I know you're not asking about this, but
naim http://naim.n.ml.org is
an excellent console-based AIM, IRC, and ICQ client.
Plus it supports being in multiple chat rooms on IRC
in a very intuitive manner.

I'm not sure if my message (below) went through, it didn't seem to post. Attempting again. Sorry if duplicated.

Subject: Instant Messenger (CLI-based multi-protocol)

Hi,

I have been wanting to switch from a GUI "meta"-type chat (uses Yahoo, AIM, etc.) to terminal/CLI-based. I came across "centericq" (apparently it works with multiple protocols) though when trying to install it I get...

$ sudo make
===> centericq-4.9.11p0 is marked as broken: requires update but new version has issues.

I'...

Hi,

I have been wanting to switch from a GUI "meta"-type chat (uses Yahoo, AIM,
etc.) to terminal/CLI-based. I came across "centericq" (apparently it works
with multiple protocols) though when trying to install it I get...

$ sudo make
===> centericq-4.9.11p0 is marked as broken: requires update but new version
has issues.

I'm not a computer guru... don't really know how to resolve that issue.

I'm running OpenBSD 4.1 and that install attempt was straight out of 4.1's
unaltered ports tree...

Hi guys,

I'm having a problem with my Internet connection in my home network. I noticed that my Internet connection has been very slow since I upgraded to -current a week ago. First, I thought it was just my ISP problem. Then, I tried to connect to the Internet directly from my laptop, it worked fine.

I noticed that the Internet is slowing down when pf is enabled. I changed my pf.conf to only do nat, and scrub incoming packets, but it is still slow. Here's the output of 'ping' to the Internet.

...

On Sep 22, 2007, at 12:28 PM, "Ihar Hrachyshka" <ihar.hrachyshka@gmail.com

Only in single-user mode, not in a running multi-user system. Please

It's a button. Buttons are easily turned off. Ask *any* Linux server
admin. Odds are 10-1 they've disabled SELinux.

---
Jason Dixon
DixonGroup Consulting
http://www.dixongroup.net

The first thing people do when they run with SELinux is disabling it.
You decide how great it is.

rhetorical question: why aren't the policies ready?

the problem with security by policy is that the policy is always wrong.

exercise for the reader: find somebody using SELinux. ask them to
describe their policy over the phone. then repeat it back to them.
did you get it right?

On 22.09-16:21, Douglas A. Tutty wrote:

i would be willing to bet this will never happen, particularly in a
community like debian's. if, by some miracle, it does i'd make a
further bet that they'll have to roll back the decision because
their users will be crippled. basically, good programming practices
get you a lot more for a lot less than wide ethos changes. having
said that the extended feature set of selinux can solve issues that
"unix" systems are not able to.

in short, stick to openbsd...

The OpenBSD developers are trying to make the most secure UNIX system
they can; SELinux might or might not be secure, but it's not UNIX.

Additionally, it's not entirely clear whether it actually helps; a
SELinux configuration is, even at its best, a lot more complex than the
equivalent UNIX-ish configuration. Thus, it becomes more likely that
there will be either configuration or coding errors.

Joachim

--
TFMotD: kadmin (8) - Kerberos administration utility

Insofar as that ls -la shows them, yes. In the sense that files actually

Root almost always can gain complete control over the system anyway, so
that's not a big issue.

Also see my comments below.

Still, yes, SELinux can be - rarely - used to solve problems for which
no clean UNIX-ish solution exists. Far too often, though, it's thought

Yes, but not all code is created equal. Layering a second permission
layer into the system integrates closely with all other security
mechanisms, which is ...

Hi,

You might be talking about grsecurity and PaX [1]. SELinux hooks
through the LSM [2] framework. LSM was designed to be easily enabled
and disabled, so that should be a fundamental flaw. LSM has valid
criticisms [3] [4].

[1] <http://grsecurity.net>
[2] <http://en.wikipedia.org/wiki/Linux_Security_Modules>
[3] <http://www.grsecurity.net/lsm.php>
[4] <http://www.rsbac.org/documentation/why_rsbac_does_not_use_lsm>

Cheers,
Ed

As I understand it, the patches (the button) are maintained by the US
NSA; I suppose as a service to their fellow Americans. That likely
brings out the conspiracy theorists who say that there's probably a
back-door to allow NSA to read your ssh keys, GPG/PGP keys, whatever.

My _personal_ perspective is that OBSD is smaller. You don't have 5,000
or whatever people changing the kernel, plus NSA putting their thumb in
it. You have my Fellow Canadian Theo and people he trusts.

Thanks for your ...

SELinux has clearly defined security mechanisms implemented through
different components. It is doing what it was designed for. The real
problem with SELinux is the way it hooks to the Linux kernel. The
inaccurate marketing of this tool doesn't help too, unsuspecting users
are blindly using it as a magical security solution.

Dear subscribers/moderators,

Does OpenBSD fully support Hebrew? If indeed it does, how does one make
applications in X/KDE properly see/present Hebrew letters and filenames?

I have already added the following two lines to my .profile:

export LC_CTYPE=he_IL.UTF-8
export LC_COLLATE=he_IL.UTF-8

and this made it possible to show Hebrew filenames under normal KDE
applications properly. However, when I tried opening an OpenOffice
files, for example, which had Hebrew letters in it, it all appeared
...

I don't think it has one either. In any case I noticed that indeed
the two "sets" weren't really accepted by the system:

perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LC_ALL = (unset),
LC_CTYPE = "he_IL.UTF-8",
LC_COLLATE = "he_IL.UTF-8",
LANG = (unset)
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").

OK, I checked that and the...

Hi,

I'm trying to use the SAMSUNG SHG-L760 over usb as modem.
OpenBSD recognise it as umodem0 (dmesg attached) and assigns ucom0.

First of all I want to have a 'AT OK' sequence. I've tryed echo and cat
as well as a small perl script sending 'AT\r\n' to /dev/cuaU0 and read
from it. While sending seams to work, there is no answer from the cell
phone.

Please can anyone give me a hint how to get the communication workin?
(The cell phone is ok, under Windows I can talk to it with an teminal
client...

Hi,

I was playing around a long time to get CardBus and sound working on my
JVC MP-XP741. I've found, that the GENERIC.MP kernel support both if
enableing acpi. To my poor mind, it seems that ioapic is needed, but
simply adding it to the GENERIG confiuration file doesn't work.

Since sysctl -> hw.setperf disappears in the mp-kernel regardless using
acpi or not, I'd like to add ioapic to the GENERIC kernel. Are there any
sugestions?

Thx and regards
Dag Leine
OpenBSD 4.1 (GENERIC) #4: Sat ...

................... SNIP

Is anyone using solid state drives yet?

Check out the HP c-Class BladeSystems offerings. It is sad that HP is
marketing it with virtualization via Vmware. Just disregard the vmware
affair.

Douglas A. Tutty wrote:

That's where you are supposed to 1) recognize that my mysteriously
mangled e-mail address is me and 2) Read back to my previous statement
where I stated that I don't feel VM technology is suitable for
externally exposed apps or security critical apps and 3) catch the
implied sarcastic sneer in "If one believed in the idea of 'a perfect
VM environment'"

Yes, very separate is what I was recommending: no VM, keep them as
separate as possible. When appropriate, of course.

...

someone just needs to sit down and add the code to put interfaces into
alternate routing tables and arp running there and you can have that on
openbsd.
ok, it is a bit of work (that I am not very interested in).
but the hard part (introduction of multiple routing tables) is already
done.

--
Henning Brauer, hb@bsws.de, henning@openbsd.org
BS Web Services, http://bsws.de
Full-Service ISP - Secure Hosting, Mail and DNS Services
Dedicated Servers, Rootservers, Application Hosting - Hamburg &am...

If I had such project and funds I'd certainly contribute. In the
meantime I have assigned part of my limited resources to buying the CDs
for the new release...

ciao

Luca

Ironically, today's ISC handler's diary entry talks to this as well.

http://isc.sans.org/diary.html?storyid=3411&rss

DS

http://g.paderni.free.fr/olivebsd/

Doesn't work as part of the install, but at least you can quit the
install and look up something if you only have one computer.