[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: security/cfs update
- To: ports_(_at_)_openbsd_(_dot_)_org
- Subject: Re: security/cfs update
- From: Chris Kuethe <ckuethe_(_at_)_ualberta_(_dot_)_ca>
- Date: Sat, 19 Apr 2003 09:29:10 -0600 (MDT)
-----BEGIN PGP SIGNED MESSAGE-----
On Sat, 19 Apr 2003, Nikolay Sturm wrote:
> * Chris Kuethe [2003-04-19]:
> > this updates security/cfs to 1.4.1. it's pretty much a rip-off of the
> Did you actually try to use this? Last time I checked 1.4.1 it crashed
> virtually immediatly when writing files.
for non-insane load, it works ok. i can make make the system lock up
completely when writing a whole bunch of small files. not even "boot sync"
from ddb will give me a clean reboot.
top said that cfsd and cp were both waiting in 'GETNEW'. what exactly
that is, i do not know, but these seem likely:
d0176480 T getnewbuf
d017a9e0 T getnewvnode
i'm guessing it's coming from /sys/kern/vfs_subr.c. i haven't dug much
> > distro site i could find was matt blaze's (crypto.com) i set all the
> > PERMIT_* flags to "No - Crypto from USA".
> This is not a matter of PERMIT_*, as long as the license on cfs is ok,
> you can set PERMIT_* to Yes. (somebody correct me if I am wrong,
good to know. i'll check the license then.
Chris Kuethe, GCIA CISSP: Secure Systems Specialist - U of A CNS
office: 157 General Services Bldg. +1.780.492.8135
GDB has a 'break' feature; why doesn't it have 'fix' too?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (OpenBSD)
-----END PGP SIGNATURE-----
Visit your host, monkey.org