this point isn't really relevant to the discussion. -Matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Oct 10 10:43:13 2000 Delivered-To: freebsd-arch@freebsd.org Received: from sandman.sandgate.com (sandman.sandgate.com [38.161.139.2]) by hub.freebsd.org (Postfix) with ESMTP id B69A337B502 for ; Tue, 10 Oct 2000 10:43:07 -0700 (PDT) Received: from vectra (a118.COMCAT.COM [207.86.230.118]) by sandman.sandgate.com (8.10.0/8.10.0) with SMTP id e9AHhLx11539 for ; Tue, 10 Oct 2000 13:43:27 -0400 (EDT) From: "Sue Wainer" To: "Freebsd-Arch" Subject: Ethernet Device Driver Modules Date: Tue, 10 Oct 2000 13:42:58 -0400 Message-ID: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_NextPart_000_000C_01C032C0.002A3690" X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG This is a multi-part message in MIME format. ------=_NextPart_000_000C_01C032C0.002A3690 Content-Type: multipart/alternative; boundary="----=_NextPart_001_000D_01C032C0.002A3690" ------=_NextPart_001_000D_01C032C0.002A3690 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit I am trying to create an Ethernet Device Driver Module that I can load with kldload. I am assuming that the driver probe function will be entered when the module is loaded. I have created a standard pci bus Ethernet driver, if_asic.c, modeled after drivers in /sys/pci. And, I have looked in /usr/share/examples/kld/cdev for an example. Attached is my Makefile. When compiling if_asic.c, I get undefines "device_if.h", etc. I have made a kernel image including my driver, and see where these files are placed in my config/MYBUILD/modules/.... directory path. What am I missing in building my driver as a loadable module? Thanks for your attention. Sue Wainer ------=_NextPart_001_000D_01C032C0.002A3690 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
I am trying to = create an=20 Ethernet Device Driver Module that I can load with
kldload. I am = assuming that the=20 driver probe function will be entered when the
module is=20 loaded.
I have created a = standard pci=20 bus Ethernet driver, if_asic.c, modeled after = drivers
in /sys/pci. And, I = have looked=20 in /usr/share/examples/kld/cdev for an example.
 
Attached is my = Makefile. When=20 compiling if_asic.c, I get undefines "device_if.h", = etc.
I have made a = kernel image=20 including my driver, and see where these files are = placed
in my=20 config/MYBUILD/modules/.... directory path. What am I missing in=20 building
my driver as a = loadable=20 module?
 
Thanks for your=20 attention.
 
Sue=20 Wainer
------=_NextPart_001_000D_01C032C0.002A3690-- ------=_NextPart_000_000C_01C032C0.002A3690 Content-Type: application/octet-stream; name="Makefile" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="Makefile" SUBDIR= module load: _SUBDIRUSE unload: _SUBDIRUSE .include SRCS = if_asic.c CFLAGS = -I/sys/WaveNIC1/FreeBSD/AdapterDriver \ -I/sys/WaveNIC1/FreeBSD/include \ -I/sys/WaveNIC1/include \ -I/sys/WaveNIC1/SharedSource \ -I/sys/od \ -I- -I. -I.. -I../.. -I../../../include -O -D__CYGWIN32__ \ -DUSE_PPP -DDEFAULT_DEBUG_LEVEL=0 -D__CYGWIN32__ -DKERNEL KMOD = wavenic NOMAN = 1 .include "/usr/share/mk/bsd.kmod.mk" ------=_NextPart_000_000C_01C032C0.002A3690-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Oct 10 10:50:11 2000 Delivered-To: freebsd-arch@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id 5C21037B503 for ; Tue, 10 Oct 2000 10:50:09 -0700 (PDT) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id NAA29819; Tue, 10 Oct 2000 13:48:42 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Tue, 10 Oct 2000 13:48:41 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Matt Dillon Cc: Kris Kennaway , Terry Lambert , arch@FreeBSD.org, Poul-Henning Kamp , Warner Losh , Jeroen Ruigrok van der Werven Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: <200010101729.e9AHTe913811@earth.backplane.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, 10 Oct 2000, Matt Dillon wrote: > Most people don't care, they just type 'yes' when ssh complains about > seeing a new host for the first time and it gets recorded. So why should > they care on a first-time install? I certainly don't care... while it > is entirely proper for ssh to complain, it doesn't follow that a sysop > has to listen to it. > > This is certainly not a show stopper. Besides, you get no assurances at > all with telnet so this point isn't really relevant to the discussion. It was my distinct impression we were talking about secure remote log-ins, not administrators ignoring proper security procedures. I'm sorry to hear that Best was vulnerable to man-in-the-middle attacks, but I'm not sure that has any bearing on the conversation (and it's probably not something you want to share on public mailing lists). The point in bringing it up was that unless you go through the proper keying procedure, you don't gain much by switching to a keyed protocol from an un-keyed one. If we have a system in which it is impossible to follow the correct procedure, then it's arguable that forcing people to use the keyed protocol has no security benefit. Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Oct 10 11: 2:23 2000 Delivered-To: freebsd-arch@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id C6C3137B66D; Tue, 10 Oct 2000 11:02:19 -0700 (PDT) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.11.0/8.11.0) with ESMTP id e9AI2Hi14548; Tue, 10 Oct 2000 12:02:17 -0600 (MDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id MAA28379; Tue, 10 Oct 2000 12:02:16 -0600 (MDT) Message-Id: <200010101802.MAA28379@harmony.village.org> To: Robert Watson Subject: Re: cvs commit: src/etc inetd.conf Cc: arch@FreeBSD.org In-reply-to: Your message of "Tue, 10 Oct 2000 13:48:41 EDT." References: Date: Tue, 10 Oct 2000 12:02:16 -0600 From: Warner Losh Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message Robert Watson writes: : The point in bringing it up was that unless you go through the proper : keying procedure, you don't gain much by switching to a keyed protocol : from an un-keyed one. If we have a system in which it is impossible to : follow the correct procedure, then it's arguable that forcing people to : use the keyed protocol has no security benefit. Agreed. I'm starting to think that the current balance is a good one. Having inetd off by default (but this is a tweakable parameter from sysinstall), but having telnet be on by default on inetd.conf. I think that we might want to have a mini-debate/meeting about this at BSDcon. I know that's a bit of a sore spot for some people, but I think we'll have enough people on both sides to reach a doable compromise. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Oct 10 12:17:14 2000 Delivered-To: freebsd-arch@freebsd.org Received: from smtp05.primenet.com (smtp05.primenet.com [206.165.6.135]) by hub.freebsd.org (Postfix) with ESMTP id 69AD537B503; Tue, 10 Oct 2000 12:17:11 -0700 (PDT) Received: (from daemon@localhost) by smtp05.primenet.com (8.9.3/8.9.3) id MAA29171; Tue, 10 Oct 2000 12:17:15 -0700 (MST) Received: from usr09.primenet.com(206.165.6.209) via SMTP by smtp05.primenet.com, id smtpdAAAv8ai54; Tue Oct 10 12:17:06 2000 Received: (from tlambert@localhost) by usr09.primenet.com (8.8.5/8.8.5) id MAA15501; Tue, 10 Oct 2000 12:16:40 -0700 (MST) From: Terry Lambert Message-Id: <200010101916.MAA15501@usr09.primenet.com> Subject: Re: cvs commit: src/etc inetd.conf To: dcs@newsguy.com (Daniel C. Sobral) Date: Tue, 10 Oct 2000 19:16:40 +0000 (GMT) Cc: dillon@earth.backplane.com (Matt Dillon), phk@critter.freebsd.dk (Poul-Henning Kamp), rwatson@FreeBSD.ORG (Robert Watson), kris@citusc.usc.edu (Kris Kennaway), tlambert@primenet.com (Terry Lambert), arch@FreeBSD.ORG, imp@village.org (Warner Losh), jruigrok@via-net-works.nl (Jeroen Ruigrok van der Werven) In-Reply-To: <39E35015.1F7C97B8@newsguy.com> from "Daniel C. Sobral" at Oct 11, 2000 02:21:25 AM X-Mailer: ELM [version 2.5 PL2] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Buy? Free ssh for windows abound. There's even at least one scp, though > the one I have in mind does not support RSA keys, which is not the > default for our sshd anyway. Since people have been naming names, here > is more one: TeraTerm Pro with SSH enhancement. Supports RSA, TIS, > forwarding, X servers, and up to vt320 and vt382, including > colors. Free. A VT382 is a DECWindows terminal; its primary claim to fame is that it supports ISC (Input Sequence Check) mode, which permits it to support Pacific Rim input methods. Being an X Display, it still needs a client program. 8-p. A VT320 is the upgraded version of the VT220; its primary claim to fame over its predecessor is 9 bit instead of 8 bit with implied 9th bit duplication in its sixel graphics, and support for ReGIS graphics and session switch, when using DEC supplied terminal servers, like the DECServer 200. It's monochrome. Oh yeah, it's also slower than the VT220, since it uses a ROM cartridge for its state machine. You probably mean "VT340 emulation", if it supported " colors". Not to be pendantic, or anthing, mind you... havong done my first VTxxx emulator in the eary 80s, when these things first became available, I have a warm place in my heart for these things. Anyone want to know why a VT102P is different from a VT100, or why a VT640 was also called a "Retrographics" terminal? 8-) 8-). > > Setting up ssh on a rackmount FreeBSD box is trivial. It's actually > > easier to do then setting up telnet. For example, in order to get > > initial access to the box from the console one can simply download and > > run a simple script which pulls the public key to be used for root's > > authorized_keys file into ~root/.ssh/authorized_keys. Bang, you now > > have secure access to the machine. This is a whole lot better then > > Since we have some nice daily/weekly/monthly scripts, can we add this > function to then, with any likely knobs and turned off by default? Actually, this is a bad idea, since there is no non-repudiation; that means that you are subject to a man-in-the-middle and session replay attacks, just like when you first set up NT, and manually enter the domain controller password the first time... actually, it's worse, since an attacker could respond as the server from which you are getting the original authorized_keys file. Before someone says "put it on a floppy", the most likely multiple rack install method would be to do it via netboot, not CDROM or floppy, since that another 36GB of disk space we can put in that otherwise bootable device slot. Frankly, if your environment is that hostile, you should probably consider hosting your boxes some place other than script-kiddie heaven, even if they do offer you $30/month off your colocation charges in exchange for you tolerating them trying to crack your machines. At the very least, you should consider a headful install; at least then, like NT, theres no initial man-in-the-middle possible between the person doing the install and the keyboard jack. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Oct 10 12:46:43 2000 Delivered-To: freebsd-arch@freebsd.org Received: from dragon.nuxi.com (trang.nuxi.com [209.152.133.57]) by hub.freebsd.org (Postfix) with ESMTP id 7EC6437B502 for ; Tue, 10 Oct 2000 12:46:41 -0700 (PDT) Received: (from obrien@localhost) by dragon.nuxi.com (8.9.3/8.9.1) id MAA54533; Tue, 10 Oct 2000 12:43:52 -0700 (PDT) (envelope-from obrien) Date: Tue, 10 Oct 2000 12:43:52 -0700 From: "David O'Brien" To: Poul-Henning Kamp Cc: arch@freebsd.org Subject: Re: cvs commit: src/etc inetd.conf Message-ID: <20001010124352.A54458@dragon.nuxi.com> Reply-To: arch@freebsd.org References: <200010101620.e9AGKoo13270@earth.backplane.com> <72574.971196755@critter> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <72574.971196755@critter>; from phk@critter.freebsd.dk on Tue, Oct 10, 2000 at 06:52:35PM +0200 X-Operating-System: FreeBSD 5.0-CURRENT Organization: The NUXI BSD group X-Pgp-Rsa-Fingerprint: B7 4D 3E E9 11 39 5F A3 90 76 5D 69 58 D9 98 7A X-Pgp-Rsa-Keyid: 1024/34F9F9D5 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, Oct 10, 2000 at 06:52:35PM +0200, Poul-Henning Kamp wrote: > > I don't see much of a point trying to restrict ourselves to the lowest > > common denominator - some joe sysadmin who isn't willing to run unix on > > a laptop or who isn't willing to buy a single program for windows to > > access a machine securely. > > I am not asking for us to "restrict ourselves to the lowest common > denominator". I don't see how that is NOT what you are asking for. You are arguing that we support a person with a M$-Windows laptop where they are unable to install a single program on it. Please explain farther. -- -- David (obrien@FreeBSD.org) GNU is Not Unix / Linux Is Not UniX To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Oct 10 13:11:33 2000 Delivered-To: freebsd-arch@freebsd.org Received: from critter.freebsd.dk (flutter.freebsd.dk [212.242.40.147]) by hub.freebsd.org (Postfix) with ESMTP id A27A437B66C for ; Tue, 10 Oct 2000 13:11:29 -0700 (PDT) Received: from critter (localhost [127.0.0.1]) by critter.freebsd.dk (8.11.0/8.9.3) with ESMTP id e9AKBSN73716 for ; Tue, 10 Oct 2000 22:11:28 +0200 (CEST) (envelope-from phk@critter.freebsd.dk) To: arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: Your message of "Tue, 10 Oct 2000 12:43:52 PDT." <20001010124352.A54458@dragon.nuxi.com> Date: Tue, 10 Oct 2000 22:11:28 +0200 Message-ID: <73714.971208688@critter> From: Poul-Henning Kamp Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <20001010124352.A54458@dragon.nuxi.com>, "David O'Brien" writes: >On Tue, Oct 10, 2000 at 06:52:35PM +0200, Poul-Henning Kamp wrote: >> > I don't see much of a point trying to restrict ourselves to the lowest >> > common denominator - some joe sysadmin who isn't willing to run unix on >> > a laptop or who isn't willing to buy a single program for windows to >> > access a machine securely. >> >> I am not asking for us to "restrict ourselves to the lowest common >> denominator". > >I don't see how that is NOT what you are asking for. You are arguing >that we support a person with a M$-Windows laptop where they are unable >to install a single program on it. Please explain farther. World: [...] "the real -" a place where the computers are run by people with no clue under order from people with no perspective according to rules made with no wisdom. Recognizable by statements such as "Outlook is a great mail-system", "I'm sure it will be better after then next service pack.", "Have you tried to reboot ?" [...] I see no reason to shoot ourselves in the foot with worthless pseudo restrictions in security: Scenario 1: (new to UNIX) Installs FreeBSD. Think security is about locking doors. Has no clue what ssh is. Has telnet program on his Windows machine. Scenario 2: (Security aware UNIX person) Installs FreeBSD. Knows that he has to do things to improve security. Knows what ssh and inetd.conf is. Now, lets see: Disabling telnetd stops the first person dead in his tracks, leading him to conclude FreeBSD and UNIX as such sux. Leaving telnetd enabled, gives the second person a one-line editing task. Since you cannot login as root with telnet, the box is safe as long as he remembers to disable telnetd before creating user accounts. It's a real no-brainer to me... FreeBSD: Tools, not policies. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD coreteam member | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Oct 10 14:58:31 2000 Delivered-To: freebsd-arch@freebsd.org Received: from falla.videotron.net (falla.videotron.net [205.151.222.106]) by hub.freebsd.org (Postfix) with ESMTP id ECFE137B502 for ; Tue, 10 Oct 2000 14:58:22 -0700 (PDT) Received: from modemcable213.3-201-24.mtl.mc.videotron.ca ([24.201.3.213]) by falla.videotron.net (Sun Internet Mail Server sims.3.5.1999.12.14.10.29.p8) with ESMTP id <0G2800JKXID8Y1@falla.videotron.net> for arch@FreeBSD.ORG; Tue, 10 Oct 2000 17:58:21 -0400 (EDT) Date: Tue, 10 Oct 2000 18:02:25 -0400 (EDT) From: Bosko Milekic Subject: Re: Mutexes and semaphores In-reply-to: <20001010181621.M87663@wantadilla.lemis.com> X-Sender: bmilekic@jehovah.technokratis.com To: Terry Lambert Cc: arch@FreeBSD.ORG Message-id: MIME-version: 1.0 Content-type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG This is not aimed at anyone in particular; Appologies to those trimmed in the To: and Cc: fields. On Tue, 10 Oct 2000, Greg Lehey wrote: > >>> The most obvious argument is still that a mutex is intended to > >>> protect data, not code. Recursion is only required if the mutex > >>> is actually protecting reentrancy of code, not access to data. I don't recall who originally stated this, but this is not exactly correct. Well, I suppose it is exactly correct in an exactly perfect world. While I do agree that recursion is typical when the mutex is protecting reentrancy of code (although, I gotta tell you, I find this to be more of a "feature" in some cases -- more below), recursion also happens even if the mutex is not only serving to protect reentrancy. This probably sounds twisted, so here (I hope this turns out looking alright): (execution path is counter-clockwise, starting from [Subsystem A]) (when I mention "lock" or "mutex" it is in reference to a mutex protecting some data which lives in [Subsystem A code]) [Subsystem A] -------------- [Subsystem A code]-------------- | | [routine (a) that makes [ routine (b) that makes use use of Subsystem B code] of Subsystem A code ] | | -----[Subsystem B] ----- [some generic routine (c) that is an integral part of Subsystem B] 1) [Subsystem A] makes use of a local routine, which acquires a lock, and ends up having to call routine (a); it cannot release the lock because then there would be a potential race condition. 2) routine (a) does some neat stuff (the mutex is still held here) and then calls one of its own routines, call it routine (c), residing in the "integral part of Subsystem B" code. 3) routine (c) is a general routine, in the sense that it can have points of entry from several different parts of [Subsystem B], at least. Routine (c) happens to call routine (b) (see schematic above to understand) which accesses the same data as [Subsystem A] was touching. So it acquires the lock recursively. Does its stuff, and returns. Okay, so the issues are clear, and you may be thinking: * (c) in point 3) is WRONG, it should be calling a lower-level routine (b) which doesn't acquire the lock. The problem with this "solution," though, is also mentionned in point 3): Routine (c) is a "general" routine, in some cases, it HAS to aquire the lock. So you can't just have it not aquire the lock at all, because then those cases would be flawed. Splitting all these instances on a case by case basis is a recipe for disaster. * "Again, code reentry, not data, is being protected here." This argument unfortunately touches on a very sensitive issue; the difference here is a fine line. See, if you want to argue that locks should serve to protect "data" across subsystems, you're going to have a hard time doing it, mainly because in most cross-subsystem cases, the "data" will be manipulated by routines (code) and so you may draw the inference that if the lock needs to be aquired that it is the "code" that is being protected, but this is just an abstraction, and you _are_ in fact protecting the data. To just quickly touch on the issue I raised in the first paragraph above; about how I find the fact that sometimes the mutex can be used to protect code reentrancy as well as data a "feature." Basically, I find this neat only when the lock needs to be acquired to protect data as well, but the code surrounding it, which is the only code manipulating this data, also has one or two calls that need not be re-entrant; then, aquiring the same mutex just one statement above is neat, because things are much less "bloated" this way (as opposed to using an entirely separate mechanism to prevent reentrancy). > I suppose I should have left this last paragraph of the quote out. > The intention of mutexes is left to the programmer. While I agree > that I'd rather use them to protect data than code, there's nothing in > the nature of a mutex that requires that. I agree with both points raised above. [...] > Greg > -- > Finger grog@lemis.com for PGP public key > See complete headers for address and phone numbers Cheers, Bosko Milekic bmilekic@technokratis.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Oct 10 16:57:37 2000 Delivered-To: freebsd-arch@freebsd.org Received: from mail-relay.eunet.no (mail-relay.eunet.no [193.71.71.242]) by hub.freebsd.org (Postfix) with ESMTP id 7787937B66C for ; Tue, 10 Oct 2000 16:57:34 -0700 (PDT) Received: from login-1.eunet.no (login-1.eunet.no [193.75.110.2]) by mail-relay.eunet.no (8.9.3/8.9.3/GN) with ESMTP id BAA66906; Wed, 11 Oct 2000 01:57:29 +0200 (CEST) (envelope-from mbendiks@eunet.no) Received: from localhost (mbendiks@localhost) by login-1.eunet.no (8.9.3/8.8.8) with ESMTP id BAA51031; Wed, 11 Oct 2000 01:57:29 +0200 (CEST) (envelope-from mbendiks@eunet.no) X-Authentication-Warning: login-1.eunet.no: mbendiks owned process doing -bs Date: Wed, 11 Oct 2000 01:57:29 +0200 (CEST) From: Marius Bendiksen To: "Daniel O'Connor" Cc: arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Download an SSH client for Windows or the Mac. > A quick web search shows up several. Beside the point that such a client could've been trojanized, I would point out that I have been in situations where this would not have been feasible. > If you think its one-upmanship, good for you, but lots of people think > that 'off by default' is a good thing. (and some of them even install on > headless servers!) This is a policy issue. If I wanted "off by default", I would either do a manual install, or I would go for OpenBSD. If you really need to do this, why not simply add a package which extracts files in /etc and so forth, which could do these things? Didn't I hear someone mutter "tools, not policy" a while back? This would seem to me to be such an issue. Marius To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Oct 10 17: 0:56 2000 Delivered-To: freebsd-arch@freebsd.org Received: from mail-relay.eunet.no (mail-relay.eunet.no [193.71.71.242]) by hub.freebsd.org (Postfix) with ESMTP id 214B637B502 for ; Tue, 10 Oct 2000 17:00:53 -0700 (PDT) Received: from login-1.eunet.no (login-1.eunet.no [193.75.110.2]) by mail-relay.eunet.no (8.9.3/8.9.3/GN) with ESMTP id CAA67038; Wed, 11 Oct 2000 02:00:51 +0200 (CEST) (envelope-from mbendiks@eunet.no) Received: from localhost (mbendiks@localhost) by login-1.eunet.no (8.9.3/8.8.8) with ESMTP id CAA51057; Wed, 11 Oct 2000 02:00:51 +0200 (CEST) (envelope-from mbendiks@eunet.no) X-Authentication-Warning: login-1.eunet.no: mbendiks owned process doing -bs Date: Wed, 11 Oct 2000 02:00:51 +0200 (CEST) From: Marius Bendiksen To: Dag-Erling Smorgrav Cc: arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > There are numerous ssh clients that run on Windows, and some of them > are even not only free, but open-source as well (mindterm, for instance) I would point out that for people hired out to install a FreeBSD headless server at a site, not needing to use non-standard software at the site is actually a good thing. Marius To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Oct 10 17: 6:22 2000 Delivered-To: freebsd-arch@freebsd.org Received: from mail-relay.eunet.no (mail-relay.eunet.no [193.71.71.242]) by hub.freebsd.org (Postfix) with ESMTP id 8C39737B66C for ; Tue, 10 Oct 2000 17:06:19 -0700 (PDT) Received: from login-1.eunet.no (login-1.eunet.no [193.75.110.2]) by mail-relay.eunet.no (8.9.3/8.9.3/GN) with ESMTP id CAA67283; Wed, 11 Oct 2000 02:06:17 +0200 (CEST) (envelope-from mbendiks@eunet.no) Received: from localhost (mbendiks@localhost) by login-1.eunet.no (8.9.3/8.8.8) with ESMTP id CAA51074; Wed, 11 Oct 2000 02:06:17 +0200 (CEST) (envelope-from mbendiks@eunet.no) X-Authentication-Warning: login-1.eunet.no: mbendiks owned process doing -bs Date: Wed, 11 Oct 2000 02:06:17 +0200 (CEST) From: Marius Bendiksen To: Matt Dillon Cc: arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: <200010101620.e9AGKoo13270@earth.backplane.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Nobody is saying we should remove these programs, only that they > should not be turned on by default. They should be commented out > in inetd.conf (like everything else in inetd.conf) so the machine Why not make them turned on by default, and make a package which makes your system secureish? Such a package can be installed from the usual sysinstall procedure. > isn't poked full of holes when someone turns inetd on without looking > at inetd.conf. I can't imagine why anyone would do that, I guess "If someone points a gun at their foot, and pull the trigger, it is Unix' task to reliably deliver the bullet to it's intended target." - phk, iirc. It should not be our task to cover for people in such a fashion. If they are unable to secure the system by themselves, they can install such a security port. If they fail to do even that, then they can use Windows 2000, which by most accounts is getting close to stableish. Marius To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Oct 10 17:58: 2 2000 Delivered-To: freebsd-arch@freebsd.org Received: from cain.gsoft.com.au (genesi.lnk.telstra.net [139.130.136.161]) by hub.freebsd.org (Postfix) with ESMTP id DBBE837B502 for ; Tue, 10 Oct 2000 17:57:51 -0700 (PDT) Received: from cain.gsoft.com.au (doconnor@cain [203.38.152.97]) by cain.gsoft.com.au (8.8.8/8.8.8) with ESMTP id KAA14583; Wed, 11 Oct 2000 10:27:38 +0930 (CST) (envelope-from doconnor@gsoft.com.au) Message-ID: X-Mailer: XFMail 1.4.0 on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 In-Reply-To: Date: Wed, 11 Oct 2000 10:27:37 +0930 (CST) From: "Daniel O'Connor" To: Marius Bendiksen Subject: Re: cvs commit: src/etc inetd.conf Cc: arch@FreeBSD.ORG Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On 10-Oct-00 Marius Bendiksen wrote: > > Download an SSH client for Windows or the Mac. > > A quick web search shows up several. > Beside the point that such a client could've been trojanized, I would > point out that I have been in situations where this would not have been > feasible. So could your telnet client. Its not like Windows provides any security worth the name. > This is a policy issue. If I wanted "off by default", I would either do a > manual install, or I would go for OpenBSD. If you really need to do this, > why not simply add a package which extracts files in /etc and so forth, > which could do these things? > > Didn't I hear someone mutter "tools, not policy" a while back? This would > seem to me to be such an issue. The argument is the same if I want 'on by default'. ie If I want 'on by default' I'll install Solaris, or... --- Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Oct 10 21:37:20 2000 Delivered-To: freebsd-arch@freebsd.org Received: from mass.osd.bsdi.com (adsl-63-202-176-106.dsl.snfc21.pacbell.net [63.202.176.106]) by hub.freebsd.org (Postfix) with ESMTP id BFC7A37B66D for ; Tue, 10 Oct 2000 21:37:16 -0700 (PDT) Received: from mass.osd.bsdi.com (localhost [127.0.0.1]) by mass.osd.bsdi.com (8.11.0/8.9.3) with ESMTP id e9B4LZh04292; Tue, 10 Oct 2000 21:21:36 -0700 (PDT) (envelope-from msmith@mass.osd.bsdi.com) Message-Id: <200010110421.e9B4LZh04292@mass.osd.bsdi.com> X-Mailer: exmh version 2.1.1 10/15/1999 To: "Sue Wainer" Cc: "Freebsd-Arch" Subject: Re: Ethernet Device Driver Modules In-reply-to: Your message of "Tue, 10 Oct 2000 13:42:58 EDT." Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Tue, 10 Oct 2000 21:21:35 -0700 From: Mike Smith Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > I am trying to create an Ethernet Device Driver Module that I can load > with kldload. I am assuming that the driver probe function will be entered > when the module is loaded. This will happen presuming your module itself has been correctly laid out. Without access to the sources for your module, that's hard to know. > I have created a standard pci bus Ethernet driver, if_asic.c, modeled > after drivers in /sys/pci. And, I have looked in /usr/share/examples/kld/ > cdev for an example. These examples are extremely old. Check any of the modules in sys/ modules for better examples. > Attached is my Makefile. When compiling if_asic.c, I get undefines > "device_if.h", etc. I have made a kernel image including my driver, and > see where these files are placed in my config/MYBUILD/modules/.... > directory path. What am I missing in building my driver as a loadable > module? You need to list the relevant bus interface headers in your module Makefile. Again, check any of the other network interface modules' build infrastructure for examples. If you need more specific help, please feel free to ask. Regards, Mike -- ... every activity meets with opposition, everyone who acts has his rivals and unfortunately opponents also. But not because people want to be opponents, rather because the tasks and relationships force people to take different points of view. [Dr. Fritz Todt] V I C T O R Y N O T V E N G E A N C E To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Oct 10 22:27:47 2000 Delivered-To: freebsd-arch@freebsd.org Received: from smtp04.primenet.com (smtp04.primenet.com [206.165.6.134]) by hub.freebsd.org (Postfix) with ESMTP id 3FCE837B503 for ; Tue, 10 Oct 2000 22:27:46 -0700 (PDT) Received: (from daemon@localhost) by smtp04.primenet.com (8.9.3/8.9.3) id WAA21866; Tue, 10 Oct 2000 22:24:56 -0700 (MST) Received: from usr09.primenet.com(206.165.6.209) via SMTP by smtp04.primenet.com, id smtpdAAAj9a4GQ; Tue Oct 10 22:24:45 2000 Received: (from tlambert@localhost) by usr09.primenet.com (8.8.5/8.8.5) id WAA10938; Tue, 10 Oct 2000 22:27:32 -0700 (MST) From: Terry Lambert Message-Id: <200010110527.WAA10938@usr09.primenet.com> Subject: Re: cvs commit: src/etc inetd.conf To: mbendiks@eunet.no (Marius Bendiksen) Date: Wed, 11 Oct 2000 05:27:31 +0000 (GMT) Cc: dillon@earth.backplane.com (Matt Dillon), arch@FreeBSD.ORG In-Reply-To: from "Marius Bendiksen" at Oct 11, 2000 02:06:17 AM X-Mailer: ELM [version 2.5 PL2] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > isn't poked full of holes when someone turns inetd on without looking > > at inetd.conf. I can't imagine why anyone would do that, I guess > > "If someone points a gun at their foot, and pull the trigger, it is Unix' > task to reliably deliver the bullet to it's intended target." - phk, iirc. That was actually me; you left off ": in this case, Mr. Foot". I like the idea of an "anal" package, though... Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Oct 10 22:47:44 2000 Delivered-To: freebsd-arch@freebsd.org Received: from smtp04.primenet.com (smtp04.primenet.com [206.165.6.134]) by hub.freebsd.org (Postfix) with ESMTP id 5E5E037B502 for ; Tue, 10 Oct 2000 22:47:43 -0700 (PDT) Received: (from daemon@localhost) by smtp04.primenet.com (8.9.3/8.9.3) id WAA01473; Tue, 10 Oct 2000 22:44:50 -0700 (MST) Received: from usr09.primenet.com(206.165.6.209) via SMTP by smtp04.primenet.com, id smtpdAAAwgaOTc; Tue Oct 10 22:44:42 2000 Received: (from tlambert@localhost) by usr09.primenet.com (8.8.5/8.8.5) id WAA11724; Tue, 10 Oct 2000 22:47:27 -0700 (MST) From: Terry Lambert Message-Id: <200010110547.WAA11724@usr09.primenet.com> Subject: Re: cvs commit: src/etc inetd.conf To: tlambert@primenet.com (Terry Lambert) Date: Wed, 11 Oct 2000 05:47:27 +0000 (GMT) Cc: mbendiks@eunet.no (Marius Bendiksen), dillon@earth.backplane.com (Matt Dillon), arch@FreeBSD.ORG In-Reply-To: <200010110527.WAA10938@usr09.primenet.com> from "Terry Lambert" at Oct 11, 2000 05:27:31 AM X-Mailer: ELM [version 2.5 PL2] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > > isn't poked full of holes when someone turns inetd on without looking > > > at inetd.conf. I can't imagine why anyone would do that, I guess [ ... ] > I like the idea of an "anal" package, though... Specifically, it is exactly the sort of thing I would install _after_ I was sure everything was working in SSH-land, rather than relying on the "automatic" process not failing. People may want to consider that it is more security conscious to use an out-of-band mechanism to establish the key set, anyway. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Oct 11 12:41:34 2000 Delivered-To: freebsd-arch@freebsd.org Received: from earth.backplane.com (placeholder-dcat-1076843290.broadbandoffice.net [64.47.83.26]) by hub.freebsd.org (Postfix) with ESMTP id 6B1C737B71B for ; Wed, 11 Oct 2000 12:05:16 -0700 (PDT) Received: (from dillon@localhost) by earth.backplane.com (8.11.0/8.9.3) id e9BJ59X21786; Wed, 11 Oct 2000 12:05:09 -0700 (PDT) (envelope-from dillon) Date: Wed, 11 Oct 2000 12:05:09 -0700 (PDT) From: Matt Dillon Message-Id: <200010111905.e9BJ59X21786@earth.backplane.com> To: Marius Bendiksen Cc: arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf References: Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG : :> Nobody is saying we should remove these programs, only that they :> should not be turned on by default. They should be commented out :> in inetd.conf (like everything else in inetd.conf) so the machine : :Why not make them turned on by default, and make a package which makes :your system secureish? Such a package can be installed from the usual :sysinstall procedure. : :> isn't poked full of holes when someone turns inetd on without looking :> at inetd.conf. I can't imagine why anyone would do that, I guess : :"If someone points a gun at their foot, and pull the trigger, it is Unix' :task to reliably deliver the bullet to it's intended target." - phk, iirc. : :It should not be our task to cover for people in such a fashion. If they :are unable to secure the system by themselves, they can install such a :security port. If they fail to do even that, then they can use Windows :2000, which by most accounts is getting close to stableish. : :Marius There's being 'reasonable' and there's being 'unreasonable'. This type of argument doesn't wash when the reasonable thing to do, with the availability of ssh, is to make things 'reasonably secure' by default. You can't ask for more, but neither should you require less. The lowest common denominator is not telnet or ftp any more. -Matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Oct 11 12:42:36 2000 Delivered-To: freebsd-arch@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id F281637B80E for ; Wed, 11 Oct 2000 12:28:41 -0700 (PDT) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id PAA48676; Wed, 11 Oct 2000 15:28:24 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Wed, 11 Oct 2000 15:28:24 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Terry Lambert Cc: Marius Bendiksen , Matt Dillon , arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: <200010110547.WAA11724@usr09.primenet.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, 11 Oct 2000, Terry Lambert wrote: > > I like the idea of an "anal" package, though... > > Specifically, it is exactly the sort of thing I would install > _after_ I was sure everything was working in SSH-land, rather > than relying on the "automatic" process not failing. People > may want to consider that it is more security conscious to use > an out-of-band mechanism to establish the key set, anyway. I should clarify my position here: I'm not against tightening down the defaults, I'm against making it harder for headless systems to be configured due to tightening down the defaults in un-useful ways. I think the best answer to this is improved configurability: rather than simply disabling all services, provide some options (that can be scripted for headless installs) as to what is enabled and disabled by default. The easiest option is to provide a big great knob enabling and disabling inetd with a moderately useful set of things turned on in inetd.conf -- telnet, ftp, rlogin, etc. When asking the user if they want it enabled, be relatively specific in describing what it provides by default, noting that local configuration changes will be relevant. If inetd is disabled by default, that satisfies concerns about being safe out of the box (a concern I can sympathize with), and when the user chooses to enable it, they get a set of services with approximately the same security properties: flexible authentication, low levels of cryptographic protection when not used with Kerberos. If someone wants to build an automatic inetd.conf frobber (dcs had a libconf, I believe, that was capable of handling the backend of that process), great. You'll find, of course, that this closely resembles what we already have available. :-) Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Oct 11 13:38:54 2000 Delivered-To: freebsd-arch@freebsd.org Received: from critter.freebsd.dk (flutter.freebsd.dk [212.242.40.147]) by hub.freebsd.org (Postfix) with ESMTP id 2830237B66D for ; Wed, 11 Oct 2000 13:38:51 -0700 (PDT) Received: from critter (localhost [127.0.0.1]) by critter.freebsd.dk (8.11.0/8.9.3) with ESMTP id e9BK0NN88825; Wed, 11 Oct 2000 22:00:23 +0200 (CEST) (envelope-from phk@critter.freebsd.dk) To: Matt Dillon Cc: Marius Bendiksen , arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: Your message of "Wed, 11 Oct 2000 12:05:09 PDT." <200010111905.e9BJ59X21786@earth.backplane.com> Date: Wed, 11 Oct 2000 22:00:22 +0200 Message-ID: <88823.971294422@critter> From: Poul-Henning Kamp Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <200010111905.e9BJ59X21786@earth.backplane.com>, Matt Dillon writes: > There's being 'reasonable' and there's being 'unreasonable'. This > type of argument doesn't wash when the reasonable thing to do, with > the availability of ssh, is to make things 'reasonably secure' by > default. You can't ask for more, but neither should you require > less. The lowest common denominator is not telnet or ftp any more. Matt, we can make things very secure by default by not starting any network processes and no gettys. That way people are forced to boot single user first time and configure their system. While people like you seem to prefer such "perfect" solutions, others recognize that they just *might* harm our market acceptance. Suggest you switch to OpenBSD, I think they would be more supportive of your approach. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD coreteam member | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Oct 11 15: 5:24 2000 Delivered-To: freebsd-arch@freebsd.org Received: from earth.backplane.com (placeholder-dcat-1076843290.broadbandoffice.net [64.47.83.26]) by hub.freebsd.org (Postfix) with ESMTP id 53BFD37B502 for ; Wed, 11 Oct 2000 15:05:22 -0700 (PDT) Received: (from dillon@localhost) by earth.backplane.com (8.11.0/8.9.3) id e9BM2ns23441; Wed, 11 Oct 2000 15:02:49 -0700 (PDT) (envelope-from dillon) Date: Wed, 11 Oct 2000 15:02:49 -0700 (PDT) From: Matt Dillon Message-Id: <200010112202.e9BM2ns23441@earth.backplane.com> To: Poul-Henning Kamp Cc: Marius Bendiksen , arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf References: <88823.971294422@critter> Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG :In message <200010111905.e9BJ59X21786@earth.backplane.com>, Matt Dillon writes: : :> There's being 'reasonable' and there's being 'unreasonable'. This :> type of argument doesn't wash when the reasonable thing to do, with :> the availability of ssh, is to make things 'reasonably secure' by :> default. You can't ask for more, but neither should you require :> less. The lowest common denominator is not telnet or ftp any more. : :Matt, we can make things very secure by default by not starting any :network processes and no gettys. That way people are forced to boot :single user first time and configure their system. : :While people like you seem to prefer such "perfect" solutions, others :recognize that they just *might* harm our market acceptance. : :Suggest you switch to OpenBSD, I think they would be more supportive :of your approach. : :-- :Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 :phk@FreeBSD.ORG | TCP/IP since RFC 956 I really have to take exception to such an idiotic posting by Poul, whos seems to be trying to puts words in my mouth that I have not said... in fact, Poul knows very well that I am not advocating an OpenBSD-style position. He also knows very well that I am not the type of person to take such remarks sitting down. I never once said or intimated that we should force people to boot single user first time and configure their systems. I never once said or intimated that we should go to the extremes OpenBSD goes to. I've said one thing and one thing only: That SSH is now enough of a defacto standard that it obsoletes rlogind and telnetd. I will also add that today's network environment is a hell of a lot more hostile then the networking environment as of the time rlogind and telnetd were written. I believe, strongly, that ignoring the hostility of the network environment (whether you are installing rack mount boxes on a switched LAN or otherwise) and continuing to embrace, as a default means to configure a remote box, protocols that are not secure, is just plain stupid. I hold this position, but the position itself does NOT imply that I hold to always having to take the most extreme measures. Hence my comment in regards to ssh learning new host keys (and people saying 'yes' when ssh asks). I do not know a single person who pre-sets his known_hosts file by obtaining a host key through an alternative path. Not one. Why? Because while man-in-the-middle attacks are possible, the possibility of them happening for the very first connection made to some host is so remote that spending the extra time to get the key through another path is just that--- a waste of time. There is pragmatism, and there is sheer idiocy. A lot of people are using sheer idiocy (either to the extreme of justifying an unsecure login, or to the extreme of attempting to justify only supremely secure logins) to try to make their points in this forum. Well, I'm sorry... I'm a pragmatist. If you don't like, you can stuff it. -Matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Oct 11 15: 6:58 2000 Delivered-To: freebsd-arch@freebsd.org Received: from critter.freebsd.dk (flutter.freebsd.dk [212.242.40.147]) by hub.freebsd.org (Postfix) with ESMTP id AAABC37B502 for ; Wed, 11 Oct 2000 15:06:56 -0700 (PDT) Received: from critter (localhost [127.0.0.1]) by critter.freebsd.dk (8.11.0/8.9.3) with ESMTP id e9BM6qN89302; Thu, 12 Oct 2000 00:06:52 +0200 (CEST) (envelope-from phk@critter.freebsd.dk) To: Matt Dillon Cc: Marius Bendiksen , arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: Your message of "Wed, 11 Oct 2000 15:02:49 PDT." <200010112202.e9BM2ns23441@earth.backplane.com> Date: Thu, 12 Oct 2000 00:06:52 +0200 Message-ID: <89300.971302012@critter> From: Poul-Henning Kamp Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <200010112202.e9BM2ns23441@earth.backplane.com>, Matt Dillon writes: > I really have to take exception to such an idiotic posting by Poul, > whos seems to be trying to puts words in my mouth that I have not > said... in fact, Poul knows very well that I am not advocating an > OpenBSD-style position. He also knows very well that I am not the > type of person to take such remarks sitting down. What you are advocating is in fact a almost total word-for-word repetition of the OpenBSD policy. You can stand up or sit down as you please, I don't care. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD coreteam member | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Oct 11 15:36: 7 2000 Delivered-To: freebsd-arch@freebsd.org Received: from rucus.ru.ac.za (rucus.ru.ac.za [146.231.29.2]) by hub.freebsd.org (Postfix) with SMTP id 32A8637B502 for ; Wed, 11 Oct 2000 15:36:02 -0700 (PDT) Received: (qmail 64089 invoked by uid 1003); 11 Oct 2000 22:35:52 -0000 Date: Thu, 12 Oct 2000 00:35:52 +0200 From: Neil Blakey-Milner To: Matt Dillon Cc: Marius Bendiksen , arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf Message-ID: <20001012003552.A49482@mithrandr.moria.org> References: <200010111905.e9BJ59X21786@earth.backplane.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200010111905.e9BJ59X21786@earth.backplane.com>; from dillon@earth.backplane.com on Wed, Oct 11, 2000 at 12:05:09PM -0700 X-Operating-System: FreeBSD 4.1-STABLE i386 X-URL: http://mithrandr.moria.org/~nbm/ Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed 2000-10-11 (12:05), Matt Dillon wrote: > > : > :> Nobody is saying we should remove these programs, only that they > :> should not be turned on by default. They should be commented out > :> in inetd.conf (like everything else in inetd.conf) so the machine > : > :Why not make them turned on by default, and make a package which makes > :your system secureish? Such a package can be installed from the usual > :sysinstall procedure. > : > :> isn't poked full of holes when someone turns inetd on without looking > :> at inetd.conf. I can't imagine why anyone would do that, I guess > : > :"If someone points a gun at their foot, and pull the trigger, it is Unix' > :task to reliably deliver the bullet to it's intended target." - phk, iirc. > : > :It should not be our task to cover for people in such a fashion. If they > :are unable to secure the system by themselves, they can install such a > :security port. If they fail to do even that, then they can use Windows > :2000, which by most accounts is getting close to stableish. > : > :Marius > > There's being 'reasonable' and there's being 'unreasonable'. This > type of argument doesn't wash when the reasonable thing to do, with > the availability of ssh, is to make things 'reasonably secure' by > default. You can't ask for more, but neither should you require > less. The lowest common denominator is not telnet or ftp any more. Enough arguing. You can turn inetd off if you like. You can choose "High Security". Noone's suggesting changes to the system such that it will boot up with telnetd no matter what you choices you make in the system install (although I think we should remove that securelevel from "high security"). You have to choose a security setting anyway, so it's no extra work. You have to change permissions, build complex chroot or jail environments, and a whole bunch of other things before considering yourself highly secure, so changing one tickbox isn't going to kill you. Finding out that the "normal security" default comes without ftp and telnet will mean extra work for lots of people, though. It's reasonable to expect telnet is available if you choose "normal security", and ftp is probably also a reasonable assumption, I imagine. Beyond those, I don't think inetd requires to run anything by default, but I'm open to suggestions. The balance between security and user-friendliness is hard to keep, and whatever anyone might claim, we do need to cater at least a little bit for new users by default. This means not forcing them to choose "low security" and make their machine a sitting target just to make it easy for them to enable ftp and telnet. With regards rsh - it's use is most likely restricted to cases where people know they need it, and know they need to enable it in inetd. I doubt they'd particularly care if they had to remove a comment off it. Most new environments will probably use ssh, or rsh with extra Kerberos stuff which implies some knowledge and skill again, and having to set up Kerberos on the machine anyway (I don't think we have a way to customize that from sysinstall, do we?) Neil -- Neil Blakey-Milner nbm@mithrandr.moria.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Oct 11 15:44:12 2000 Delivered-To: freebsd-arch@freebsd.org Received: from fw.wintelcom.net (ns1.wintelcom.net [209.1.153.20]) by hub.freebsd.org (Postfix) with ESMTP id 2CE9A37B66C for ; Wed, 11 Oct 2000 15:44:10 -0700 (PDT) Received: (from bright@localhost) by fw.wintelcom.net (8.10.0/8.10.0) id e9BMg3C05085; Wed, 11 Oct 2000 15:42:03 -0700 (PDT) Date: Wed, 11 Oct 2000 15:42:03 -0700 From: Alfred Perlstein To: Matt Dillon Cc: Poul-Henning Kamp , Marius Bendiksen , arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf Message-ID: <20001011154203.S272@fw.wintelcom.net> References: <88823.971294422@critter> <200010112202.e9BM2ns23441@earth.backplane.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.4i In-Reply-To: <200010112202.e9BM2ns23441@earth.backplane.com>; from dillon@earth.backplane.com on Wed, Oct 11, 2000 at 03:02:49PM -0700 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG *gets out rusty garden shears* [snip snip snip] how about a nice big dialog box that asks the use to configure the relative secureness of the box with an explanation text: simple: The only external services configured will be telnet, ftp and sshd, if you need to log in as root be sure to add a user and make sure he is in the 'wheel' group. You should also understand that in todays enviorments what looks like your local lan can actually be part of a much larger switched topology and using insecure and unencrypted services such as telnet and ftp is illadvised. hardened: The only external service enabled is sshd, and you will NOT be able to log in as root, be sure to create a user and add him to the 'wheel' group. If you do not understand this, then you may want simple. 1990: All services on, all filesystems exported, '+ +' in /etc/rhosts, etc. (sunos 4.1.4 emulation enabled) (Of course I'm kidding about the last option, and you probably want to run this through a spell checker a couple of times). Someone actually making the patches to give users these choices would be a lot more prodecutive that going at each other's throats. So how about we drop the discussion until someone makes such patches available? thanks, -- -Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org] "I have the heart of a child; I keep it in a jar on my desk." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Oct 11 15:52:54 2000 Delivered-To: freebsd-arch@freebsd.org Received: from bmah-freebsd-0.cisco.com (bmah-freebsd-0.cisco.com [171.70.84.42]) by hub.freebsd.org (Postfix) with ESMTP id E047F37B502 for ; Wed, 11 Oct 2000 15:52:52 -0700 (PDT) Received: (from bmah@localhost) by bmah-freebsd-0.cisco.com (8.11.0/8.11.0) id e9BMqgl64284; Wed, 11 Oct 2000 15:52:42 -0700 (PDT) (envelope-from bmah) Message-Id: <200010112252.e9BMqgl64284@bmah-freebsd-0.cisco.com> X-Mailer: exmh version 2.2 06/23/2000 with nmh-1.0.4 To: Alfred Perlstein Cc: Matt Dillon , Poul-Henning Kamp , Marius Bendiksen , arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: <20001011154203.S272@fw.wintelcom.net> References: <88823.971294422@critter> <200010112202.e9BM2ns23441@earth.backplane.com> <20001011154203.S272@fw.wintelcom.net> Comments: In-reply-to Alfred Perlstein message dated "Wed, 11 Oct 2000 15:42:03 -0700." From: bmah@cisco.com (Bruce A. Mah) Reply-To: bmah@cisco.com X-Face: g~c`.{#4q0"(V*b#g[i~rXgm*w;:nMfz%_RZLma)UgGN&=j`5vXoU^@n5v4:OO)c["!w)nD/!!~e4Sj7LiT'6*wZ83454H""lb{CC%T37O!!'S$S&D}sem7I[A 2V%N&+ X-Image-Url: http://www.employees.org/~bmah/Images/bmah-cisco-small.gif X-Url: http://www.employees.org/~bmah/ Mime-Version: 1.0 Content-Type: multipart/signed; boundary="==_Exmh_-1443000366P"; micalg=pgp-sha1; protocol="application/pgp-signature" Content-Transfer-Encoding: 7bit Date: Wed, 11 Oct 2000 15:52:42 -0700 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG --==_Exmh_-1443000366P Content-Type: text/plain; charset=us-ascii If memory serves me right, Alfred Perlstein wrote: > how about a nice big dialog box that asks the use to configure the > relative secureness of the box with an explanation text: [snip snip] > Someone actually making the patches to give users these choices > would be a lot more prodecutive that going at each other's throats. > > So how about we drop the discussion until someone makes such patches > available? Ummm...isn't this what jkh's security profiles in sysinstall do? In both 4-stable and 5-current? Bruce. --==_Exmh_-1443000366P Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.3 (FreeBSD) Comment: Exmh version 2.2 06/23/2000 iD8DBQE55O862MoxcVugUsMRAh5zAJ9mteo5tjUYJyKZfmFZpyA0ON4vbwCdH4mM aq1OVL5ZULioVwlkuXclv/4= =cVjK -----END PGP SIGNATURE----- --==_Exmh_-1443000366P-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Oct 11 16: 8:59 2000 Delivered-To: freebsd-arch@freebsd.org Received: from fw.wintelcom.net (ns1.wintelcom.net [209.1.153.20]) by hub.freebsd.org (Postfix) with ESMTP id CBB7737B66D for ; Wed, 11 Oct 2000 16:08:55 -0700 (PDT) Received: (from bright@localhost) by fw.wintelcom.net (8.10.0/8.10.0) id e9BN65T05883; Wed, 11 Oct 2000 16:06:05 -0700 (PDT) Date: Wed, 11 Oct 2000 16:06:05 -0700 From: Alfred Perlstein To: "Bruce A. Mah" Cc: Matt Dillon , Poul-Henning Kamp , Marius Bendiksen , arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf Message-ID: <20001011160604.T272@fw.wintelcom.net> References: <88823.971294422@critter> <200010112202.e9BM2ns23441@earth.backplane.com> <20001011154203.S272@fw.wintelcom.net> <200010112252.e9BMqgl64284@bmah-freebsd-0.cisco.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.4i In-Reply-To: <200010112252.e9BMqgl64284@bmah-freebsd-0.cisco.com>; from bmah@cisco.com on Wed, Oct 11, 2000 at 03:52:42PM -0700 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG * Bruce A. Mah [001011 15:52] wrote: > If memory serves me right, Alfred Perlstein wrote: > > > how about a nice big dialog box that asks the use to configure the > > relative secureness of the box with an explanation text: > > [snip snip] > > > Someone actually making the patches to give users these choices > > would be a lot more prodecutive that going at each other's throats. > > > > So how about we drop the discussion until someone makes such patches > > available? > > Ummm...isn't this what jkh's security profiles in sysinstall do? In > both 4-stable and 5-current? Ok, well I just did an install of the Oct 4th 4.1.1 SNAP and never came across anything prominent enough to catch my attention, I'm not asking for or anything, but as someone hurrying through the 'custom' install, I didn't see squat. If it could be more prominetly asked then I don't see the point of continuing this discussion any further until patches are sent in. If Jordan catches this, I'm not flaming sysinstall, I'm flaming the people attacking each other when a much simpler compromise/solution is easily accomplished with a bit of elbow grease. thanks, -- -Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org] "I have the heart of a child; I keep it in a jar on my desk." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Oct 11 16:28: 0 2000 Delivered-To: freebsd-arch@freebsd.org Received: from mail.rpi.edu (mail.rpi.edu [128.113.100.7]) by hub.freebsd.org (Postfix) with ESMTP id B5EDA37B503 for ; Wed, 11 Oct 2000 16:27:57 -0700 (PDT) Received: from [128.113.24.47] (gilead.acs.rpi.edu [128.113.24.47]) by mail.rpi.edu (8.9.3/8.9.3) with ESMTP id TAA73338; Wed, 11 Oct 2000 19:25:20 -0400 Mime-Version: 1.0 X-Sender: drosih@mail.rpi.edu Message-Id: In-Reply-To: <89300.971302012@critter> References: <89300.971302012@critter> Date: Wed, 11 Oct 2000 19:25:20 -0400 To: Poul-Henning Kamp , Matt Dillon From: Garance A Drosihn Subject: Re: cvs commit: src/etc inetd.conf Cc: arch@FreeBSD.ORG Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG At 12:06 AM +0200 10/12/00, Poul-Henning Kamp wrote: >Matt Dillon writes: > > > I really have to take exception to such an idiotic posting > > by Poul, who seems to be trying to put words in my mouth > > that I have not said... in fact, Poul knows very well that > > I am not advocating an OpenBSD-style position. He also knows > > very well that I am not the type of person to take such > > remarks sitting down. > >What you are advocating is in fact a almost total word-for-word >repetition of the OpenBSD policy. > >You can stand up or sit down as you please, I don't care. Why are people (both sides) so worked up about this? It is clear we do NOT have universal agreement on disabling telnetd, so why can't we just pick some middle ground and do something "more secure" than what we have been doing, see how that works, and think about disabling telnetd by default in some later release? Why MUST we fight to the death about it right this minute? A few days ago I tried a proposal which seemed like a plausible idea to me. As near as I can tell, no one feels like even replying to that idea. Not to say "good idea", not to say "stupid idea, it doesn't go far enough". I am not among the people who have dug in their heels to fight, so apparently it wasn't interesting enough to comment on. I do not understand the vitriol in this thread. My guess is that this is now more about personality clashes instead of any reasoned debate by people using their brains. Everyone is pissing in everyone else's cereal, and the result is not very interesting. --- Garance Alistair Drosehn = gad@eclipse.acs.rpi.edu Senior Systems Programmer or drosih@rpi.edu Rensselaer Polytechnic Institute To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Oct 11 18: 1: 7 2000 Delivered-To: freebsd-arch@freebsd.org Received: from smtp02.primenet.com (smtp02.primenet.com [206.165.6.132]) by hub.freebsd.org (Postfix) with ESMTP id 3C82237B502 for ; Wed, 11 Oct 2000 18:01:06 -0700 (PDT) Received: (from daemon@localhost) by smtp02.primenet.com (8.9.3/8.9.3) id RAA04559; Wed, 11 Oct 2000 17:57:52 -0700 (MST) Received: from usr09.primenet.com(206.165.6.209) via SMTP by smtp02.primenet.com, id smtpdAAAjKaaMi; Wed Oct 11 17:57:29 2000 Received: (from tlambert@localhost) by usr09.primenet.com (8.8.5/8.8.5) id SAA11291; Wed, 11 Oct 2000 18:00:40 -0700 (MST) From: Terry Lambert Message-Id: <200010120100.SAA11291@usr09.primenet.com> Subject: Re: cvs commit: src/etc inetd.conf To: dillon@earth.backplane.com (Matt Dillon) Date: Thu, 12 Oct 2000 01:00:40 +0000 (GMT) Cc: mbendiks@eunet.no (Marius Bendiksen), arch@FreeBSD.ORG In-Reply-To: <200010111905.e9BJ59X21786@earth.backplane.com> from "Matt Dillon" at Oct 11, 2000 12:05:09 PM X-Mailer: ELM [version 2.5 PL2] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > :Why not make them turned on by default, and make a package which makes > :your system secureish? Such a package can be installed from the usual > :sysinstall procedure. > > There's being 'reasonable' and there's being 'unreasonable'. This > type of argument doesn't wash when the reasonable thing to do, with > the availability of ssh, is to make things 'reasonably secure' by > default. You can't ask for more, but neither should you require > less. The lowest common denominator is not telnet or ftp any more. I'd like to know where to get ssh for all of the boxes I have, and for which I currently have telnet and ftp available. I won't list all 12 of them here, unless you request it. Or is it just the boxes that you have which are important in the market, period? Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Oct 11 18: 3: 8 2000 Delivered-To: freebsd-arch@freebsd.org Received: from mail-relay.eunet.no (mail-relay.eunet.no [193.71.71.242]) by hub.freebsd.org (Postfix) with ESMTP id 4015937B502 for ; Wed, 11 Oct 2000 18:03:05 -0700 (PDT) Received: from login-1.eunet.no (login-1.eunet.no [193.75.110.2]) by mail-relay.eunet.no (8.9.3/8.9.3/GN) with ESMTP id DAA95995; Thu, 12 Oct 2000 03:02:58 +0200 (CEST) (envelope-from mbendiks@eunet.no) Received: from localhost (mbendiks@localhost) by login-1.eunet.no (8.9.3/8.8.8) with ESMTP id DAA57925; Thu, 12 Oct 2000 03:02:58 +0200 (CEST) (envelope-from mbendiks@eunet.no) X-Authentication-Warning: login-1.eunet.no: mbendiks owned process doing -bs Date: Thu, 12 Oct 2000 03:02:58 +0200 (CEST) From: Marius Bendiksen To: Terry Lambert Cc: Matt Dillon , arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: <200010110527.WAA10938@usr09.primenet.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > > isn't poked full of holes when someone turns inetd on without looking > > > at inetd.conf. I can't imagine why anyone would do that, I guess > > "If someone points a gun at their foot, and pull the trigger, it is Unix' > > task to reliably deliver the bullet to it's intended target." - phk, iirc. > That was actually me; you left off ": in this case, Mr. Foot". I stand corrected. > I like the idea of an "anal" package, though... Indeed. This is a very simple way to provide the security I hear people call out for, without changing what has worked for us so far. Our task is to provide our users with tools, not to do their job for them. There's also an element of false security here. Just like some people actually get less security than they used to because they buy a firewall and think that is the end of their problems, we are just building our own pyre here. Let's not make any claims that we cannot keep, like "secure out of the box for the past N years" or whatever. Marius To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Oct 11 18:10:26 2000 Delivered-To: freebsd-arch@freebsd.org Received: from smtp04.primenet.com (smtp04.primenet.com [206.165.6.134]) by hub.freebsd.org (Postfix) with ESMTP id E364037B502 for ; Wed, 11 Oct 2000 18:10:24 -0700 (PDT) Received: (from daemon@localhost) by smtp04.primenet.com (8.9.3/8.9.3) id SAA04748; Wed, 11 Oct 2000 18:07:34 -0700 (MST) Received: from usr09.primenet.com(206.165.6.209) via SMTP by smtp04.primenet.com, id smtpdAAAIiaicj; Wed Oct 11 18:07:21 2000 Received: (from tlambert@localhost) by usr09.primenet.com (8.8.5/8.8.5) id SAA11557; Wed, 11 Oct 2000 18:10:05 -0700 (MST) From: Terry Lambert Message-Id: <200010120110.SAA11557@usr09.primenet.com> Subject: Re: cvs commit: src/etc inetd.conf To: phk@critter.freebsd.dk (Poul-Henning Kamp) Date: Thu, 12 Oct 2000 01:10:05 +0000 (GMT) Cc: dillon@earth.backplane.com (Matt Dillon), mbendiks@eunet.no (Marius Bendiksen), arch@FreeBSD.ORG In-Reply-To: <88823.971294422@critter> from "Poul-Henning Kamp" at Oct 11, 2000 10:00:22 PM X-Mailer: ELM [version 2.5 PL2] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Matt, we can make things very secure by default by not starting any > network processes and no gettys. That way people are forced to boot > single user first time and configure their system. Poul, don't be ridiculous. We can get the same effect by marking / dirty and forcing them to manually fsck it before the OS will boot. A more elegant soloution would be to find out if the machine has APM 2.0 and an ATX power supply, and, if so, turn the power off; other than writing pattern data to the hard drive in an NSA approved method, to ensure against some usable data being left there and readable with an atomic force microscope because of seek hysteresis, you really can't get more secure than that. > While people like you seem to prefer such "perfect" solutions, others > recognize that they just *might* harm our market acceptance. There's always the anti-intrusion from the T.V. Ad in the first RoboCop movie, which shot out metal bands to ensure the intruder was going nowhere, and then electrocuted them. If your memory needs jogging, it was the 6000 SUX Ad, "Because BIG is Back In!". Fits real well with the SUV and jacked-up truck mania in Silicon Valley these days. We could call it "4.4 BSD SUX". Yeah, normally I'm not this ascerbic, but today was car repair day -- ALL day. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Oct 11 18:14:17 2000 Delivered-To: freebsd-arch@freebsd.org Received: from winston.osd.bsdi.com (winston.osd.bsdi.com [204.216.27.229]) by hub.freebsd.org (Postfix) with ESMTP id E6CA137B503 for ; Wed, 11 Oct 2000 18:14:15 -0700 (PDT) Received: from winston.osd.bsdi.com (jkh@localhost [127.0.0.1]) by winston.osd.bsdi.com (8.11.0/8.9.3) with ESMTP id e9C18kX15029; Wed, 11 Oct 2000 18:08:46 -0700 (PDT) (envelope-from jkh@winston.osd.bsdi.com) To: Alfred Perlstein Cc: Matt Dillon , Poul-Henning Kamp , Marius Bendiksen , arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: Message from Alfred Perlstein of "Wed, 11 Oct 2000 15:42:03 PDT." <20001011154203.S272@fw.wintelcom.net> Date: Wed, 11 Oct 2000 18:08:46 -0700 Message-ID: <15025.971312926@winston.osd.bsdi.com> From: Jordan Hubbard Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > *gets out rusty garden shears* > > [snip snip snip] > > how about a nice big dialog box that asks the use to configure the > relative secureness of the box with an explanation text: Have you actually looked at 4.1.1's install? If not, go do this first before coming back. - Jordan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Oct 11 18:14:30 2000 Delivered-To: freebsd-arch@freebsd.org Received: from dt051n37.san.rr.com (dt051n37.san.rr.com [204.210.32.55]) by hub.freebsd.org (Postfix) with ESMTP id 49D5237B502 for ; Wed, 11 Oct 2000 18:14:29 -0700 (PDT) Received: from slave (Studded@slave [10.0.0.1]) by dt051n37.san.rr.com (8.9.3/8.9.3) with ESMTP id SAA08798; Wed, 11 Oct 2000 18:14:27 -0700 (PDT) (envelope-from DougB@gorean.org) Date: Wed, 11 Oct 2000 18:14:27 -0700 (PDT) From: Doug Barton X-Sender: doug@dt051n37.san.rr.com To: Terry Lambert Cc: arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: <200010120100.SAA11291@usr09.primenet.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, 12 Oct 2000, Terry Lambert wrote: > I'd like to know where to get ssh for all of the boxes I > have, and for which I currently have telnet and ftp available. > > I won't list all 12 of them here, unless you request it. Actually, since the "How do I get an ssh client for ?" question comes up on -questions so often, it might be worth a FAQ entry. Someone probably knows of an ssh client for all/most of the platforms imaginable... Doug -- "The dead cannot be seduced." - Kai, "Lexx" Do YOU Yahoo!? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Oct 11 18:14:42 2000 Delivered-To: freebsd-arch@freebsd.org Received: from fw.wintelcom.net (ns1.wintelcom.net [209.1.153.20]) by hub.freebsd.org (Postfix) with ESMTP id 3AB5837B502 for ; Wed, 11 Oct 2000 18:14:40 -0700 (PDT) Received: (from bright@localhost) by fw.wintelcom.net (8.10.0/8.10.0) id e9C1D0a10498; Wed, 11 Oct 2000 18:13:00 -0700 (PDT) Date: Wed, 11 Oct 2000 18:13:00 -0700 From: Alfred Perlstein To: Jordan Hubbard Cc: Matt Dillon , Poul-Henning Kamp , Marius Bendiksen , arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf Message-ID: <20001011181300.Z272@fw.wintelcom.net> References: <15025.971312926@winston.osd.bsdi.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.4i In-Reply-To: <15025.971312926@winston.osd.bsdi.com>; from jkh@winston.osd.bsdi.com on Wed, Oct 11, 2000 at 06:08:46PM -0700 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG * Jordan Hubbard [001011 18:09] wrote: > > *gets out rusty garden shears* > > > > [snip snip snip] > > > > how about a nice big dialog box that asks the use to configure the > > relative secureness of the box with an explanation text: > > Have you actually looked at 4.1.1's install? If not, go do this > first before coming back. Yes, I run it yesterday, on 3 machines, I never noticed any dialog that popped up asking me about this. I chose 'custom' install. It may have been a menu item, but nothing as 'in your face' as the 'install ports?' question. Again, I'm not saying you have to or should make this fix, I'm just giving our gladiators here a more positive means of expressing creative energies. -- -Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org] "I have the heart of a child; I keep it in a jar on my desk." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Oct 11 18:28:29 2000 Delivered-To: freebsd-arch@freebsd.org Received: from winston.osd.bsdi.com (winston.osd.bsdi.com [204.216.27.229]) by hub.freebsd.org (Postfix) with ESMTP id 12E9237B502 for ; Wed, 11 Oct 2000 18:28:27 -0700 (PDT) Received: from winston.osd.bsdi.com (jkh@localhost [127.0.0.1]) by winston.osd.bsdi.com (8.11.0/8.9.3) with ESMTP id e9C1MuX15086; Wed, 11 Oct 2000 18:22:56 -0700 (PDT) (envelope-from jkh@winston.osd.bsdi.com) To: Alfred Perlstein Cc: "Bruce A. Mah" , Matt Dillon , Poul-Henning Kamp , Marius Bendiksen , arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: Message from Alfred Perlstein of "Wed, 11 Oct 2000 16:06:05 PDT." <20001011160604.T272@fw.wintelcom.net> Date: Wed, 11 Oct 2000 18:22:56 -0700 Message-ID: <15082.971313776@winston.osd.bsdi.com> From: Jordan Hubbard Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Ok, well I just did an install of the Oct 4th 4.1.1 SNAP and never > came across anything prominent enough to catch my attention, I'm > not asking for or anything, but as someone hurrying through > the 'custom' install, I didn't see squat. Don't use the custom install - it expects that you know exactly what you're doing and will visit one of the configuration menu items afterwards if you want to do anything "special." Go use the standard install and see what most everyone else sees. - Jordan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Oct 11 18:36:45 2000 Delivered-To: freebsd-arch@freebsd.org Received: from smtp04.primenet.com (smtp04.primenet.com [206.165.6.134]) by hub.freebsd.org (Postfix) with ESMTP id 8650637B502 for ; Wed, 11 Oct 2000 18:36:42 -0700 (PDT) Received: (from daemon@localhost) by smtp04.primenet.com (8.9.3/8.9.3) id SAA17509; Wed, 11 Oct 2000 18:33:51 -0700 (MST) Received: from usr09.primenet.com(206.165.6.209) via SMTP by smtp04.primenet.com, id smtpdAAAylaWcI; Wed Oct 11 18:33:42 2000 Received: (from tlambert@localhost) by usr09.primenet.com (8.8.5/8.8.5) id SAA12021; Wed, 11 Oct 2000 18:36:25 -0700 (MST) From: Terry Lambert Message-Id: <200010120136.SAA12021@usr09.primenet.com> Subject: Re: cvs commit: src/etc inetd.conf To: drosih@rpi.edu (Garance A Drosihn) Date: Thu, 12 Oct 2000 01:36:25 +0000 (GMT) Cc: phk@critter.freebsd.dk (Poul-Henning Kamp), dillon@earth.backplane.com (Matt Dillon), arch@FreeBSD.ORG In-Reply-To: from "Garance A Drosihn" at Oct 11, 2000 07:25:20 PM X-Mailer: ELM [version 2.5 PL2] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Why are people (both sides) so worked up about this? Because the people who want it locked down by default are trying to implicitly limit the rest of us to only installing "the right way" which is "the ways we do installs". They are also implicitly constraining the definition of "useful default system" to "the way we like to configure our systems". Understandably, people get upset when they are being limited or restrained, particularly if there are no really sound arguments for hard-wiring instead of soft-wiring, which, if hard-wired, would turn "unnecessary pain in the ass" into "impossible to not do our way; our way is right". So far, I have not seen one analysis that shows that ssh, as configured by default, and used to obtain root access via a network console, as the only console on an initially installed system, is any more secure from session replay, spoofing, or man-in-the-middle attacks. The only arguement in favor of such an approach is that it prevents casual sniffers from seeing the session contents. This is the old "security through obscurity" argument. It's all a matter of the amount of effort your opponent is going to throw at cracking the system: not a matter of whether or not the system is crackable. If they "own" the network on which you are trying to install, then you're sunk anyway, without a physical console to prevent network based session eavesdropping. --- As to "universal agreement", the suggestion put forth to have a "security package", or to use (putative) "security profiles" and make them more visible in the install process, have neither had one serious objection. The only thing I have heard that borders on an objection is the idea that there might be coding involved. I really have no problem with the "you want it, then you write the code to make it a non-default option" ("bell the cat") which has historically been the position of the FreeBSD project on controversial topics like this one. --- So, any objection to: The people who want it, write the code to make it an option that is off by default, so that the rest of the world who hates the idea can ignore it. ??? There's always the: Make it on by default later. Which is how most of these undesirable things sneak in under the radar. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Oct 11 18:53:17 2000 Delivered-To: freebsd-arch@freebsd.org Received: from winston.osd.bsdi.com (winston.osd.bsdi.com [204.216.27.229]) by hub.freebsd.org (Postfix) with ESMTP id 79C9937B502 for ; Wed, 11 Oct 2000 18:53:12 -0700 (PDT) Received: from winston.osd.bsdi.com (jkh@localhost [127.0.0.1]) by winston.osd.bsdi.com (8.11.0/8.9.3) with ESMTP id e9C1lhX15255; Wed, 11 Oct 2000 18:47:44 -0700 (PDT) (envelope-from jkh@winston.osd.bsdi.com) To: Alfred Perlstein Cc: Matt Dillon , Poul-Henning Kamp , Marius Bendiksen , arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: Message from Alfred Perlstein of "Wed, 11 Oct 2000 18:13:00 PDT." <20001011181300.Z272@fw.wintelcom.net> Date: Wed, 11 Oct 2000 18:47:43 -0700 Message-ID: <15251.971315263@winston.osd.bsdi.com> From: Jordan Hubbard Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Yes, I run it yesterday, on 3 machines, I never noticed any dialog > that popped up asking me about this. I chose 'custom' install. Again, don't do that. Custom means you know what you're doing. > It may have been a menu item, but nothing as 'in your face' as > the 'install ports?' question. If you chose custom, nothing goes in your face because the assumption is that you know what you're doing and will select such options *explicitly* through the post-configuration menus (where they do indeed exist if you look). Custom is for people who don't want anything in their face, they know exactly what they're doing and exactly what sysinstall is capable of at any given time. If people are getting that confused by this then I'll happily remove custom from the set of options and make all of you go through the Standard installation whether you like it or not. :-) - Jordan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Oct 11 19:50:42 2000 Delivered-To: freebsd-arch@freebsd.org Received: from mail.rpi.edu (mail.rpi.edu [128.113.100.7]) by hub.freebsd.org (Postfix) with ESMTP id AE16337B503 for ; Wed, 11 Oct 2000 19:50:39 -0700 (PDT) Received: from [128.113.24.47] (gilead.acs.rpi.edu [128.113.24.47]) by mail.rpi.edu (8.9.3/8.9.3) with ESMTP id WAA177454; Wed, 11 Oct 2000 22:50:31 -0400 Mime-Version: 1.0 X-Sender: drosih@mail.rpi.edu Message-Id: In-Reply-To: <15251.971315263@winston.osd.bsdi.com> References: <15251.971315263@winston.osd.bsdi.com> Date: Wed, 11 Oct 2000 22:50:29 -0400 To: Jordan Hubbard , Alfred Perlstein From: Garance A Drosihn Subject: Re: cvs commit: src/etc inetd.conf Cc: arch@FreeBSD.ORG Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Not that I want to be a pest, but let me try this proposal one more time. If someone could tell me what is bad about this proposal, I would like to hear it. Leave telnetd enabled, but have a dumb message printed every time someone logs into root while it is enabled. Just add a dumb check to /root/.cshrc. I don't do any csh scripting, but in bash it'd be something like: grep -qs '^telnet' /etc/inetd.conf if [ $? -eq 0 ] ; then echo "" echo "*** Note: telnetd is enabled in /etc/inetd.conf" echo "*** either comment it out of there, or" echo "*** delete this check in /root/.bashrc" echo "" fi Seems to me this avoids any problems with headless machines, or with the dialog appearing or not-appearing based on which type of installation is being done. (the exact wording of the message needs to be improved, of course). Note that I HAVE had freebsd installs where sshd did NOT work, so I don't buy the argument that "now that we have sshd, it will always work on all installs and therefore we can be 100% certain there will never ever be a need for telnetd immediately after doing an install". There's these things called "updates", and from time-to-time "updates" break things that otherwise work. Once a person gets far enough into an install that they manage to log into root, then they should have a pretty good idea if they want telnetd active. Also note that this CONTINUES to check for telnetd being enabled, which (imo) is a better idea than just disabling it by default. So, if we did this MASSIVE change, and left telnetd enabled by default, WHAT WOULD THE PROBLEM BE? --- Garance Alistair Drosehn = gad@eclipse.acs.rpi.edu Senior Systems Programmer or drosih@rpi.edu Rensselaer Polytechnic Institute To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Oct 11 20: 6:58 2000 Delivered-To: freebsd-arch@freebsd.org Received: from roaming.cacheboy.net (roaming.cacheboy.net [203.56.168.69]) by hub.freebsd.org (Postfix) with ESMTP id 0514C37B502 for ; Wed, 11 Oct 2000 20:06:56 -0700 (PDT) Received: (from adrian@localhost) by roaming.cacheboy.net (8.11.0/8.11.0) id e9C36sj14525 for freebsd-arch@freebsd.org; Thu, 12 Oct 2000 05:06:54 +0200 (CEST) (envelope-from adrian) Date: Thu, 12 Oct 2000 05:06:54 +0200 From: Adrian Chadd To: freebsd-arch@freebsd.org Subject: Re: cvs commit: src/etc inetd.conf Message-ID: <20001012050654.A14510@roaming.cacheboy.net> References: <15251.971315263@winston.osd.bsdi.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.4i In-Reply-To: ; from drosih@rpi.edu on Wed, Oct 11, 2000 at 10:50:29PM -0400 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, Oct 11, 2000, Garance A Drosihn wrote: [snip another interesting proposal] > Once a person gets far enough into an install that they manage > to log into root, then they should have a pretty good idea if > they want telnetd active. Also note that this CONTINUES to > check for telnetd being enabled, which (imo) is a better idea > than just disabling it by default. > > So, if we did this MASSIVE change, and left telnetd enabled by > default, WHAT WOULD THE PROBLEM BE? Paint. Adrian, who still doesn't see telnetd as a security hole, but cares not anymore. -- Adrian Chadd "The main reason Santa is so jolly is because he knows where all the bad girls live." -- Random IRC quote To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Oct 11 21: 4:36 2000 Delivered-To: freebsd-arch@freebsd.org Received: from palrel1.hp.com (palrel1.hp.com [156.153.255.242]) by hub.freebsd.org (Postfix) with ESMTP id B9AB437B502 for ; Wed, 11 Oct 2000 21:04:34 -0700 (PDT) Received: from adlmail.cup.hp.com (adlmail.cup.hp.com [15.0.100.30]) by palrel1.hp.com (Postfix) with ESMTP id 30061636; Wed, 11 Oct 2000 21:04:33 -0700 (PDT) Received: from cup.hp.com (p1000180.nsr.hp.com [15.109.0.180]) by adlmail.cup.hp.com (8.9.3 (PHNE_18546)/8.9.3 SMKit7.02) with ESMTP id VAA28123; Wed, 11 Oct 2000 21:04:32 -0700 (PDT) Message-ID: <39E5384C.4C3C0D53@cup.hp.com> Date: Wed, 11 Oct 2000 21:04:28 -0700 From: Marcel Moolenaar Organization: Hewlett-Packard X-Mailer: Mozilla 4.73 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Garance A Drosihn Cc: Jordan Hubbard , Alfred Perlstein , arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf References: <15251.971315263@winston.osd.bsdi.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Garance A Drosihn wrote: > > Leave telnetd enabled, but have a dumb message printed > every time someone logs into root while it is enabled. > Just add a dumb check to /root/.cshrc. I don't do any > csh scripting, but in bash it'd be something like: > > grep -qs '^telnet' /etc/inetd.conf > if [ $? -eq 0 ] ; then > echo "" > echo "*** Note: telnetd is enabled in /etc/inetd.conf" > echo "*** either comment it out of there, or" > echo "*** delete this check in /root/.bashrc" > echo "" > fi This message is targetted for an audience that doesn't know whether or not telnetd is enabled in inetd.conf. The contradiction is in the assumption that these people care about security. They don't; otherwise they would know whether telnetd was enabled or not. Therefore, the message is meaningless. -- Marcel Moolenaar mail: marcel@cup.hp.com / marcel@FreeBSD.org tel: (408) 447-4222 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Oct 11 21:10:31 2000 Delivered-To: freebsd-arch@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id 391DE37B66C for ; Wed, 11 Oct 2000 21:10:29 -0700 (PDT) Received: from billy-club.village.org (billy-club.village.org [10.0.0.3]) by rover.village.org (8.11.0/8.11.0) with ESMTP id e9C4ARi22155; Wed, 11 Oct 2000 22:10:27 -0600 (MDT) (envelope-from imp@billy-club.village.org) Received: from billy-club.village.org (localhost [127.0.0.1]) by billy-club.village.org (8.11.0/8.8.3) with ESMTP id e9C49pw12442; Wed, 11 Oct 2000 22:09:51 -0600 (MDT) Message-Id: <200010120409.e9C49pw12442@billy-club.village.org> To: Jordan Hubbard Subject: Re: cvs commit: src/etc inetd.conf Cc: arch@FreeBSD.ORG In-reply-to: Your message of "Wed, 11 Oct 2000 18:08:46 PDT." <15025.971312926@winston.osd.bsdi.com> References: <15025.971312926@winston.osd.bsdi.com> Date: Wed, 11 Oct 2000 22:09:51 -0600 From: Warner Losh Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <15025.971312926@winston.osd.bsdi.com> Jordan Hubbard writes: : Have you actually looked at 4.1.1's install? If not, go do this : first before coming back. We talked about this in the security officer meeting today. I think that we're going to leave things mostly status quo. We're going to keep the inetd switch in sysinstall and we are going to leave telnet on by default in inetd.conf until such time as someone comes up with an inetd.conf config module for sysinstall, or its successor. It is a fairly workable solution. We'd like to see more control over inetd.conf, but since it is easy to turn on/off in sysinstall, it is a good incremental improvement for now. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Oct 11 21:24:39 2000 Delivered-To: freebsd-arch@freebsd.org Received: from winston.osd.bsdi.com (winston.osd.bsdi.com [204.216.27.229]) by hub.freebsd.org (Postfix) with ESMTP id D0BC137B502 for ; Wed, 11 Oct 2000 21:24:37 -0700 (PDT) Received: from winston.osd.bsdi.com (jkh@localhost [127.0.0.1]) by winston.osd.bsdi.com (8.11.0/8.9.3) with ESMTP id e9C4OGX15884; Wed, 11 Oct 2000 21:24:17 -0700 (PDT) (envelope-from jkh@winston.osd.bsdi.com) To: Garance A Drosihn Cc: Alfred Perlstein , arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: Message from Garance A Drosihn of "Wed, 11 Oct 2000 22:50:29 EDT." Date: Wed, 11 Oct 2000 21:24:16 -0700 Message-ID: <15881.971324656@winston.osd.bsdi.com> From: Jordan Hubbard Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Not that I want to be a pest, but let me try this proposal > one more time. If someone could tell me what is bad about > this proposal, I would like to hear it. I think we've already solved this problem with the security profile mechanism (plus one more profile soon to be added), thanks. - Jordan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Oct 11 22:18:55 2000 Delivered-To: freebsd-arch@freebsd.org Received: from ns.yogotech.com (ns.yogotech.com [206.127.123.66]) by hub.freebsd.org (Postfix) with ESMTP id A76E037B502 for ; Wed, 11 Oct 2000 22:18:53 -0700 (PDT) Received: from nomad.yogotech.com (nomad.yogotech.com [206.127.123.131]) by ns.yogotech.com (8.9.3/8.9.3) with ESMTP id XAA26385; Wed, 11 Oct 2000 23:17:37 -0600 (MDT) (envelope-from nate@nomad.yogotech.com) Received: (from nate@localhost) by nomad.yogotech.com (8.8.8/8.8.8) id XAA26930; Wed, 11 Oct 2000 23:17:36 -0600 (MDT) (envelope-from nate) Date: Wed, 11 Oct 2000 23:17:36 -0600 (MDT) Message-Id: <200010120517.XAA26930@nomad.yogotech.com> From: Nate Williams MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit To: Warner Losh Cc: Jordan Hubbard , arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: <200010120409.e9C49pw12442@billy-club.village.org> References: <15025.971312926@winston.osd.bsdi.com> <200010120409.e9C49pw12442@billy-club.village.org> X-Mailer: VM 6.34 under 19.16 "Lille" XEmacs Lucid Reply-To: nate@yogotech.com (Nate Williams) Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > : Have you actually looked at 4.1.1's install? If not, go do this > : first before coming back. > > We talked about this in the security officer meeting today. I think > that we're going to leave things mostly status quo. We're going to > keep the inetd switch in sysinstall and we are going to leave telnet > on by default in inetd.conf until such time as someone comes up with > an inetd.conf config module for sysinstall, or its successor. Thank you! Nate To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Oct 11 22:56:20 2000 Delivered-To: freebsd-arch@freebsd.org Received: from sasami.jurai.net (sasami.jurai.net [63.67.141.99]) by hub.freebsd.org (Postfix) with ESMTP id 5178E37B503 for ; Wed, 11 Oct 2000 22:56:18 -0700 (PDT) Received: from localhost (winter@localhost) by sasami.jurai.net (8.9.3/8.8.7) with ESMTP id BAA11638; Thu, 12 Oct 2000 01:55:56 -0400 (EDT) Date: Thu, 12 Oct 2000 01:55:55 -0400 (EDT) From: "Matthew N. Dodd" To: Neil Blakey-Milner Cc: Matt Dillon , Marius Bendiksen , arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: <20001012003552.A49482@mithrandr.moria.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, 12 Oct 2000, Neil Blakey-Milner wrote: > Most new environments will probably use ssh, or rsh with extra > Kerberos stuff which implies some knowledge and skill again, and > having to set up Kerberos on the machine anyway (I don't think we have > a way to customize that from sysinstall, do we?) Until we have the ability to install local configuration packages that frob stuff in /etc and install krb5.conf, popping up a dialog asking for a kadmin password and creating a ticket file isn't going to work very well. Is there any reason all of this security stuff can't be relegated to a package? Seems like it would be much better than constantly hacking on sysinstall and the ability to have interactive packages does exist I believe. *shrug* I think this discussion fails to consider the ability of the average BOFH to ignore what everyone here thinks and just do stuff their own way. Optimize for the Linux and Windows weenies; they're the ones that are going to be dealing with the install procedure the most. -- | Matthew N. Dodd | '78 Datsun 280Z | '75 Volvo 164E | FreeBSD/NetBSD | | winter@jurai.net | 2 x '84 Volvo 245DL | ix86,sparc,pmax | | http://www.jurai.net/~winter | This Space For Rent | ISO8802.5 4ever | To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 2:19:34 2000 Delivered-To: freebsd-arch@freebsd.org Received: from sr14.nsw-remote.bigpond.net.au (sr14.nsw-remote.bigpond.net.au [24.192.3.29]) by hub.freebsd.org (Postfix) with ESMTP id CC30B37B503 for ; Thu, 12 Oct 2000 02:19:30 -0700 (PDT) Received: from areilly.bpc-users.org (CPE-144-132-245-92.nsw.bigpond.net.au [144.132.245.92]) by sr14.nsw-remote.bigpond.net.au (Pro-8.9.3/8.9.3) with SMTP id QAA08548 for ; Thu, 12 Oct 2000 16:57:04 +1100 (EDT) Received: (qmail 9272 invoked by uid 1000); 12 Oct 2000 05:57:02 -0000 From: "Andrew Reilly" Date: Thu, 12 Oct 2000 16:57:02 +1100 To: Doug Barton Cc: Terry Lambert , arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf Message-ID: <20001012165702.B9109@gurney.reilly.home> References: <200010120100.SAA11291@usr09.primenet.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from DougB@gorean.org on Wed, Oct 11, 2000 at 06:14:27PM -0700 X-Mutt-References: X-Mutt-Fcc: =sent-mail-mutt Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, Oct 11, 2000 at 06:14:27PM -0700, Doug Barton wrote: > On Thu, 12 Oct 2000, Terry Lambert wrote: > > > I'd like to know where to get ssh for all of the boxes I > > have, and for which I currently have telnet and ftp available. > > > > I won't list all 12 of them here, unless you request it. > > Actually, since the "How do I get an ssh client for > ?" question comes up on -questions so often, it might be worth a FAQ > entry. Someone probably knows of an ssh client for all/most of the > platforms imaginable... Well, there's mindterm, which is Java, can run as an applet, so should cover essentially everything that can run Netscape. There's the original Data Fellows ssh, and now OpenSSH that should run on anything that looks remotely like an ANSI-C/posix platform. Several free Win32 versions exist (I use TeraTermPro + TTSSH, which has nice integrated file transfer capabilities and does port redirection) and Data Fellows have a very nice commercial version that does essentially the same thing. Mac native: I don't know, sorry. Mindterm probably works. Besides: arguing that Windows does telnet out of the box isn't a terribly defensible position, because of the terrible compatability of their "ANSI"/VT100 emulator. I even use TeraTerm for telnet sometimes, just because you can actually run vi and mutt through it. So: what are we missing here? IBM MVS systems? Most of them could probably cope with the Java version these days. -- Andrew To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 2:28: 0 2000 Delivered-To: freebsd-arch@freebsd.org Received: from citusc17.usc.edu (citusc17.usc.edu [128.125.38.177]) by hub.freebsd.org (Postfix) with ESMTP id C18AC37B503 for ; Thu, 12 Oct 2000 02:27:58 -0700 (PDT) Received: (from kris@localhost) by citusc17.usc.edu (8.9.3/8.9.3) id CAA10489; Thu, 12 Oct 2000 02:27:45 -0700 (PDT) Date: Thu, 12 Oct 2000 02:27:45 -0700 From: Kris Kennaway To: "Matthew N. Dodd" Cc: Neil Blakey-Milner , Matt Dillon , Marius Bendiksen , arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf Message-ID: <20001012022745.A10462@citusc17.usc.edu> References: <20001012003552.A49482@mithrandr.moria.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from winter@jurai.net on Thu, Oct 12, 2000 at 01:55:55AM -0400 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, Oct 12, 2000 at 01:55:55AM -0400, Matthew N. Dodd wrote: > Is there any reason all of this security stuff can't be relegated to a > package? Seems like it would be much better than constantly hacking on > sysinstall and the ability to have interactive packages does exist I > believe. Interactive packages work poorly with sysinstall - they're displayed on another vty, and the user has no indication of this. It's becoming more and more of a problem as packages gain interactive security warnings/installation confirmations/license agreements/etc, for example. :-( Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 5:35:33 2000 Delivered-To: freebsd-arch@freebsd.org Received: from starbug.ugh.net.au (starbug.ugh.net.au [203.31.238.37]) by hub.freebsd.org (Postfix) with ESMTP id 9CC5837B66C for ; Thu, 12 Oct 2000 05:35:30 -0700 (PDT) Received: by starbug.ugh.net.au (Postfix, from userid 1000) id E3335A84A; Thu, 12 Oct 2000 23:35:27 +1100 (EST) Received: from localhost (localhost [127.0.0.1]) by starbug.ugh.net.au (Postfix) with ESMTP id DFF0E5457; Thu, 12 Oct 2000 22:35:27 +1000 (EST) Date: Thu, 12 Oct 2000 22:35:27 +1000 (EST) From: andrew@ugh.net.au To: Andrew Reilly Cc: arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: <20001012165702.B9109@gurney.reilly.home> Message-ID: X-WonK: *wibble* MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, 12 Oct 2000, Andrew Reilly wrote: > Mac native: I don't know, sorry. Mindterm probably works. There's NiftyTelnetSSH and MacSSH. I think data fellows make a commercial one as well. There may be more. MacOS X ships with openssh installed. Andrew To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 5:37:13 2000 Delivered-To: freebsd-arch@freebsd.org Received: from starbug.ugh.net.au (starbug.ugh.net.au [203.31.238.37]) by hub.freebsd.org (Postfix) with ESMTP id B922937B503 for ; Thu, 12 Oct 2000 05:37:10 -0700 (PDT) Received: by starbug.ugh.net.au (Postfix, from userid 1000) id 7111AA84A; Thu, 12 Oct 2000 23:37:11 +1100 (EST) Received: from localhost (localhost [127.0.0.1]) by starbug.ugh.net.au (Postfix) with ESMTP id 6F1CC5457 for ; Thu, 12 Oct 2000 22:37:11 +1000 (EST) Date: Thu, 12 Oct 2000 22:37:11 +1000 (EST) From: andrew@ugh.net.au Cc: arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: Message-ID: X-WonK: *wibble* MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Sorry that wasn't meant to go to the list. Andrew On Thu, 12 Oct 2000 andrew@ugh.net.au wrote: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 5:50: 6 2000 Delivered-To: freebsd-arch@freebsd.org Received: from mail.rpi.edu (mail.rpi.edu [128.113.100.7]) by hub.freebsd.org (Postfix) with ESMTP id C2CE137B503 for ; Thu, 12 Oct 2000 05:50:03 -0700 (PDT) Received: from [128.113.24.47] (gilead.acs.rpi.edu [128.113.24.47]) by mail.rpi.edu (8.9.3/8.9.3) with ESMTP id IAA316008; Thu, 12 Oct 2000 08:46:00 -0400 Mime-Version: 1.0 X-Sender: drosih@mail.rpi.edu Message-Id: In-Reply-To: <39E5384C.4C3C0D53@cup.hp.com> References: <15251.971315263@winston.osd.bsdi.com> <39E5384C.4C3C0D53@cup.hp.com> Date: Thu, 12 Oct 2000 08:45:59 -0400 To: Marcel Moolenaar From: Garance A Drosihn Subject: Re: cvs commit: src/etc inetd.conf Cc: Jordan Hubbard , Alfred Perlstein , arch@FreeBSD.ORG Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG At 9:04 PM -0700 10/11/00, Marcel Moolenaar wrote: >Garance A Drosihn wrote: > > Just add a dumb check to /root/.cshrc. I don't do any > > csh scripting, but in bash it'd be something like: > > > > grep -qs '^telnet' /etc/inetd.conf > > if [ $? -eq 0 ] ; then > > echo "" > > echo "*** Note: telnetd is enabled in /etc/inetd.conf" > > echo "*** either comment it out of there, or" > > echo "*** delete this check in /root/.bashrc" > > echo "" > > fi > >This message is targetted for an audience that doesn't know whether or >not telnetd is enabled in inetd.conf. The contradiction is in the >assumption that these people care about security. They don't; otherwise >they would know whether telnetd was enabled or not. Therefore, the >message is meaningless. As I explicitly mentioned in the paragraph after that code, "The text of the message needs to be improved, of course" --- Garance Alistair Drosehn = gad@eclipse.acs.rpi.edu Senior Systems Programmer or drosih@rpi.edu Rensselaer Polytechnic Institute To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 5:56:49 2000 Delivered-To: freebsd-arch@freebsd.org Received: from gw.nectar.com (gw.nectar.com [208.42.49.153]) by hub.freebsd.org (Postfix) with ESMTP id D3CC037B502 for ; Thu, 12 Oct 2000 05:56:47 -0700 (PDT) Received: from ophelia.nectar.com (ophelia.nectar.com [10.5.5.2]) by gw.nectar.com (Postfix) with ESMTP id A5D0019264; Thu, 12 Oct 2000 07:56:46 -0500 (CDT) Received: (from nectar@localhost) by ophelia.nectar.com (8.9.3/8.9.3) id HAA10204; Thu, 12 Oct 2000 07:58:40 -0500 (CDT) (envelope-from nectar@spawn.nectar.com) Date: Thu, 12 Oct 2000 07:58:40 -0500 From: "Jacques A. Vidrine" To: "Matthew N. Dodd" Cc: arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf Message-ID: <20001012075839.A10121@ophelia.nectar.com> References: <20001012003552.A49482@mithrandr.moria.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from winter@jurai.net on Thu, Oct 12, 2000 at 01:55:55AM -0400 X-Url: http://www.nectar.com/ Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, Oct 12, 2000 at 01:55:55AM -0400, Matthew N. Dodd wrote: > Until we have the ability to install local configuration packages that > frob stuff in /etc and install krb5.conf, FYI, Kerberos can get its configuration information from DNS. Well, at least current versions of MIT Kerberos and Heimdal. The Heimdal in our tree is quite stale. -- Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 7:46:31 2000 Delivered-To: freebsd-arch@freebsd.org Received: from point.osg.gov.bc.ca (point.osg.gov.bc.ca [142.32.102.44]) by hub.freebsd.org (Postfix) with ESMTP id 1DBFC37B502 for ; Thu, 12 Oct 2000 07:46:28 -0700 (PDT) Received: (from daemon@localhost) by point.osg.gov.bc.ca (8.8.7/8.8.8) id HAA25664; Thu, 12 Oct 2000 07:39:41 -0700 Received: from passer.osg.gov.bc.ca(142.32.110.29) via SMTP by point.osg.gov.bc.ca, id smtpda25662; Thu Oct 12 07:39:40 2000 Received: (from uucp@localhost) by passer.osg.gov.bc.ca (8.11.0/8.9.1) id e9CEdem39105; Thu, 12 Oct 2000 07:39:40 -0700 (PDT) Received: from cwsys9.cwsent.com(10.2.2.1), claiming to be "cwsys.cwsent.com" via SMTP by passer9.cwsent.com, id smtpdv39102; Thu Oct 12 07:38:55 2000 Received: (from uucp@localhost) by cwsys.cwsent.com (8.11.1/8.9.1) id e9CEcoT09283; Thu, 12 Oct 2000 07:38:50 -0700 (PDT) Message-Id: <200010121438.e9CEcoT09283@cwsys.cwsent.com> Received: from localhost.cwsent.com(127.0.0.1), claiming to be "cwsys" via SMTP by localhost.cwsent.com, id smtpdgL9279; Thu Oct 12 07:38:29 2000 X-Mailer: exmh version 2.1.1 10/15/1999 Reply-To: Cy Schubert - ITSD Open Systems Group From: Cy Schubert - ITSD Open Systems Group X-OS: FreeBSD 4.1.1-RELEASE X-Sender: cy To: Garance A Drosihn Cc: Poul-Henning Kamp , Matt Dillon , arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf In-reply-to: Your message of "Wed, 11 Oct 2000 19:25:20 EDT." Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Thu, 12 Oct 2000 07:38:28 -0700 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message , Garance A Drosihn writes: > At 12:06 AM +0200 10/12/00, Poul-Henning Kamp wrote: > >Matt Dillon writes: > > > > > I really have to take exception to such an idiotic posting > > > by Poul, who seems to be trying to put words in my mouth > > > that I have not said... in fact, Poul knows very well that > > > I am not advocating an OpenBSD-style position. He also knows > > > very well that I am not the type of person to take such > > > remarks sitting down. > > > >What you are advocating is in fact a almost total word-for-word > >repetition of the OpenBSD policy. > > > >You can stand up or sit down as you please, I don't care. > > Why are people (both sides) so worked up about this? > > It is clear we do NOT have universal agreement on disabling telnetd, > so why can't we just pick some middle ground and do something "more > secure" than what we have been doing, see how that works, and think > about disabling telnetd by default in some later release? Why MUST > we fight to the death about it right this minute? > > A few days ago I tried a proposal which seemed like a plausible > idea to me. As near as I can tell, no one feels like even > replying to that idea. Not to say "good idea", not to say > "stupid idea, it doesn't go far enough". I am not among the > people who have dug in their heels to fight, so apparently it > wasn't interesting enough to comment on. > > I do not understand the vitriol in this thread. My guess > is that this is now more about personality clashes instead of > any reasoned debate by people using their brains. Everyone > is pissing in everyone else's cereal, and the result is not > very interesting. We've had this argument about two weeks ago on -security and about three weeks ago on this list. No one is advocating removing any binaries. As discussed in this or one of the previous threads, if sysinstall asks a question before commencing with customisation, then there is no default, just a fork. Doesn't this satisfy both camps? I on the other hand do understand the vitriol in this thread. I've been there and I done that -- it doesn't work. Trust me, religious arguments like this can lead to divorce and divorce is very painful indeed. Divorce in any form, whether it be in personal life or in project life, it can be destructive to one's or a project's well being. I can see how stupid I appeared arguing for one extreme or another on these lists just by watching this argument from the sidelines. A good friend told me that the key to a good marriage (I see this project as a marriage) is compromise. The compromise I see is that we don't have to call it a default. It's just a fork in the road. One road leads to locked down the other takes the "open" path. Just two simple choices, neither being the default. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/DEC Team Internet: Cy.Schubert@osg.gov.bc.ca Open Systems Group, ITSD, ISTA Province of BC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 8:34:24 2000 Delivered-To: freebsd-arch@freebsd.org Received: from berserker.bsdi.com (berserker.twistedbit.com [199.79.183.1]) by hub.freebsd.org (Postfix) with ESMTP id 878FA37B503; Thu, 12 Oct 2000 08:34:19 -0700 (PDT) Received: from berserker.bsdi.com (cp@LOCALHOST [127.0.0.1]) by berserker.bsdi.com (8.9.3/8.9.3) with ESMTP id JAA16007; Thu, 12 Oct 2000 09:23:13 -0600 (MDT) Message-Id: <200010121523.JAA16007@berserker.bsdi.com> To: Alfred Perlstein Cc: Mike Smith , arch@freebsd.org Subject: Re: we need atomic_t In-reply-to: Your message of "Thu, 28 Sep 2000 11:39:09 PDT." <20000928113907.V7553@fw.wintelcom.net> From: Chuck Paterson Date: Thu, 12 Oct 2000 09:23:13 -0600 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG It seems to me that the problem with atomic_t is that there is no place in MI code where it is safe to use this because it doesn't have a guaranteed size. It seem like variables should be sized correctly by the person writing the code. The atomic would then do whatever is necessary to make the operation atomic. If this means acquiring and releasing a mutex then that is the right answer because the atomic op should not have been used in cases where there is another way to provide the protection. It seems like we might want atomic_32_t and all of its relatives. Something like struct { u_int32_t atom; } atomic_32_t; All the atomic operation would expect this and any place that accidently tried to operate on the data in an unsafe manner could be flagged at compile time. In the above scheme we might also not guarantee the size of the struct just the effective size of the atom. That way we could have extra storage for use by the atomic op code if needed. Chuck To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 9: 0:31 2000 Delivered-To: freebsd-arch@freebsd.org Received: from sanson.reyes.somos.net (freyes.static.inch.com [216.223.199.224]) by hub.freebsd.org (Postfix) with ESMTP id 4997037B502; Thu, 12 Oct 2000 09:00:27 -0700 (PDT) Received: from tomasa (tomasa.reyes.somos.net [10.0.0.11]) by sanson.reyes.somos.net (8.9.3/8.9.3) with SMTP id LAA44352; Thu, 12 Oct 2000 11:49:39 -0400 (EDT) (envelope-from fran@reyes.somos.net) Message-Id: <200010121549.LAA44352@sanson.reyes.somos.net> From: "Francisco Reyes" To: "Dag-Erling Smorgrav" , "Poul-Henning Kamp" Cc: "arch@FreeBSD.ORG" , "Jeroen Ruigrok van der Werven" , "Kris Kennaway" , "Matt Dillon" , "Robert Watson" , "Terry Lambert" , "Warner Losh" Date: Thu, 12 Oct 2000 11:55:54 -0400 Reply-To: "Francisco Reyes" X-Mailer: PMMail 2000 Professional (2.10.2010) For Windows 98 (4.10.2222) In-Reply-To: <72470.971194813@critter> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Subject: Re: cvs commit: src/etc inetd.conf Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, 10 Oct 2000 18:20:13 +0200, Poul-Henning Kamp wrote: >In message , Dag-Erling Smorgrav writes: >>Poul-Henning Kamp writes: >>> And as I pointed out earlier: having ssh doesn't help people who have >>> only a windows box to connect from. >> >>There are numerous ssh clients that run on Windows, and some of them >>are even not only free, but open-source as well (mindterm, for instance) > >I know, but I don't want to make the learning curve harder than >it need to be. Besides, it's not always possible to get permission >to install software on corporate windows machines. There is also the training involved. If a company has most/all the telnet/ftp boxes behind a firewall then for internal employees using ssh is added security but not as critical. francisco Moderator of the Corporate BSD list http://www.egroups.com/group/BSD_Corporate To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 9: 6:29 2000 Delivered-To: freebsd-arch@freebsd.org Received: from sanson.reyes.somos.net (freyes.static.inch.com [216.223.199.224]) by hub.freebsd.org (Postfix) with ESMTP id 28DF637B502; Thu, 12 Oct 2000 09:06:25 -0700 (PDT) Received: from tomasa (tomasa.reyes.somos.net [10.0.0.11]) by sanson.reyes.somos.net (8.9.3/8.9.3) with SMTP id LAA44376; Thu, 12 Oct 2000 11:55:56 -0400 (EDT) (envelope-from fran@reyes.somos.net) Message-Id: <200010121555.LAA44376@sanson.reyes.somos.net> From: "Francisco Reyes" To: "Matt Dillon" , "Poul-Henning Kamp" Cc: "arch@FreeBSD.ORG" , "Jeroen Ruigrok van der Werven" , "Kris Kennaway" , "Robert Watson" , "Terry Lambert" , "Warner Losh" Date: Thu, 12 Oct 2000 12:02:10 -0400 Reply-To: "Francisco Reyes" X-Mailer: PMMail 2000 Professional (2.10.2010) For Windows 98 (4.10.2222) In-Reply-To: <200010101620.e9AGKoo13270@earth.backplane.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Subject: Re: cvs commit: src/etc inetd.conf Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, 10 Oct 2000 09:20:50 -0700 (PDT), Matt Dillon wrote: >None of the arguments Jordan or Poul >are making make any sense to me. What they are saying to me is basically >that they aren't willing to require that joe sysop be bothered with >lifting just his little finger to configure a FreeBSD box. >-Matt That is one way to look at it, although not a very effective one. You are basically making assumptions about the level of competency of FreeBSD users. I think at best the intallation program should warn about having everything off or giving an option. You are also ignoring organizations which would be installing things behind a firewall and that may not gotten up to the automation level that you have achieved. For them all internal boxes don't need as much security, yet they would to come up with a custom install like you have. Furthermore, you are also ignoring the transition period between when a company has so few FreeBSD machines that they just install them all from scratch and the point where they have so many that they need to automate. Somewhere along those two extremes there needs to be some relief for the admins. Your suggestion basically is ignore those who don't have a clue. This is elitist and unproductive. francisco Moderator of the Corporate BSD list http://www.egroups.com/group/BSD_Corporate To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 9:41:10 2000 Delivered-To: freebsd-arch@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 3024F37B502; Thu, 12 Oct 2000 09:41:08 -0700 (PDT) Received: (from des@localhost) by flood.ping.uio.no (8.9.3/8.9.3) id SAA44480; Thu, 12 Oct 2000 18:39:16 +0200 (CEST) (envelope-from des@ofug.org) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Francisco Reyes" Cc: "Poul-Henning Kamp" , "arch@FreeBSD.ORG" , "Jeroen Ruigrok van der Werven" , "Kris Kennaway" , "Matt Dillon" , "Robert Watson" , "Terry Lambert" , "Warner Losh" Subject: Re: cvs commit: src/etc inetd.conf References: <200010121549.LAA44352@sanson.reyes.somos.net> From: Dag-Erling Smorgrav Date: 12 Oct 2000 18:39:15 +0200 In-Reply-To: "Francisco Reyes"'s message of "Thu, 12 Oct 2000 11:55:54 -0400" Message-ID: Lines: 6 User-Agent: Gnus/5.0802 (Gnus v5.8.2) Emacs/20.4 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Will you guys please drop this thread, or at least move it off -arch and take me off the Cc: list? DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 10:23:28 2000 Delivered-To: freebsd-arch@freebsd.org Received: from winston.osd.bsdi.com (winston.osd.bsdi.com [204.216.27.229]) by hub.freebsd.org (Postfix) with ESMTP id A509137B502 for ; Thu, 12 Oct 2000 10:23:25 -0700 (PDT) Received: from winston.osd.bsdi.com (jkh@localhost [127.0.0.1]) by winston.osd.bsdi.com (8.11.0/8.9.3) with ESMTP id e9CHKJA03968; Thu, 12 Oct 2000 10:20:19 -0700 (PDT) (envelope-from jkh@winston.osd.bsdi.com) To: Kris Kennaway Cc: "Matthew N. Dodd" , Neil Blakey-Milner , Matt Dillon , Marius Bendiksen , arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: Message from Kris Kennaway of "Thu, 12 Oct 2000 02:27:45 PDT." <20001012022745.A10462@citusc17.usc.edu> Date: Thu, 12 Oct 2000 10:20:19 -0700 Message-ID: <3965.971371219@winston.osd.bsdi.com> From: Jordan Hubbard Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Interactive packages work poorly with sysinstall - they're displayed > on another vty, and the user has no indication of this. It's even worse - because of the way the package is added (in "slave" mode), pkg_add's stdin is a pipe at that point. The user can't even properly interact with it if they switch VTYs and notice it there. :( - Jordan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 10:40:31 2000 Delivered-To: freebsd-arch@freebsd.org Received: from palrel1.hp.com (palrel1.hp.com [156.153.255.242]) by hub.freebsd.org (Postfix) with ESMTP id 157A437B66D for ; Thu, 12 Oct 2000 10:40:29 -0700 (PDT) Received: from adlmail.cup.hp.com (adlmail.cup.hp.com [15.0.100.30]) by palrel1.hp.com (Postfix) with ESMTP id 05B1B73; Thu, 12 Oct 2000 10:40:28 -0700 (PDT) Received: from cup.hp.com (gauss.cup.hp.com [15.28.97.152]) by adlmail.cup.hp.com (8.9.3 (PHNE_18546)/8.9.3 SMKit7.02) with ESMTP id KAA01300; Thu, 12 Oct 2000 10:40:27 -0700 (PDT) Message-ID: <39E5F78B.299628F6@cup.hp.com> Date: Thu, 12 Oct 2000 13:40:27 -0400 From: Marcel Moolenaar Organization: Hewlett-Packard X-Mailer: Mozilla 4.73 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Garance A Drosihn Cc: arch@FreeBSD.org Subject: Re: cvs commit: src/etc inetd.conf References: <15251.971315263@winston.osd.bsdi.com> <39E5384C.4C3C0D53@cup.hp.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Garance A Drosihn wrote: > > > > grep -qs '^telnet' /etc/inetd.conf > > > if [ $? -eq 0 ] ; then > > > echo "" > > > echo "*** Note: telnetd is enabled in /etc/inetd.conf" > > > echo "*** either comment it out of there, or" > > > echo "*** delete this check in /root/.bashrc" > > > echo "" > > > fi > > > >This message is targetted for an audience that doesn't know whether or > >not telnetd is enabled in inetd.conf. The contradiction is in the > >assumption that these people care about security. They don't; otherwise > >they would know whether telnetd was enabled or not. Therefore, the > >message is meaningless. > > As I explicitly mentioned in the paragraph after that code, > "The text of the message needs to be improved, of course" I don't think that rephrasing will change the root purpose of the message and therefore the usefulness of the message :-) In principle the idea is good. It just doesn't fit the unix philosofy, IMO. I for one would be insulted by it as I'm already insulted by most of the security related, well intended, highly unwanted and in your face notices that tell me things I already know or tell me things I don't care about. example: I installed ucd-snmp yesterday to try something out. I know it installed a daemon, because it tells me so (in this case I already knew before I typed make). I therefore immediately know that security, if I'd care in the first place, would be an issue. In this case I couldn't care less. What happens? I get a security notice... It took me 5 minutes to funnel my agression :-) -- Marcel Moolenaar mail: marcel@cup.hp.com / marcel@FreeBSD.org tel: (408) 447-4222 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 10:49:49 2000 Delivered-To: freebsd-arch@freebsd.org Received: from feral.com (feral.com [192.67.166.1]) by hub.freebsd.org (Postfix) with ESMTP id 145EC37B67A; Thu, 12 Oct 2000 10:49:47 -0700 (PDT) Received: from zeppo.feral.com (IDENT:mjacob@zeppo [192.67.166.71]) by feral.com (8.9.3/8.9.3) with ESMTP id KAA31716; Thu, 12 Oct 2000 10:37:40 -0700 Date: Thu, 12 Oct 2000 10:34:41 -0700 (PDT) From: Matthew Jacob Reply-To: mjacob@feral.com To: John Baldwin Cc: arch@FreeBSD.ORG Subject: when is it safe to call msleep? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I've been fooling around with the new lock stuff and trying to convert things over, and I called msleep with an initialized MTX_DEF lock held (on my pc164) during probes, but I got a panic: fatal kernel trap: trap entry = 0x2 (memory management fault) a0 = 0x0 a1 = 0x1 a2 = 0x0 pc = 0xfffffc000051d638 ra = 0xfffffc000051d630 curproc = 0xfffffc00005efe60 pid = 0, comm = swapper Stopped at mtx_exit_hard+0x118: ldq t1,0(s1) <0x0> db> t mtx_exit_hard() at mtx_exit_hard+0x118 msleep() at msleep+0x130 isp_mboxcmd() at isp_mboxcmd+0x284 isp_reset() at isp_reset+0xd80 isp_pci_attach() at isp_pci_attach+0x14dc device_probe_and_attach() at device_probe_and_attach+0xcc bus_generic_attach() at bus_generic_attach+0x28 device_probe_and_attach() at device_probe_and_attach+0xcc bus_generic_attach() at bus_generic_attach+0x28 device_probe_and_attach() at device_probe_and_attach+0xcc bus_generic_attach() at bus_generic_attach+0x28 cia_attach() at cia_attach+0x1f0 device_probe_and_attach() at device_probe_and_attach+0xcc root_bus_configure() at root_bus_configure+0x38 configure() at configure+0x40 mi_startup() at mi_startup+0xf4 locorestart() at locorestart+0x6c Eh? -matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 12:11:45 2000 Delivered-To: freebsd-arch@freebsd.org Received: from smtp04.primenet.com (smtp04.primenet.com [206.165.6.134]) by hub.freebsd.org (Postfix) with ESMTP id 651E437B502 for ; Thu, 12 Oct 2000 12:11:43 -0700 (PDT) Received: (from daemon@localhost) by smtp04.primenet.com (8.9.3/8.9.3) id MAA22066; Thu, 12 Oct 2000 12:08:52 -0700 (MST) Received: from usr09.primenet.com(206.165.6.209) via SMTP by smtp04.primenet.com, id smtpdAAAzTaO8Q; Thu Oct 12 12:08:44 2000 Received: (from tlambert@localhost) by usr09.primenet.com (8.8.5/8.8.5) id MAA03066; Thu, 12 Oct 2000 12:11:29 -0700 (MST) From: Terry Lambert Message-Id: <200010121911.MAA03066@usr09.primenet.com> Subject: Where can I get ssh? (redux) To: areilly@bigpond.net.au (Andrew Reilly) Date: Thu, 12 Oct 2000 19:11:29 +0000 (GMT) Cc: DougB@gorean.org (Doug Barton), tlambert@primenet.com (Terry Lambert), arch@FreeBSD.ORG In-Reply-To: <20001012165702.B9109@gurney.reilly.home> from "Andrew Reilly" at Oct 12, 2000 04:57:02 PM X-Mailer: ELM [version 2.5 PL2] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG [ ... moved to -chat ... ] > > > I'd like to know where to get ssh for all of the boxes I > > > have, and for which I currently have telnet and ftp available. > > > > Actually, since the "How do I get an ssh client for > > ?" question comes up on -questions so often, it might be worth a FAQ > > entry. Someone probably knows of an ssh client for all/most of the > > platforms imaginable... [ ... Netscape Java "platform" ... ] Note: has invalid threading assumptions for all but Solaris/Linux/MS. [ ... Data Fellows on ANSI-C/POSIX platforms ... ] [ ... Free Win32 versions of SSH ... ] [ ... No Mac version ... ] Note: See threading comment on Java, above; it appies to Macintosh, too. [ ... Windows doesn't have a good telnet client ...] Note: setenv TERM xterm ; resize > So: what are we missing here? IBM MVS systems? Most of them > could probably cope with the Java version these days. TCP/IP systems which I have with Telnet, with no ssh that I know of: Amiga running AmigaDOS Amiga running SVR3.2 TI 99/4A 640K PC DOS running KA9Q 512K PC DOS running CMU TCP/IP Commodore 64 Altos 286 Xenix Xenix 386 + Lachman TCP/IP Windows for WorkGroups 3.11 I have other systems that have no ssh, which I could probably port it to (no JVM version, though), but which I'm unwilling to do, since it would just support some other weenie who wanted to deprecate telnet for no provable security gain, other than security through obscurity on eavesdropping, which is no problem to do on a fully compromised network. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 12:39:50 2000 Delivered-To: freebsd-arch@freebsd.org Received: from smtp02.primenet.com (smtp02.primenet.com [206.165.6.132]) by hub.freebsd.org (Postfix) with ESMTP id 775C937B502; Thu, 12 Oct 2000 12:39:44 -0700 (PDT) Received: (from daemon@localhost) by smtp02.primenet.com (8.9.3/8.9.3) id MAA28301; Thu, 12 Oct 2000 12:36:26 -0700 (MST) Received: from usr09.primenet.com(206.165.6.209) via SMTP by smtp02.primenet.com, id smtpdAAAR6a4f3; Thu Oct 12 12:36:11 2000 Received: (from tlambert@localhost) by usr09.primenet.com (8.8.5/8.8.5) id MAA03665; Thu, 12 Oct 2000 12:39:23 -0700 (MST) From: Terry Lambert Message-Id: <200010121939.MAA03665@usr09.primenet.com> Subject: Re: we need atomic_t To: cp@bsdi.com (Chuck Paterson) Date: Thu, 12 Oct 2000 19:39:23 +0000 (GMT) Cc: bright@wintelcom.net (Alfred Perlstein), msmith@FreeBSD.ORG (Mike Smith), arch@FreeBSD.ORG In-Reply-To: <200010121523.JAA16007@berserker.bsdi.com> from "Chuck Paterson" at Oct 12, 2000 09:23:13 AM X-Mailer: ELM [version 2.5 PL2] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > It seems to me that the problem with atomic_t is that there > is no place in MI code where it is safe to use this because it > doesn't have a guaranteed size. Respectfully, relying on something being so large that it "will never overflow" is asking for trouble. Instead, the wrap boundary should be protected to allow wrapping, and we shouldn't give a damn about the size of atomic_t. The idea that it needs to be a counter in the first place is, well, pretty silly. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 13: 8: 8 2000 Delivered-To: freebsd-arch@freebsd.org Received: from berserker.bsdi.com (berserker.twistedbit.com [199.79.183.1]) by hub.freebsd.org (Postfix) with ESMTP id 5BB8137B502; Thu, 12 Oct 2000 13:08:06 -0700 (PDT) Received: from berserker.bsdi.com (cp@LOCALHOST [127.0.0.1]) by berserker.bsdi.com (8.9.3/8.9.3) with ESMTP id OAA18121; Thu, 12 Oct 2000 14:07:54 -0600 (MDT) Message-Id: <200010122007.OAA18121@berserker.bsdi.com> To: Terry Lambert Cc: bright@wintelcom.net (Alfred Perlstein), msmith@freebsd.org (Mike Smith), arch@freebsd.org Subject: Re: we need atomic_t In-reply-to: Your message of "Thu, 12 Oct 2000 19:39:23 -0000." <200010121939.MAA03665@usr09.primenet.com> From: Chuck Paterson Date: Thu, 12 Oct 2000 14:07:54 -0600 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Lets say its not a counter, but something that gets bits or'd into it. Seems that it better be big enough to hold the bit that is going to be or'd in? We have to worry about this today, I don't see this changing just because we declare it atomic. Chuck To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 14: 3:18 2000 Delivered-To: freebsd-arch@freebsd.org Received: from smtp04.primenet.com (smtp04.primenet.com [206.165.6.134]) by hub.freebsd.org (Postfix) with ESMTP id 891DF37B502; Thu, 12 Oct 2000 14:03:15 -0700 (PDT) Received: (from daemon@localhost) by smtp04.primenet.com (8.9.3/8.9.3) id OAA18260; Thu, 12 Oct 2000 14:00:23 -0700 (MST) Received: from usr07.primenet.com(206.165.6.207) via SMTP by smtp04.primenet.com, id smtpdAAAOraOCJ; Thu Oct 12 14:00:15 2000 Received: (from tlambert@localhost) by usr07.primenet.com (8.8.5/8.8.5) id OAA16802; Thu, 12 Oct 2000 14:02:56 -0700 (MST) From: Terry Lambert Message-Id: <200010122102.OAA16802@usr07.primenet.com> Subject: Re: we need atomic_t To: cp@bsdi.com (Chuck Paterson) Date: Thu, 12 Oct 2000 21:02:50 +0000 (GMT) Cc: tlambert@primenet.com (Terry Lambert), bright@wintelcom.net (Alfred Perlstein), msmith@freebsd.org (Mike Smith), arch@freebsd.org In-Reply-To: <200010122007.OAA18121@berserker.bsdi.com> from "Chuck Paterson" at Oct 12, 2000 02:07:54 PM X-Mailer: ELM [version 2.5 PL2] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Lets say its not a counter, but something that > gets bits or'd into it. Seems that it better be > big enough to hold the bit that is going to be or'd > in? We have to worry about this today, I don't see > this changing just because we declare it atomic. To heck with "atomic", now we are just complaining about the lack of foresight of the X3J11 committe in copping out on giving us sized types in the C language itself. I think if "it's big enough", there isn't a problem. You will never use something like this for hardware registers, since hardware registers are sized, so as long as you commit to either "at least 16 bits" or "at least 32 bits", it's not a problem: just only ever use 16 or 32 bits, and so what if some bits are "wasted", if all you care about is atomicity? Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 14:12:44 2000 Delivered-To: freebsd-arch@freebsd.org Received: from mail-relay.eunet.no (mail-relay.eunet.no [193.71.71.242]) by hub.freebsd.org (Postfix) with ESMTP id D474C37B502 for ; Thu, 12 Oct 2000 14:12:41 -0700 (PDT) Received: from login-1.eunet.no (login-1.eunet.no [193.75.110.2]) by mail-relay.eunet.no (8.9.3/8.9.3/GN) with ESMTP id XAA21189; Thu, 12 Oct 2000 23:12:40 +0200 (CEST) (envelope-from mbendiks@eunet.no) Received: from localhost (mbendiks@localhost) by login-1.eunet.no (8.9.3/8.8.8) with ESMTP id XAA64093; Thu, 12 Oct 2000 23:12:40 +0200 (CEST) (envelope-from mbendiks@eunet.no) X-Authentication-Warning: login-1.eunet.no: mbendiks owned process doing -bs Date: Thu, 12 Oct 2000 23:12:40 +0200 (CEST) From: Marius Bendiksen To: Garance A Drosihn Cc: arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > I do not understand the vitriol in this thread. My guess > is that this is now more about personality clashes instead of > any reasoned debate by people using their brains. Everyone > is pissing in everyone else's cereal, and the result is not > very interesting. Actually, it's a policy matter which is getting under my skin. For as long as I've used it, FreeBSD has been delivering tools, not policy. I have been very pleased with this, and have heard the same from most people I've talked to. The debate, for me at least, is not about telnetd, as such. It is about whether we are going to start shipping the system with policies, not just tools. If so, then I will simply downgrade to the old install scripts locally, and stop nagging. But in the mean time, I'd like to express a strict dislike with doing a mostly worthless alteration to the system, which has the added impact of being a policy decision. Marius To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 14:17:58 2000 Delivered-To: freebsd-arch@freebsd.org Received: from mail-relay.eunet.no (mail-relay.eunet.no [193.71.71.242]) by hub.freebsd.org (Postfix) with ESMTP id F2BCA37B503 for ; Thu, 12 Oct 2000 14:17:55 -0700 (PDT) Received: from login-1.eunet.no (login-1.eunet.no [193.75.110.2]) by mail-relay.eunet.no (8.9.3/8.9.3/GN) with ESMTP id XAA21499; Thu, 12 Oct 2000 23:17:54 +0200 (CEST) (envelope-from mbendiks@eunet.no) Received: from localhost (mbendiks@localhost) by login-1.eunet.no (8.9.3/8.8.8) with ESMTP id XAA64104; Thu, 12 Oct 2000 23:17:54 +0200 (CEST) (envelope-from mbendiks@eunet.no) X-Authentication-Warning: login-1.eunet.no: mbendiks owned process doing -bs Date: Thu, 12 Oct 2000 23:17:54 +0200 (CEST) From: Marius Bendiksen To: Terry Lambert Cc: arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: <200010120136.SAA12021@usr09.primenet.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG [snip] Well put. > So, any objection to: > > The people who want it, write the code to make it an > option that is off by default, so that the rest of > the world who hates the idea can ignore it. None whatsoever. This actually sounds like a good idea to me, and I'd like to see this discussion moving towards a way to do this, rather than a grand display of our varying POVs on this matter. Marius To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 14:23: 5 2000 Delivered-To: freebsd-arch@freebsd.org Received: from fw.wintelcom.net (ns1.wintelcom.net [209.1.153.20]) by hub.freebsd.org (Postfix) with ESMTP id 1685937B502; Thu, 12 Oct 2000 14:23:03 -0700 (PDT) Received: (from bright@localhost) by fw.wintelcom.net (8.10.0/8.10.0) id e9CLMv216894; Thu, 12 Oct 2000 14:22:57 -0700 (PDT) Date: Thu, 12 Oct 2000 14:22:57 -0700 From: Alfred Perlstein To: Terry Lambert Cc: Chuck Paterson , Mike Smith , arch@FreeBSD.ORG Subject: Re: we need atomic_t Message-ID: <20001012142257.S272@fw.wintelcom.net> References: <200010122007.OAA18121@berserker.bsdi.com> <200010122102.OAA16802@usr07.primenet.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.4i In-Reply-To: <200010122102.OAA16802@usr07.primenet.com>; from tlambert@primenet.com on Thu, Oct 12, 2000 at 09:02:50PM +0000 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG * Terry Lambert [001012 14:03] wrote: > > Lets say its not a counter, but something that > > gets bits or'd into it. Seems that it better be > > big enough to hold the bit that is going to be or'd > > in? We have to worry about this today, I don't see > > this changing just because we declare it atomic. > > To heck with "atomic", now we are just complaining about the > lack of foresight of the X3J11 committe in copping out on > giving us sized types in the C language itself. > > I think if "it's big enough", there isn't a problem. You > will never use something like this for hardware registers, > since hardware registers are sized, so as long as you commit > to either "at least 16 bits" or "at least 32 bits", it's not > a problem: just only ever use 16 or 32 bits, and so what if > some bits are "wasted", if all you care about is atomicity? My unspoken minimum precision was going to be 24 bits, for situations where that wasn't enough the idea was to provide a atomic64_t, but only if the demand was reasonable. -- -Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org] "I have the heart of a child; I keep it in a jar on my desk." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 14:24: 0 2000 Delivered-To: freebsd-arch@freebsd.org Received: from mail-relay.eunet.no (mail-relay.eunet.no [193.71.71.242]) by hub.freebsd.org (Postfix) with ESMTP id 9AD3037B502 for ; Thu, 12 Oct 2000 14:23:57 -0700 (PDT) Received: from login-1.eunet.no (login-1.eunet.no [193.75.110.2]) by mail-relay.eunet.no (8.9.3/8.9.3/GN) with ESMTP id XAA21767; Thu, 12 Oct 2000 23:23:56 +0200 (CEST) (envelope-from mbendiks@eunet.no) Received: from localhost (mbendiks@localhost) by login-1.eunet.no (8.9.3/8.8.8) with ESMTP id XAA64144; Thu, 12 Oct 2000 23:23:56 +0200 (CEST) (envelope-from mbendiks@eunet.no) X-Authentication-Warning: login-1.eunet.no: mbendiks owned process doing -bs Date: Thu, 12 Oct 2000 23:23:55 +0200 (CEST) From: Marius Bendiksen To: Alfred Perlstein Cc: arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: <20001011160604.T272@fw.wintelcom.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > If Jordan catches this, I'm not flaming sysinstall, I'm flaming > the people attacking each other when a much simpler compromise/solution > is easily accomplished with a bit of elbow grease. Not to be a pain in the ass or anything, but I think this grease belongs on the elbows of those that would oppose the status quo, not those who support it. This would be pretty much in thread with how everything else is done around here, hmm? Marius To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 14:28:31 2000 Delivered-To: freebsd-arch@freebsd.org Received: from fw.wintelcom.net (ns1.wintelcom.net [209.1.153.20]) by hub.freebsd.org (Postfix) with ESMTP id 7143937B503 for ; Thu, 12 Oct 2000 14:28:28 -0700 (PDT) Received: (from bright@localhost) by fw.wintelcom.net (8.10.0/8.10.0) id e9CLSQC17182; Thu, 12 Oct 2000 14:28:26 -0700 (PDT) Date: Thu, 12 Oct 2000 14:28:26 -0700 From: Alfred Perlstein To: Marius Bendiksen Cc: arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf Message-ID: <20001012142826.U272@fw.wintelcom.net> References: <20001011160604.T272@fw.wintelcom.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.4i In-Reply-To: ; from mbendiks@eunet.no on Thu, Oct 12, 2000 at 11:23:55PM +0200 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG * Marius Bendiksen [001012 14:24] wrote: > > If Jordan catches this, I'm not flaming sysinstall, I'm flaming > > the people attacking each other when a much simpler compromise/solution > > is easily accomplished with a bit of elbow grease. > > Not to be a pain in the ass or anything, but I think this grease belongs > on the elbows of those that would oppose the status quo, not those who > support it. This would be pretty much in thread with how everything else > is done around here, hmm? This is the last time I'm going to say it: "This was a suggestion for those wishing to change the default setup". I have no gripes about the current install, I hardly care. What I do care about is people spending half an hour to come up with the exact flame-bait needed to drive people insane when it would be much more useful to provide patches or keep quiet about the issue. Is there something about that you don't understand? -- -Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org] "I have the heart of a child; I keep it in a jar on my desk." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 14:29:19 2000 Delivered-To: freebsd-arch@freebsd.org Received: from mail-relay.eunet.no (mail-relay.eunet.no [193.71.71.242]) by hub.freebsd.org (Postfix) with ESMTP id 133F837B503 for ; Thu, 12 Oct 2000 14:29:14 -0700 (PDT) Received: from login-1.eunet.no (login-1.eunet.no [193.75.110.2]) by mail-relay.eunet.no (8.9.3/8.9.3/GN) with ESMTP id XAA22036; Thu, 12 Oct 2000 23:29:12 +0200 (CEST) (envelope-from mbendiks@eunet.no) Received: from localhost (mbendiks@localhost) by login-1.eunet.no (8.9.3/8.8.8) with ESMTP id XAA64161; Thu, 12 Oct 2000 23:29:12 +0200 (CEST) (envelope-from mbendiks@eunet.no) X-Authentication-Warning: login-1.eunet.no: mbendiks owned process doing -bs Date: Thu, 12 Oct 2000 23:29:12 +0200 (CEST) From: Marius Bendiksen To: Garance A Drosihn Cc: arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Not that I want to be a pest, but let me try this proposal > one more time. If someone could tell me what is bad about > this proposal, I would like to hear it. I'd certainly settle on this proposal. But I'd be far more happy to simply make a port to disable telentd and all that. If the shit has to hit the fan, I'd do it myself, just to support the status quo. Marius To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 14:33:18 2000 Delivered-To: freebsd-arch@freebsd.org Received: from mail-relay.eunet.no (mail-relay.eunet.no [193.71.71.242]) by hub.freebsd.org (Postfix) with ESMTP id 69A3F37B502 for ; Thu, 12 Oct 2000 14:33:14 -0700 (PDT) Received: from login-1.eunet.no (login-1.eunet.no [193.75.110.2]) by mail-relay.eunet.no (8.9.3/8.9.3/GN) with ESMTP id XAA22227; Thu, 12 Oct 2000 23:33:13 +0200 (CEST) (envelope-from mbendiks@eunet.no) Received: from localhost (mbendiks@localhost) by login-1.eunet.no (8.9.3/8.8.8) with ESMTP id XAA64172; Thu, 12 Oct 2000 23:33:12 +0200 (CEST) (envelope-from mbendiks@eunet.no) X-Authentication-Warning: login-1.eunet.no: mbendiks owned process doing -bs Date: Thu, 12 Oct 2000 23:33:12 +0200 (CEST) From: Marius Bendiksen To: Andrew Reilly Cc: arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf In-Reply-To: <20001012165702.B9109@gurney.reilly.home> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Besides: arguing that Windows does telnet out of the box > isn't a terribly defensible position, because of the terrible > compatability of their "ANSI"/VT100 emulator. I even use > TeraTerm for telnet sometimes, just because you can actually run > vi and mutt through it. Actually, "setenv TERM vt220" and resizing your window to lose the scrollbars will get you everything you need from standard win95 telnet. Windows 2000 telnet handles ansi/vt100 just fine with no trickery, and does kerberized telnet, IIRC. Marius To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 17:46:31 2000 Delivered-To: freebsd-arch@freebsd.org Received: from io.yi.org (h24-69-199-88.gv.shawcable.net [24.69.199.88]) by hub.freebsd.org (Postfix) with ESMTP id BB10337B502; Thu, 12 Oct 2000 17:46:27 -0700 (PDT) Received: from io.yi.org (localhost.gvcl1.bc.wave.home.com [127.0.0.1]) by io.yi.org (Postfix) with ESMTP id 978DFBA76; Thu, 12 Oct 2000 17:46:26 -0700 (PDT) X-Mailer: exmh version 2.1.1 10/15/1999 To: mjacob@feral.com Cc: John Baldwin , arch@FreeBSD.ORG Subject: Re: when is it safe to call msleep? In-Reply-To: Message from Matthew Jacob of "Thu, 12 Oct 2000 10:34:41 PDT." Mime-Version: 1.0 Content-Type: multipart/mixed ; boundary="==_Exmh_7696409280" Date: Thu, 12 Oct 2000 17:46:26 -0700 From: Jake Burkholder Message-Id: <20001013004626.978DFBA76@io.yi.org> Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG This is a multipart MIME message. --==_Exmh_7696409280 Content-Type: text/plain; charset=us-ascii > > I've been fooling around with the new lock stuff and trying to convert things > over, and I called msleep with an initialized MTX_DEF lock held (on my > pc164) during probes, but I got a panic: > Hmm. I don't know about the panic, but the releasing of the mutex is probably in the wrong place if its going to be called early in boot, when cold is true. Could you try this: Jake --==_Exmh_7696409280 Content-Type: text/plain ; name="tsleep.diff"; charset=us-ascii Content-Description: tsleep.diff Content-Disposition: attachment; filename="tsleep.diff" Index: kern_synch.c =================================================================== RCS file: /home/ncvs/src/sys/kern/kern_synch.c,v retrieving revision 1.101 diff -u -r1.101 kern_synch.c --- kern_synch.c 2000/10/06 02:20:20 1.101 +++ kern_synch.c 2000/10/13 00:20:30 @@ -436,15 +436,6 @@ WITNESS_SLEEP(0, mtx); mtx_enter(&sched_lock, MTX_SPIN); - if (mtx != NULL) { - KASSERT(mtx->mtx_recurse == 0, - ("sleeping on recursed mutex %s", mtx->mtx_description)); - WITNESS_SAVE(mtx, mtx); - mtx_exit(mtx, MTX_DEF | MTX_NOSWITCH); - if (priority & PDROP) - mtx = NULL; - } - s = splhigh(); if (cold || panicstr) { /* @@ -456,6 +447,15 @@ mtx_exit(&sched_lock, MTX_SPIN); splx(s); return (0); + } + + if (mtx != NULL) { + KASSERT(mtx->mtx_recurse == 0, + ("sleeping on recursed mutex %s", mtx->mtx_description)); + WITNESS_SAVE(mtx, mtx); + mtx_exit(mtx, MTX_DEF | MTX_NOSWITCH); + if (priority & PDROP) + mtx = NULL; } KASSERT(p != NULL, ("tsleep1")); --==_Exmh_7696409280-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 19:19:37 2000 Delivered-To: freebsd-arch@freebsd.org Received: from smtp04.primenet.com (smtp04.primenet.com [206.165.6.134]) by hub.freebsd.org (Postfix) with ESMTP id 2BD6337B502; Thu, 12 Oct 2000 19:19:35 -0700 (PDT) Received: (from daemon@localhost) by smtp04.primenet.com (8.9.3/8.9.3) id TAA27707; Thu, 12 Oct 2000 19:16:43 -0700 (MST) Received: from usr05.primenet.com(206.165.6.205) via SMTP by smtp04.primenet.com, id smtpdAAAUlaW.1; Thu Oct 12 19:16:35 2000 Received: (from tlambert@localhost) by usr05.primenet.com (8.8.5/8.8.5) id TAA03232; Thu, 12 Oct 2000 19:19:20 -0700 (MST) From: Terry Lambert Message-Id: <200010130219.TAA03232@usr05.primenet.com> Subject: Re: we need atomic_t To: bright@wintelcom.net (Alfred Perlstein) Date: Fri, 13 Oct 2000 02:19:20 +0000 (GMT) Cc: tlambert@primenet.com (Terry Lambert), cp@bsdi.com (Chuck Paterson), msmith@FreeBSD.ORG (Mike Smith), arch@FreeBSD.ORG In-Reply-To: <20001012142257.S272@fw.wintelcom.net> from "Alfred Perlstein" at Oct 12, 2000 02:22:57 PM X-Mailer: ELM [version 2.5 PL2] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG [ ... atomic_t ... ] > My unspoken minimum precision was going to be 24 bits, for situations > where that wasn't enough the idea was to provide a atomic64_t, but > only if the demand was reasonable. How would you handle this type on 386, 486, and Pentium machines, if somone used it in code? Or would its use be limited to 64 bit architectures, instead of limiting FreeBSD to 64 bit (or higher) architectures? Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 19:22:36 2000 Delivered-To: freebsd-arch@freebsd.org Received: from fw.wintelcom.net (ns1.wintelcom.net [209.1.153.20]) by hub.freebsd.org (Postfix) with ESMTP id A635937B502; Thu, 12 Oct 2000 19:22:34 -0700 (PDT) Received: (from bright@localhost) by fw.wintelcom.net (8.10.0/8.10.0) id e9D2MT426692; Thu, 12 Oct 2000 19:22:29 -0700 (PDT) Date: Thu, 12 Oct 2000 19:22:29 -0700 From: Alfred Perlstein To: Terry Lambert Cc: Chuck Paterson , Mike Smith , arch@FreeBSD.ORG Subject: Re: we need atomic_t Message-ID: <20001012192229.F272@fw.wintelcom.net> References: <20001012142257.S272@fw.wintelcom.net> <200010130219.TAA03232@usr05.primenet.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.4i In-Reply-To: <200010130219.TAA03232@usr05.primenet.com>; from tlambert@primenet.com on Fri, Oct 13, 2000 at 02:19:20AM +0000 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG * Terry Lambert [001012 19:19] wrote: > [ ... atomic_t ... ] > > > My unspoken minimum precision was going to be 24 bits, for situations > > where that wasn't enough the idea was to provide a atomic64_t, but > > only if the demand was reasonable. > > How would you handle this type on 386, 486, and Pentium machines, > if somone used it in code? Or would its use be limited to 64 bit > architectures, instead of limiting FreeBSD to 64 bit (or higher) > architectures? The reason for atomic_init/destroy is to intialize mutexes if they are needed on the arch. Basically atomic64_t on 32bit arches would be a struct with a 64bit value and a mutex to protect it. -- -Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org] "I have the heart of a child; I keep it in a jar on my desk." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 19:41:10 2000 Delivered-To: freebsd-arch@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id 6E0F737B66D for ; Thu, 12 Oct 2000 19:41:07 -0700 (PDT) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.11.0/8.11.0) with ESMTP id e9D2f3n27700; Thu, 12 Oct 2000 20:41:04 -0600 (MDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id UAA74634; Thu, 12 Oct 2000 20:41:03 -0600 (MDT) Message-Id: <200010130241.UAA74634@harmony.village.org> To: Alfred Perlstein Subject: Re: cvs commit: src/etc inetd.conf Cc: Marius Bendiksen , arch@FreeBSD.ORG In-reply-to: Your message of "Thu, 12 Oct 2000 14:28:26 PDT." <20001012142826.U272@fw.wintelcom.net> References: <20001012142826.U272@fw.wintelcom.net> <20001011160604.T272@fw.wintelcom.net> Date: Thu, 12 Oct 2000 20:41:02 -0600 From: Warner Losh Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Since it was people on the Security Officer team that wanted a change, and since we've since come to agreement that the current status quo wrt telnet is desirable, I think we're done with this discussion. Why do people keep taking pot shots when the final resolution has happened, and has been announced? To recapitulate: sysinstall will control inetd starting. telnet will remain enabled in inet.conf until such time as there's a tool that sysinstall, or its successor, can use to config things at install time. So if someone relaly wants things to change, then that person must produce a tool that will allow us to get past the sniping. Otherwise the status quo remains in force with the full support of the FreeBSD Security Officer Team. Yes, we are setting policy. However, the old system also set policy. there was a time when people shipped systems with "+ +" in /etc/hosts.equiv. Times change. There will come a day when telnet is no longer enabled by default and you have to do special things to enable it, just like today you have to do special things to enable the old "I trust everybody" behavior. Today isn't that day. You can call it policy and that we don't set policy, but that would be to ignore history. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 19:51:45 2000 Delivered-To: freebsd-arch@freebsd.org Received: from smtp05.primenet.com (smtp05.primenet.com [206.165.6.135]) by hub.freebsd.org (Postfix) with ESMTP id 1F2E637B502; Thu, 12 Oct 2000 19:51:43 -0700 (PDT) Received: (from daemon@localhost) by smtp05.primenet.com (8.9.3/8.9.3) id TAA27983; Thu, 12 Oct 2000 19:52:05 -0700 (MST) Received: from usr05.primenet.com(206.165.6.205) via SMTP by smtp05.primenet.com, id smtpdAAAxiaaF2; Thu Oct 12 19:51:57 2000 Received: (from tlambert@localhost) by usr05.primenet.com (8.8.5/8.8.5) id TAA03945; Thu, 12 Oct 2000 19:51:31 -0700 (MST) From: Terry Lambert Message-Id: <200010130251.TAA03945@usr05.primenet.com> Subject: Re: we need atomic_t To: bright@wintelcom.net (Alfred Perlstein) Date: Fri, 13 Oct 2000 02:51:31 +0000 (GMT) Cc: tlambert@primenet.com (Terry Lambert), cp@bsdi.com (Chuck Paterson), msmith@FreeBSD.ORG (Mike Smith), arch@FreeBSD.ORG In-Reply-To: <20001012192229.F272@fw.wintelcom.net> from "Alfred Perlstein" at Oct 12, 2000 07:22:29 PM X-Mailer: ELM [version 2.5 PL2] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > The reason for atomic_init/destroy is to intialize mutexes if they > are needed on the arch. Basically atomic64_t on 32bit arches would > be a struct with a 64bit value and a mutex to protect it. Tee hee hee. How do I initialize the mutex that protects the mutex? I think it's time to learn from the POSIX threads mutex implementation, wherein it is impossible to statically initialize a mutex, and to obtain that appearance, you have to trick the loader into doing the work using the section which is used for the construction of virtual base classes in C++ (see my modifications to the STL, as applied to the Moscow Center for Supercomuting Activites STL, which is the most up to date STL available). Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 20: 1:41 2000 Delivered-To: freebsd-arch@freebsd.org Received: from citusc17.usc.edu (citusc17.usc.edu [128.125.38.177]) by hub.freebsd.org (Postfix) with ESMTP id 9D49737B502 for ; Thu, 12 Oct 2000 20:01:39 -0700 (PDT) Received: (from kris@localhost) by citusc17.usc.edu (8.9.3/8.9.3) id TAA18525; Thu, 12 Oct 2000 19:59:43 -0700 (PDT) Date: Thu, 12 Oct 2000 19:59:42 -0700 From: Kris Kennaway To: Marcel Moolenaar Cc: Garance A Drosihn , arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf Message-ID: <20001012195942.A18090@citusc17.usc.edu> References: <15251.971315263@winston.osd.bsdi.com> <39E5384C.4C3C0D53@cup.hp.com> <39E5F78B.299628F6@cup.hp.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <39E5F78B.299628F6@cup.hp.com>; from marcel@cup.hp.com on Thu, Oct 12, 2000 at 01:40:27PM -0400 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, Oct 12, 2000 at 01:40:27PM -0400, Marcel Moolenaar wrote: > I installed ucd-snmp yesterday to try something out. I know it installed > a daemon, because it tells me so (in this case I already knew before I > typed make). I therefore immediately know that security, if I'd care in > the first place, would be an issue. In this case I couldn't care less. > What happens? I get a security notice... It took me 5 minutes to funnel > my agression :-) Code to read user's mind about whether they know the security implications of a port gratefully accepted. Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 20:32:34 2000 Delivered-To: freebsd-arch@freebsd.org Received: from mailman.zeta.org.au (mailman.zeta.org.au [203.26.10.16]) by hub.freebsd.org (Postfix) with ESMTP id 7AC2137B66E; Thu, 12 Oct 2000 20:32:29 -0700 (PDT) Received: from bde.zeta.org.au (bde.zeta.org.au [203.2.228.102]) by mailman.zeta.org.au (8.8.7/8.8.7) with ESMTP id OAA21248; Fri, 13 Oct 2000 14:31:59 +1100 Date: Fri, 13 Oct 2000 14:31:54 +1100 (EST) From: Bruce Evans X-Sender: bde@besplex.bde.org To: Chuck Paterson Cc: Terry Lambert , Alfred Perlstein , Mike Smith , arch@FreeBSD.ORG Subject: Re: we need atomic_t In-Reply-To: <200010122007.OAA18121@berserker.bsdi.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, 12 Oct 2000, Chuck Paterson wrote: > Lets say its not a counter, but something that > gets bits or'd into it. Seems that it better be > big enough to hold the bit that is going to be or'd > in? We have to worry about this today, I don't see > this changing just because we declare it atomic. For most of the atomic shorts in vm, the correct replacement is atomic_uint_least16_t, (short should have been uint_least16_t before atomic stuff was implemented). Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 21:45: 3 2000 Delivered-To: freebsd-arch@freebsd.org Received: from magnesium.net (toxic.magnesium.net [207.154.84.15]) by hub.freebsd.org (Postfix) with SMTP id 847BA37B502 for ; Thu, 12 Oct 2000 21:44:58 -0700 (PDT) Received: (qmail 25149 invoked by uid 1142); 13 Oct 2000 04:44:57 -0000 Date: 12 Oct 2000 21:44:57 -0700 Date: Thu, 12 Oct 2000 21:44:46 -0700 From: Jason Evans To: Terry Lambert Cc: Alfred Perlstein , Chuck Paterson , Mike Smith , arch@FreeBSD.ORG Subject: Re: we need atomic_t Message-ID: <20001012214446.H11949@canonware.com> References: <20001012192229.F272@fw.wintelcom.net> <200010130251.TAA03945@usr05.primenet.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200010130251.TAA03945@usr05.primenet.com>; from tlambert@primenet.com on Fri, Oct 13, 2000 at 02:51:31AM +0000 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, Oct 13, 2000 at 02:51:31AM +0000, Terry Lambert wrote: > > The reason for atomic_init/destroy is to intialize mutexes if they > > are needed on the arch. Basically atomic64_t on 32bit arches would > > be a struct with a 64bit value and a mutex to protect it. > > Tee hee hee. > > How do I initialize the mutex that protects the mutex? > > I think it's time to learn from the POSIX threads mutex > implementation, wherein it is impossible to statically > initialize a mutex, and to obtain that appearance, you > have to trick the loader into doing the work using the > section which is used for the construction of virtual > base classes in C++ (see my modifications to the STL, as > applied to the Moscow Center for Supercomuting Activites > STL, which is the most up to date STL available). Here's one of Butenhof's example programs, which uses POSIX threads: ------------------------------------------------------------------------- /* * mutex_static.c * * Demonstrate static initialization of a mutex. */ #include /* * Declare a structure, with a mutex, statically initialized. This is the * same as using pthread_mutex_init, with the default attributes. */ typedef struct my_struct_tag { pthread_mutex_t mutex; /* Protects access to value */ int value; /* Access protected by mutex */ } my_struct_t; my_struct_t data = {PTHREAD_MUTEX_INITIALIZER, 0}; int main (int argc, char *argv[]) { return 0; } ------------------------------------------------------------------------- That looks like static mutex initialization to me. =) Jason To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Oct 12 23: 8:10 2000 Delivered-To: freebsd-arch@freebsd.org Received: from fw.wintelcom.net (ns1.wintelcom.net [209.1.153.20]) by hub.freebsd.org (Postfix) with ESMTP id 9B80837B503 for ; Thu, 12 Oct 2000 23:08:08 -0700 (PDT) Received: (from bright@localhost) by fw.wintelcom.net (8.10.0/8.10.0) id e9D687t02432; Thu, 12 Oct 2000 23:08:07 -0700 (PDT) Date: Thu, 12 Oct 2000 23:08:07 -0700 From: Alfred Perlstein To: Terry Lambert Cc: arch@FreeBSD.ORG Subject: Re: we need atomic_t Message-ID: <20001012230807.H272@fw.wintelcom.net> References: <20001012192229.F272@fw.wintelcom.net> <200010130251.TAA03945@usr05.primenet.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.4i In-Reply-To: <200010130251.TAA03945@usr05.primenet.com>; from tlambert@primenet.com on Fri, Oct 13, 2000 at 02:51:31AM +0000 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG * Terry Lambert [001012 19:51] wrote: > > The reason for atomic_init/destroy is to intialize mutexes if they > > are needed on the arch. Basically atomic64_t on 32bit arches would > > be a struct with a 64bit value and a mutex to protect it. > > Tee hee hee. > > How do I initialize the mutex that protects the mutex? > > I think it's time to learn from the POSIX threads mutex > implementation, wherein it is impossible to statically > initialize a mutex, and to obtain that appearance, you > have to trick the loader into doing the work using the > section which is used for the construction of virtual > base classes in C++ (see my modifications to the STL, as > applied to the Moscow Center for Supercomuting Activites > STL, which is the most up to date STL available). What's annoying me here is that everyone wants atomic_t to do all these amazing things for which i'm not presenting it for. All I want it for is: 1) refcounting in ucred 2) refcounting in mbuf 3) refcounting in uidinfo 4) providing at least 16 bits of atomically-or/and-able bits for certain flags structures that I may want to have atomic ops for. If anyone has a situation that atomic_t as presented here is unsuitable for then they are welcome to get off my back and make up some other magic type to address their problem. thanks, -Alfred To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Oct 13 2:16:38 2000 Delivered-To: freebsd-arch@freebsd.org Received: from smtp03.primenet.com (smtp03.primenet.com [206.165.6.133]) by hub.freebsd.org (Postfix) with ESMTP id BCCC237B502; Fri, 13 Oct 2000 02:16:36 -0700 (PDT) Received: (from daemon@localhost) by smtp03.primenet.com (8.9.3/8.9.3) id CAA02621; Fri, 13 Oct 2000 02:14:58 -0700 (MST) Received: from usr09.primenet.com(206.165.6.209) via SMTP by smtp03.primenet.com, id smtpdAAAcnaOff; Fri Oct 13 02:14:52 2000 Received: (from tlambert@localhost) by usr09.primenet.com (8.8.5/8.8.5) id CAA22883; Fri, 13 Oct 2000 02:16:21 -0700 (MST) From: Terry Lambert Message-Id: <200010130916.CAA22883@usr09.primenet.com> Subject: Re: we need atomic_t To: jasone@canonware.com (Jason Evans) Date: Fri, 13 Oct 2000 09:16:20 +0000 (GMT) Cc: tlambert@primenet.com (Terry Lambert), bright@wintelcom.net (Alfred Perlstein), cp@bsdi.com (Chuck Paterson), msmith@FreeBSD.ORG (Mike Smith), arch@FreeBSD.ORG In-Reply-To: <20001012214446.H11949@canonware.com> from "Jason Evans" at Oct 12, 2000 09:44:46 PM X-Mailer: ELM [version 2.5 PL2] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Here's one of Butenhof's example programs, which uses POSIX threads: [ ... technically illegal program that uses structure assignment ... ] That's still technically illegal, since it assumes that a mutex is merely a value in implementation, instead of potentially something that lives on a linked list which is tracked to ensure against deadlocks (for instance). For example, if you initialized a mutex as "held", the witness code wouldn't work without additional initialization. If that's the case (which it is), then really you have three choices. One is to use an initializer function, like the draft 4 POSIX stuff. A second is to throw out the witness code. The third is to make a postinitialization pass, and use it to further post-process all preinitialized mutexes onto the lists: this really begs the question of "if you have to call a function anyway, why not make the function do everything, and make the interface that much less cryptic?". I personally think that disallowing recursion, and keeping a "held mutex count" in a variable in the struct representing the holder (the proc, interrupt, trap, or kthread context) would be enough, along with asserts, to ensure against deadlocks. This would not prevent holding two mutex at the same time, but you would have to go out of your way to fudge the holder's count, so it could still be used for assertion. Of course, I still personally believe that a mutex is not the same thing as a semaphore or a lock, so that's just my opinion on how to make things safe. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Oct 13 2:26:49 2000 Delivered-To: freebsd-arch@freebsd.org Received: from smtp03.primenet.com (smtp03.primenet.com [206.165.6.133]) by hub.freebsd.org (Postfix) with ESMTP id D630337B502 for ; Fri, 13 Oct 2000 02:26:47 -0700 (PDT) Received: (from daemon@localhost) by smtp03.primenet.com (8.9.3/8.9.3) id CAA04043; Fri, 13 Oct 2000 02:25:11 -0700 (MST) Received: from usr09.primenet.com(206.165.6.209) via SMTP by smtp03.primenet.com, id smtpdAAAIJaW3h; Fri Oct 13 02:25:07 2000 Received: (from tlambert@localhost) by usr09.primenet.com (8.8.5/8.8.5) id CAA23043; Fri, 13 Oct 2000 02:26:41 -0700 (MST) From: Terry Lambert Message-Id: <200010130926.CAA23043@usr09.primenet.com> Subject: Re: we need atomic_t To: bright@wintelcom.net (Alfred Perlstein) Date: Fri, 13 Oct 2000 09:26:41 +0000 (GMT) Cc: tlambert@primenet.com (Terry Lambert), arch@FreeBSD.ORG In-Reply-To: <20001012230807.H272@fw.wintelcom.net> from "Alfred Perlstein" at Oct 12, 2000 11:08:07 PM X-Mailer: ELM [version 2.5 PL2] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > What's annoying me here is that everyone wants atomic_t to > do all these amazing things for which i'm not presenting it > for. All I want it for is: > > 1) refcounting in ucred > 2) refcounting in mbuf > 3) refcounting in uidinfo > 4) providing at least 16 bits of atomically-or/and-able bits for > certain flags structures that I may want to have atomic ops for. > > If anyone has a situation that atomic_t as presented here is > unsuitable for then they are welcome to get off my back and > make up some other magic type to address their problem. Why call it "atomic_t" instead of "long", then? Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Oct 13 2:34:45 2000 Delivered-To: freebsd-arch@freebsd.org Received: from netplex.com.au (adsl-64-163-195-99.dsl.snfc21.pacbell.net [64.163.195.99]) by hub.freebsd.org (Postfix) with ESMTP id 5E0FF37B502 for ; Fri, 13 Oct 2000 02:34:43 -0700 (PDT) Received: from netplex.com.au (peter@localhost [127.0.0.1]) by netplex.com.au (8.11.0/8.9.3) with ESMTP id e9D9YdG38096; Fri, 13 Oct 2000 02:34:39 -0700 (PDT) (envelope-from peter@netplex.com.au) Message-Id: <200010130934.e9D9YdG38096@netplex.com.au> X-Mailer: exmh version 2.1.1 10/15/1999 To: Terry Lambert Cc: bright@wintelcom.net (Alfred Perlstein), arch@FreeBSD.ORG Subject: Re: we need atomic_t In-Reply-To: <200010130926.CAA23043@usr09.primenet.com> Date: Fri, 13 Oct 2000 02:34:39 -0700 From: Peter Wemm Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Terry Lambert wrote: > > What's annoying me here is that everyone wants atomic_t to > > do all these amazing things for which i'm not presenting it > > for. All I want it for is: > > > > 1) refcounting in ucred > > 2) refcounting in mbuf > > 3) refcounting in uidinfo > > 4) providing at least 16 bits of atomically-or/and-able bits for > > certain flags structures that I may want to have atomic ops for. > > > > If anyone has a situation that atomic_t as presented here is > > unsuitable for then they are welcome to get off my back and > > make up some other magic type to address their problem. > > Why call it "atomic_t" instead of "long", then? Because certain arch'es that have a greater than zero probability of having a FreeBSD port cannot do atomic operations on entities larger than 24 bits. Therefore, atomic_add_long() etc cannot exist on that system, but atomic_t can. typedef struct { char atomic_lock; /* and padding */ u_int32_t value; } atomic_t; Linux has to do this to run on sparc, for example. Cheers, -Peter -- Peter Wemm - peter@FreeBSD.org; peter@yahoo-inc.com; peter@netplex.com.au "All of this is for nothing if we don't go to the stars" - JMS/B5 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Oct 13 2:44:44 2000 Delivered-To: freebsd-arch@freebsd.org Received: from smtp04.primenet.com (smtp04.primenet.com [206.165.6.134]) by hub.freebsd.org (Postfix) with ESMTP id 2BF1A37B502 for ; Fri, 13 Oct 2000 02:44:42 -0700 (PDT) Received: (from daemon@localhost) by smtp04.primenet.com (8.9.3/8.9.3) id CAA18424; Fri, 13 Oct 2000 02:41:49 -0700 (MST) Received: from usr09.primenet.com(206.165.6.209) via SMTP by smtp04.primenet.com, id smtpdAAAAHai6J; Fri Oct 13 02:41:47 2000 Received: (from tlambert@localhost) by usr09.primenet.com (8.8.5/8.8.5) id CAA23368; Fri, 13 Oct 2000 02:44:34 -0700 (MST) From: Terry Lambert Message-Id: <200010130944.CAA23368@usr09.primenet.com> Subject: Re: we need atomic_t To: peter@netplex.com.au (Peter Wemm) Date: Fri, 13 Oct 2000 09:44:34 +0000 (GMT) Cc: tlambert@primenet.com (Terry Lambert), bright@wintelcom.net (Alfred Perlstein), arch@FreeBSD.ORG In-Reply-To: <200010130934.e9D9YdG38096@netplex.com.au> from "Peter Wemm" at Oct 13, 2000 02:34:39 AM X-Mailer: ELM [version 2.5 PL2] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > Why call it "atomic_t" instead of "long", then? > > Because certain arch'es that have a greater than zero probability of having > a FreeBSD port cannot do atomic operations on entities larger than 24 bits. > Therefore, atomic_add_long() etc cannot exist on that system, but atomic_t > can. OK, OK; Alfred wanted only 16 bits. So I recant, and change the question to: "Why call it "atomic_t" instead of "uint16_t", then? Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Oct 13 5:17:44 2000 Delivered-To: freebsd-arch@freebsd.org Received: from point.osg.gov.bc.ca (point.osg.gov.bc.ca [142.32.102.44]) by hub.freebsd.org (Postfix) with ESMTP id 3798737B503 for ; Fri, 13 Oct 2000 05:17:42 -0700 (PDT) Received: (from daemon@localhost) by point.osg.gov.bc.ca (8.8.7/8.8.8) id FAA03564; Fri, 13 Oct 2000 05:17:31 -0700 Received: from passer.osg.gov.bc.ca(142.32.110.29) via SMTP by point.osg.gov.bc.ca, id smtpda03562; Fri Oct 13 05:17:16 2000 Received: (from uucp@localhost) by passer.osg.gov.bc.ca (8.11.0/8.9.1) id e9DCHEo05740; Fri, 13 Oct 2000 05:17:14 -0700 (PDT) Received: from cwsys9.cwsent.com(10.2.2.1), claiming to be "cwsys.cwsent.com" via SMTP by passer9.cwsent.com, id smtpdBN5732; Fri Oct 13 05:16:21 2000 Received: (from uucp@localhost) by cwsys.cwsent.com (8.11.1/8.9.1) id e9DCGGr13344; Fri, 13 Oct 2000 05:16:16 -0700 (PDT) Message-Id: <200010131216.e9DCGGr13344@cwsys.cwsent.com> Received: from localhost.cwsent.com(127.0.0.1), claiming to be "cwsys" via SMTP by localhost.cwsent.com, id smtpdY13337; Fri Oct 13 05:15:23 2000 X-Mailer: exmh version 2.1.1 10/15/1999 Reply-To: Cy Schubert - ITSD Open Systems Group From: Cy Schubert - ITSD Open Systems Group X-OS: FreeBSD 4.1.1-RELEASE X-Sender: cy To: "Andrew Reilly" Cc: Doug Barton , Terry Lambert , arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf In-reply-to: Your message of "Thu, 12 Oct 2000 16:57:02 +1100." <20001012165702.B9109@gurney.reilly.home> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Fri, 13 Oct 2000 05:15:23 -0700 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <20001012165702.B9109@gurney.reilly.home>, "Andrew Reilly" writes: > Besides: arguing that Windows does telnet out of the box > isn't a terribly defensible position, because of the terrible > compatability of their "ANSI"/VT100 emulator. I even use > TeraTerm for telnet sometimes, just because you can actually run > vi and mutt through it. I've had no problems using Windows telnet with UNIX systems or vi. Reduce the Windows telnet screen size from 25 lines to 24 and explicitly set TERM to vt100 (it's autodetected as ansi: eval `tset -Q -s -m ansi:vt100`) and you'll find that Windows telnet works well enough to do meaningful work with it. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/DEC Team Internet: Cy.Schubert@osg.gov.bc.ca Open Systems Group, ITSD, ISTA Province of BC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Oct 13 9:17: 7 2000 Delivered-To: freebsd-arch@freebsd.org Received: from nothing-going-on.demon.co.uk (unknown [194.128.198.234]) by hub.freebsd.org (Postfix) with ESMTP id 6D08C37B66C for ; Fri, 13 Oct 2000 09:17:04 -0700 (PDT) Received: (from nik@localhost) by nothing-going-on.demon.co.uk (8.11.0/8.11.0) id e9DGEqo21260; Fri, 13 Oct 2000 17:14:52 +0100 (BST) (envelope-from nik) Date: Fri, 13 Oct 2000 17:14:52 +0100 From: Nik Clayton To: Poul-Henning Kamp Cc: arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf Message-ID: <20001013171451.A21236@canyon.nothing-going-on.org> References: <20001010124352.A54458@dragon.nuxi.com> <73714.971208688@critter> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <73714.971208688@critter>; from phk@critter.freebsd.dk on Tue, Oct 10, 2000 at 10:11:28PM +0200 Organization: FreeBSD Project Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, Oct 10, 2000 at 10:11:28PM +0200, Poul-Henning Kamp wrote: > It's a real no-brainer to me... > > FreeBSD: Tools, not policies. Everybody keeps repeating this like a mantra, but it's ignoring the fact that somewhere you have to have a default policy. How about this. If they use the "Simple" (or whatever it's called) option in sysinstall, then they are presented with a [X] Enable telnet option at some point in the install process. If they use the other two install options, they get a [ ] Enable telnet option instead. I'll even provide the code if it'll shut people up. N -- Internet connection, $19.95 a month. Computer, $799.95. Modem, $149.95. Telephone line, $24.95 a month. Software, free. USENET transmission, hundreds if not thousands of dollars. Thinking before posting, priceless. Somethings in life you can't buy. For everything else, there's MasterCard. -- Graham Reed, in the Scary Devil Monastery To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Oct 13 9:51:34 2000 Delivered-To: freebsd-arch@freebsd.org Received: from mailout04.sul.t-online.com (mailout04.sul.t-online.com [194.25.134.18]) by hub.freebsd.org (Postfix) with ESMTP id 348D637B66D; Fri, 13 Oct 2000 09:51:31 -0700 (PDT) Received: from fmrl02.sul.t-online.de by mailout04.sul.t-online.com with smtp id 13k83N-0004Wo-05; Fri, 13 Oct 2000 18:51:29 +0200 Received: from neutron.cichlids.com (520050424122-0001@[62.225.194.75]) by fmrl02.sul.t-online.com with esmtp id 13k83M-01jnAeC; Fri, 13 Oct 2000 18:51:28 +0200 Received: from cichlids.cichlids.com (cichlids.cichlids.com [192.168.0.10]) by neutron.cichlids.com (Postfix) with ESMTP id 2CCDBAB9C; Fri, 13 Oct 2000 18:53:11 +0200 (CEST) Received: by cichlids.cichlids.com (Postfix, from userid 1001) id 372D014B29; Fri, 13 Oct 2000 18:51:20 +0200 (CEST) Date: Fri, 13 Oct 2000 18:51:20 +0200 To: Mike Smith Cc: Sue Wainer , Freebsd-Arch Subject: Re: Ethernet Device Driver Modules Message-ID: <20001013185120.A40611@cichlids.cichlids.com> References: <200010110421.e9B4LZh04292@mass.osd.bsdi.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200010110421.e9B4LZh04292@mass.osd.bsdi.com>; from msmith@FreeBSD.ORG on Tue, Oct 10, 2000 at 09:21:35PM -0700 X-PGP-Fingerprint: 44 28 CA 4C 46 5B D3 A8 A8 E3 BA F3 4E 60 7D 7F X-PGP-at: finger alex@big.endian.de X-Verwirrung: Dieser Header dient der allgemeinen Verwirrung. From: alex@big.endian.de (Alexander Langer) X-Sender: 520050424122-0001@t-dialin.net Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Thus spake Mike Smith (msmith@FreeBSD.ORG): > These examples are extremely old. Check any of the modules in sys/ > modules for better examples. Maxim Sobolev updated them recently (in -current only). JFYI ... Alex -- cat: /home/alex/.sig: No such file or directory To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Oct 13 10: 8:12 2000 Delivered-To: freebsd-arch@freebsd.org Received: from feral.com (feral.com [192.67.166.1]) by hub.freebsd.org (Postfix) with ESMTP id 4278337B502; Fri, 13 Oct 2000 10:08:10 -0700 (PDT) Received: from zeppo.feral.com (IDENT:mjacob@zeppo [192.67.166.71]) by feral.com (8.9.3/8.9.3) with ESMTP id KAA03301; Fri, 13 Oct 2000 10:08:09 -0700 Date: Fri, 13 Oct 2000 10:05:06 -0700 (PDT) From: Matthew Jacob Reply-To: mjacob@feral.com To: Jake Burkholder Cc: John Baldwin , arch@FreeBSD.ORG Subject: Re: when is it safe to call msleep? In-Reply-To: <20001013004626.978DFBA76@io.yi.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Well, no panics, but it made the i386 like the alpha (freezes up in the middle of probing) on my 2xPPro. -matt > > > > I've been fooling around with the new lock stuff and trying to convert things > > over, and I called msleep with an initialized MTX_DEF lock held (on my > > pc164) during probes, but I got a panic: > > > > Hmm. I don't know about the panic, but the releasing of the mutex > is probably in the wrong place if its going to be called early in > boot, when cold is true. > > Could you try this: > > > Jake > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Oct 13 10:33:59 2000 Delivered-To: freebsd-arch@freebsd.org Received: from palrel1.hp.com (palrel1.hp.com [156.153.255.242]) by hub.freebsd.org (Postfix) with ESMTP id D119237B66D for ; Fri, 13 Oct 2000 10:33:41 -0700 (PDT) Received: from adlmail.cup.hp.com (adlmail.cup.hp.com [15.0.100.30]) by palrel1.hp.com (Postfix) with ESMTP id C7DC7E94; Fri, 13 Oct 2000 10:33:40 -0700 (PDT) Received: from cup.hp.com (gauss.cup.hp.com [15.28.97.152]) by adlmail.cup.hp.com (8.9.3 (PHNE_18546)/8.9.3 SMKit7.02) with ESMTP id KAA03547; Fri, 13 Oct 2000 10:33:40 -0700 (PDT) Message-ID: <39E74774.E309DDE8@cup.hp.com> Date: Fri, 13 Oct 2000 13:33:40 -0400 From: Marcel Moolenaar Organization: Hewlett-Packard X-Mailer: Mozilla 4.73 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Kris Kennaway Cc: Garance A Drosihn , arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf References: <15251.971315263@winston.osd.bsdi.com> <39E5384C.4C3C0D53@cup.hp.com> <39E5F78B.299628F6@cup.hp.com> <20001012195942.A18090@citusc17.usc.edu> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Kris Kennaway wrote: > > > I installed ucd-snmp yesterday to try something out. I know it installed > > a daemon, because it tells me so (in this case I already knew before I > > typed make). I therefore immediately know that security, if I'd care in > > the first place, would be an issue. In this case I couldn't care less. > > What happens? I get a security notice... It took me 5 minutes to funnel > > my agression :-) > > Code to read user's mind about whether they know the security > implications of a port gratefully accepted. There's a much simpler solution. Assume the user knows what he/she is doing. If that isn't the case, then there's also no point in trying to teach the user about security issues in a 5 line notice. -- Marcel Moolenaar mail: marcel@cup.hp.com / marcel@FreeBSD.org tel: (408) 447-4222 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Oct 13 10:44:27 2000 Delivered-To: freebsd-arch@freebsd.org Received: from fw.wintelcom.net (ns1.wintelcom.net [209.1.153.20]) by hub.freebsd.org (Postfix) with ESMTP id A545137B503 for ; Fri, 13 Oct 2000 10:44:25 -0700 (PDT) Received: (from bright@localhost) by fw.wintelcom.net (8.10.0/8.10.0) id e9DHi5R19624; Fri, 13 Oct 2000 10:44:05 -0700 (PDT) Date: Fri, 13 Oct 2000 10:44:05 -0700 From: Alfred Perlstein To: Terry Lambert Cc: Peter Wemm , arch@FreeBSD.ORG Subject: Re: we need atomic_t Message-ID: <20001013104405.M272@fw.wintelcom.net> References: <200010130934.e9D9YdG38096@netplex.com.au> <200010130944.CAA23368@usr09.primenet.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.4i In-Reply-To: <200010130944.CAA23368@usr09.primenet.com>; from tlambert@primenet.com on Fri, Oct 13, 2000 at 09:44:34AM +0000 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG * Terry Lambert [001013 02:44] wrote: > > > Why call it "atomic_t" instead of "long", then? > > > > Because certain arch'es that have a greater than zero probability of having > > a FreeBSD port cannot do atomic operations on entities larger than 24 bits. > > Therefore, atomic_add_long() etc cannot exist on that system, but atomic_t > > can. > > OK, OK; Alfred wanted only 16 bits. So I recant, and change the > question to: > > "Why call it "atomic_t" instead of "uint16_t", then? Because by hiding it in a structure one can prevent people from doing direct assignments, and as I stated before, not all arches can support atomic ops, therefore they need to be a struct in order to encapsulate a mutex alongside the value. I think we're getting really off track here, when I have some time to breath and not just answer emails I'll be committing the code to realize this type so I can proceed with my mpsafe work. -Alfred To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Oct 13 11:16:32 2000 Delivered-To: freebsd-arch@freebsd.org Received: from pike.osd.bsdi.com (pike.osd.bsdi.com [204.216.28.222]) by hub.freebsd.org (Postfix) with ESMTP id 95C4D37B66C for ; Fri, 13 Oct 2000 11:16:30 -0700 (PDT) Received: from laptop.baldwin.cx (ether.osd.bsdi.com [204.216.28.196]) by pike.osd.bsdi.com (8.11.0/8.9.3) with ESMTP id e9DIFq517544; Fri, 13 Oct 2000 11:15:56 -0700 (PDT) (envelope-from jhb@FreeBSD.org) Message-ID: X-Mailer: XFMail 1.4.0 on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 In-Reply-To: Date: Fri, 13 Oct 2000 11:16:11 -0700 (PDT) From: John Baldwin To: Matthew Jacob Subject: Re: when is it safe to call msleep? Cc: arch@FreeBSD.org, Jake Burkholder Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On 13-Oct-00 Matthew Jacob wrote: > > Well, no panics, but it made the i386 like the alpha (freezes up in the > middle > of probing) on my 2xPPro. Actually, my guess is that what is happening is that during probes hardclock() isn't running yet, so we don't have process pre-emption that would cause the init process doing the actual probes to be switched back to. In effect, you have a run-to-completion scheduler at that point, so the init process won't get run again until all the outstanding interrupt threads have run all of their handlers, and if one of those handlers tries to busy-wait.... Moving the clock initialization earlier might fix this. Try moving SI_SUB_INIT_CLOCKS up before SI_SUB_DRIVERS. (We need the softinterrupts working for softclock to work, so I don't think we can put it before SI_SUB_SOFTINTR.) > -matt > > >> > >> > I've been fooling around with the new lock stuff and trying to convert >> > things >> > over, and I called msleep with an initialized MTX_DEF lock held (on my >> > pc164) during probes, but I got a panic: >> > >> >> Hmm. I don't know about the panic, but the releasing of the mutex >> is probably in the wrong place if its going to be called early in >> boot, when cold is true. >> >> Could you try this: >> >> >> Jake >> > -- John Baldwin -- http://www.FreeBSD.org/~jhb/ PGP Key: http://www.baldwin.cx/~john/pgpkey.asc "Power Users Use the Power to Serve!" - http://www.FreeBSD.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Oct 13 11:57: 5 2000 Delivered-To: freebsd-arch@freebsd.org Received: from rucus.ru.ac.za (rucus.ru.ac.za [146.231.29.2]) by hub.freebsd.org (Postfix) with SMTP id 328AD37B66F for ; Fri, 13 Oct 2000 11:57:00 -0700 (PDT) Received: (qmail 28155 invoked by uid 1003); 13 Oct 2000 18:56:56 -0000 Date: Fri, 13 Oct 2000 20:56:56 +0200 From: Neil Blakey-Milner To: Nik Clayton Cc: Poul-Henning Kamp , arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf Message-ID: <20001013205656.A22120@mithrandr.moria.org> References: <20001010124352.A54458@dragon.nuxi.com> <73714.971208688@critter> <20001013171451.A21236@canyon.nothing-going-on.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20001013171451.A21236@canyon.nothing-going-on.org>; from nik@freebsd.org on Fri, Oct 13, 2000 at 05:14:52PM +0100 X-Operating-System: FreeBSD 4.1-STABLE i386 X-URL: http://mithrandr.moria.org/~nbm/ Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri 2000-10-13 (17:14), Nik Clayton wrote: > On Tue, Oct 10, 2000 at 10:11:28PM +0200, Poul-Henning Kamp wrote: > > It's a real no-brainer to me... > > > > FreeBSD: Tools, not policies. > > Everybody keeps repeating this like a mantra, but it's ignoring the fact > that somewhere you have to have a default policy. > > How about this. If they use the "Simple" (or whatever it's called) option > in sysinstall, then they are presented with a > > [X] Enable telnet > > option at some point in the install process. > > If they use the other two install options, they get a > > [ ] Enable telnet > > option instead. > > I'll even provide the code if it'll shut people up. I believe that's already there, except it's called "inetd", not "telnet". Neil -- Neil Blakey-Milner nbm@mithrandr.moria.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Oct 13 12:39:29 2000 Delivered-To: freebsd-arch@freebsd.org Received: from feral.com (feral.com [192.67.166.1]) by hub.freebsd.org (Postfix) with ESMTP id 93E6137B502; Fri, 13 Oct 2000 12:39:25 -0700 (PDT) Received: from zeppo.feral.com (IDENT:mjacob@zeppo [192.67.166.71]) by feral.com (8.9.3/8.9.3) with ESMTP id MAA03995; Fri, 13 Oct 2000 12:39:25 -0700 Date: Fri, 13 Oct 2000 12:36:21 -0700 (PDT) From: Matthew Jacob Reply-To: mjacob@feral.com To: John Baldwin Cc: arch@FreeBSD.ORG, Jake Burkholder Subject: Re: when is it safe to call msleep? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hmm... yes... now I don't know why I thought that the switch to SMP would magically make all kernel services available during probetime... Sorry- I didn't do my homework. I'm not going to even try the suggestion you made- we still have all of the other stuff which needs to happen as well. What I was trying do to was to eliminate the need for polling in Qlogic driver. I have the mutex stuff ready to go, and didn't want to have to do any runtime switching. Instead, I'll now have to do (below)... too bad- most of the obnoxious time delay in booting with fibre channel has to do with dealing with mailbox commands that take a very long time to die and tell you that the fabric controller is dead. Zut. The assumption is, as it has been, that the intr_config_hook has to run to let me know that it's safe to use interrupt style mechanisms. -------- static INLINE void isp_mbox_wait_complete(struct ispsoftc *); static INLINE void isp_mbox_wait_complete(struct ispsoftc *isp) { if (isp_can_lock) { isp->isp_osinfo.mboxwaiting = 1; #if ISP_PLATFORM_VERSION_MAJOR > 5 || \ (ISP_PLATFORM_VERSION_MAJOR == 5 && ISP_PLATFORM_VERSION_MINOR >= 4) (void) msleep(&isp->isp_osinfo.mboxwaiting, &isp->isp_osinfo.lock, PRIBIO, "isp_mboxwaiting", 5 * hz); #else (void) tsleep(&isp->isp_osinfo.mboxwaiting, PRIBIO, "isp_mboxwaiting", 5 * hz); #endif if (isp->isp_mboxbsy != 0) { isp_prt(isp, ISP_LOGWARN, "mailbox timeout"); isp->isp_mboxbsy = 0; } isp->isp_osinfo.mboxwaiting = 0; } else { int j; for (j = 0; j < 60 * 2000; j++) { if (isp_intr(isp) == 0) { USEC_DELAY(500); } if (isp->isp_mboxbsy == 0) { break; } } if (isp->isp_mboxbsy != 0) { isp_prt(isp, ISP_LOGWARN, "mailbox timeout"); } } } --------- -matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Oct 13 12:44:53 2000 Delivered-To: freebsd-arch@freebsd.org Received: from pike.osd.bsdi.com (pike.osd.bsdi.com [204.216.28.222]) by hub.freebsd.org (Postfix) with ESMTP id 96FDC37B66D for ; Fri, 13 Oct 2000 12:44:50 -0700 (PDT) Received: from laptop.baldwin.cx (ether.osd.bsdi.com [204.216.28.196]) by pike.osd.bsdi.com (8.11.0/8.9.3) with ESMTP id e9DJiZ520253; Fri, 13 Oct 2000 12:44:35 -0700 (PDT) (envelope-from jhb@FreeBSD.org) Message-ID: X-Mailer: XFMail 1.4.0 on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 In-Reply-To: Date: Fri, 13 Oct 2000 12:44:53 -0700 (PDT) From: John Baldwin To: Matthew Jacob Subject: Re: when is it safe to call msleep? Cc: Jake Burkholder , arch@FreeBSD.org Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On 13-Oct-00 Matthew Jacob wrote: > > Hmm... yes... now I don't know why I thought that the switch to SMP would > magically make all kernel services available during probetime... Sorry- I > didn't do my homework. I'm not going to even try the suggestion you made- we > still have all of the other stuff which needs to happen as well. Actually, it should probably work fine now. (should at least), and is a change that is on the roadmap to make. We do want to allow you to be able sleep during device probe. :) -- John Baldwin -- http://www.FreeBSD.org/~jhb/ PGP Key: http://www.baldwin.cx/~john/pgpkey.asc "Power Users Use the Power to Serve!" - http://www.FreeBSD.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Oct 13 12:47:45 2000 Delivered-To: freebsd-arch@freebsd.org Received: from feral.com (feral.com [192.67.166.1]) by hub.freebsd.org (Postfix) with ESMTP id 6A02737B502; Fri, 13 Oct 2000 12:47:41 -0700 (PDT) Received: from zeppo.feral.com (IDENT:mjacob@zeppo [192.67.166.71]) by feral.com (8.9.3/8.9.3) with ESMTP id MAA04043; Fri, 13 Oct 2000 12:47:41 -0700 Date: Fri, 13 Oct 2000 12:44:38 -0700 (PDT) From: Matthew Jacob Reply-To: mjacob@feral.com To: John Baldwin Cc: Jake Burkholder , arch@FreeBSD.org Subject: Re: when is it safe to call msleep? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > On 13-Oct-00 Matthew Jacob wrote: > > > > Hmm... yes... now I don't know why I thought that the switch to SMP would > > magically make all kernel services available during probetime... Sorry- I > > didn't do my homework. I'm not going to even try the suggestion you made- we > > still have all of the other stuff which needs to happen as well. > > Actually, it should probably work fine now. (should at least), and is a > change that is on the roadmap to make. We do want to allow you to be > able sleep during device probe. :) Yeah, I could use a nap.... But, reading kernel.h's order, SI_SUB_KICK_SCHEDULER is still later, so timeouts don't work yet. Hey- I'll give it a try- but later... This is all in the struggle to make the (&*@%$()@*$)@RE!@)RE)*R!)$R!)@$*!@$)* alpha work for me again-... -matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Oct 13 19:26:43 2000 Delivered-To: freebsd-arch@freebsd.org Received: from citusc17.usc.edu (citusc17.usc.edu [128.125.38.177]) by hub.freebsd.org (Postfix) with ESMTP id CA7E837B66C for ; Fri, 13 Oct 2000 19:26:41 -0700 (PDT) Received: (from kris@localhost) by citusc17.usc.edu (8.9.3/8.9.3) id TAA09287; Fri, 13 Oct 2000 19:25:38 -0700 (PDT) Date: Fri, 13 Oct 2000 19:25:38 -0700 From: Kris Kennaway To: Marcel Moolenaar Cc: Kris Kennaway , Garance A Drosihn , arch@FreeBSD.ORG Subject: Re: cvs commit: src/etc inetd.conf Message-ID: <20001013192538.A9272@citusc17.usc.edu> References: <15251.971315263@winston.osd.bsdi.com> <39E5384C.4C3C0D53@cup.hp.com> <39E5F78B.299628F6@cup.hp.com> <20001012195942.A18090@citusc17.usc.edu> <39E74774.E309DDE8@cup.hp.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <39E74774.E309DDE8@cup.hp.com>; from marcel@cup.hp.com on Fri, Oct 13, 2000 at 01:33:40PM -0400 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, Oct 13, 2000 at 01:33:40PM -0400, Marcel Moolenaar wrote: > > > I installed ucd-snmp yesterday to try something out. I know it installed > > > a daemon, because it tells me so (in this case I already knew before I > > > typed make). I therefore immediately know that security, if I'd care in > > > the first place, would be an issue. In this case I couldn't care less. > > > What happens? I get a security notice... It took me 5 minutes to funnel > > > my agression :-) > > > > Code to read user's mind about whether they know the security > > implications of a port gratefully accepted. > > There's a much simpler solution. Assume the user knows what he/she is > doing. If that isn't the case, then there's also no point in trying to > teach the user about security issues in a 5 line notice. It's not about whether or not the user knows what he/she is doing, it's that some ports install things which you never would have imagined they would - setuid root binaries, starting up a gratuitous network server mode when "all you wanted" was the client functionality, etc. Unless you're intimately familiar with the FreeBSD port no amount of studliness will let you anticipate that. Kris P.S. Come on, it's only 5 lines and doesnt functionally affect the behaviour of the ports system..is it really that hard to ignore? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Oct 13 20:12:24 2000 Delivered-To: freebsd-arch@freebsd.org Received: from pike.osd.bsdi.com (pike.osd.bsdi.com [204.216.28.222]) by hub.freebsd.org (Postfix) with ESMTP id 5A4BD37B66F; Fri, 13 Oct 2000 20:12:22 -0700 (PDT) Received: from laptop.baldwin.cx (ether.osd.bsdi.com [204.216.28.196]) by pike.osd.bsdi.com (8.11.0/8.9.3) with ESMTP id e9E3C8538927; Fri, 13 Oct 2000 20:12:09 -0700 (PDT) (envelope-from jhb@FreeBSD.org) Message-ID: X-Mailer: XFMail 1.4.0 on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 In-Reply-To: <200010130251.TAA03945@usr05.primenet.com> Date: Fri, 13 Oct 2000 20:12:28 -0700 (PDT) From: John Baldwin To: Terry Lambert Subject: Re: we need atomic_t Cc: arch@FreeBSD.org, (Mike Smith) , (Chuck Paterson) , (Alfred Perlstein) Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On 13-Oct-00 Terry Lambert wrote: >> The reason for atomic_init/destroy is to intialize mutexes if they >> are needed on the arch. Basically atomic64_t on 32bit arches would >> be a struct with a 64bit value and a mutex to protect it. > > Tee hee hee. > > How do I initialize the mutex that protects the mutex? Our mutexes use a pointer for the lock, so they use uintptr_t, not the would-be atomic_t. The reason for an atomic_t really is to provide a cheap way to do MP safe refcounts, etc. w/o having to use mutexes if at all possible. -- John Baldwin -- http://www.FreeBSD.org/~jhb/ PGP Key: http://www.baldwin.cx/~john/pgpkey.asc "Power Users Use the Power to Serve!" - http://www.FreeBSD.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Oct 14 1:52: 9 2000 Delivered-To: freebsd-arch@freebsd.org Received: from sr14.nsw-remote.bigpond.net.au (sr14.nsw-remote.bigpond.net.au [24.192.3.29]) by hub.freebsd.org (Postfix) with ESMTP id 8E23637B66E for ; Sat, 14 Oct 2000 01:52:06 -0700 (PDT) Received: from areilly.bpc-users.org (CPE-144-132-245-92.nsw.bigpond.net.au [144.132.245.92]) by sr14.nsw-remote.bigpond.net.au (Pro-8.9.3/8.9.3) with SMTP id TAA25290 for ; Sat, 14 Oct 2000 19:51:52 +1100 (EDT) Received: (qmail 19884 invoked by uid 1000); 14 Oct 2000 08:51:52 -0000 From: "Andrew Reilly" Date: Sat, 14 Oct 2000 19:51:52 +1100 To: Nik Clayton Cc: Poul-Henning Kamp , arch@FreeBSD.ORG Subject: Tools not policies, was: Re: cvs commit: src/etc inetd.conf Message-ID: <20001014195151.A92603@gurney.reilly.home> References: <20001010124352.A54458@dragon.nuxi.com> <73714.971208688@critter> <20001013171451.A21236@canyon.nothing-going-on.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20001013171451.A21236@canyon.nothing-going-on.org>; from nik@FreeBSD.ORG on Fri, Oct 13, 2000 at 05:14:52PM +0100 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, Oct 13, 2000 at 05:14:52PM +0100, Nik Clayton wrote: > On Tue, Oct 10, 2000 at 10:11:28PM +0200, Poul-Henning Kamp wrote: > > FreeBSD: Tools, not policies. > > Everybody keeps repeating this like a mantra, but it's ignoring the fact > that somewhere you have to have a default policy. It's important to provide all of the tools: that's Unix. It's important that each and every "out of the box" policy be readily changed by users/administrators. That's why most such policies exist as tweakable parameters or shell scripts. It may well be desirable that there be large knobs, that provide a range of "canned" policies. The days when a widely-distributed OS consisted of tools only, and no (default) policies, are long gone. No-one has the time to tweak it all from scratch: it has to do something sensible out of the box. Think about it: no policies at all would be like shipping the system with /etc completely bare. Everything that _is_ shipped in /etc currently is default policy. All of /etc/periodic, login.conf, and yes: inetd.conf. Most of us are comfortable with the default policies, because they reflect Unix tradition. Sometimes the traditional ways are found wanting, and then it's often reasonable to change the default policies. We did so with the rearrangement of periodic, and the creation of /usr/local/etc/rc.d, and turning finger and a bunch of built-in services off in inetd.conf. I'm not suggesting that telnet (or anything else) should be turned off by default. I am suggesting that "canned" policies are more than useful: they're necessary. We should strive to make them "right" for the widest possible audience. But we shouldn't fool ourselves that by configuring things one way or another that we're not setting policy. -- Andrew To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Oct 14 10:40:19 2000 Delivered-To: freebsd-arch@freebsd.org Received: from hand.dotat.at (hand.dotat.at [212.240.134.135]) by hub.freebsd.org (Postfix) with ESMTP id 3AB6B37B672 for ; Sat, 14 Oct 2000 10:40:17 -0700 (PDT) Received: from fanf by hand.dotat.at with local (Exim 3.15 #3) id 13kVIO-000679-00; Sat, 14 Oct 2000 17:40:32 +0000 Date: Sat, 14 Oct 2000 17:40:32 +0000 From: Tony Finch To: Marius Bendiksen Cc: Terry Lambert , arch@FreeBSD.ORG, Tony Finch Subject: Re: cvs commit: src/etc inetd.conf Message-ID: <20001014174032.L22336@hand.dotat.at> References: <200010120136.SAA12021@usr09.primenet.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: Organization: Covalent Technologies, Inc Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Marius Bendiksen wrote: > >> So, any objection to: >> >> The people who want it, write the code to make it an >> option that is off by default, so that the rest of >> the world who hates the idea can ignore it. > >None whatsoever. This actually sounds like a good idea to me, and I'd >like to see this discussion moving towards a way to do this, rather >than a grand display of our varying POVs on this matter. There is already code in sysinstall to do this, and I sent a patch to jkh to add what I consider to be a "normal" default (no network services except for sshd and sendmail -q30m), but that discussion eded up getting embroiled in yet more bikeshedding. Tony. -- en oeccget g mtcaa f.a.n.finch v spdlkishrhtewe y dot@dotat.at eatp o v eiti i d. fanf@covalent.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message