Date: Wed, 26 Jun 1996 15:54:58 -0500 (CDT) From: John Goerzen <jgoerzen@complete.org> To: freebsd-bugs@freebsd.org Subject: A bug report Message-ID: <199606262054.PAA00262@complete.org>
next in thread | raw e-mail | index | archive | help
--ELM835822497-203-0_
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Last bug report, I had inadvertantly installed a 2.2 SNAP. (The bug report
was accurate -- I just installed a different version than I thought I did!)
I was running 9605?? SNAP and now put on 2.1-960606 SNAP. (Why is there no
info on the Web for this one, BTW?)
Primary bug: on-demand PPP is broken again. Worked in the 9605 SNAP.
Workaround: Just boot from the 9605 kernel, and it works fine. The reason
I'm using SNAPs in the first place is that dial on-demand is broken in 2.1.
Other bugs noticed along the way:
- Bug in upgrade thingy -- fails to restore the /etc directory. Somehow
loses the value I entered when it backed it up. (Perhaps incorrect
usage of a pointer in C?)
- Compilation with option LINUX in the Kernel config will fail.
- doc and compat21 distributions failed to install. (Was installing via
PPP from primary FTP site)
In my earlier conversation with Theo, the OpenBSD developer, while he was
discussing differences between OpenBSD and FreeBSD, he said he had a list of
bugs in FreeBSD. I finally believe I got him to give me part of it. (I
doubt that he had a list in the first place, personally). Here's the
message I received. If it provides new info; great. Otherwise, just ignore
it, OK? Some of it is kinda beyond me -- CVS, SUP, etc. So I'll just pass
it along verbatim with the knowledge that someone out there can make sense
of it :-)
Oh, one last thing: I just want to say that in spite of these bugs, even
this prerelease FreeBSD code is more stable than other *release*-level OSs
I've run in the past -- OS/2, Dos, Win, etc. Keep up the good work!
Regards,
John Goerzen
--
John Goerzen | Turn your PC into a Workstation for FREE!
Custom programming | Check out www.freebsd.org NOW! For free FreeBSD
jgoerzen@complete.org | Unix shell access, 316-367-8490 with your modem.
--ELM835822497-203-0_
Content-Type: text/plain; charset=ISO-8859-1
Content-Disposition: attachment; filename=TheoMsg
Content-Description: Theo De Raadt's message
Content-Transfer-Encoding: 7bit
>From deraadt@theos.com Wed Jun 26 02:33:15 1996
Received: (from uucp@localhost) by complete.org (8.7.5/8.7.2) with UUCP id CAA00331 for jgoerzen@complete.org; Wed, 26 Jun 1996 02:33:14 -0500 (CDT)
Received: from theos.com (zeus.theos.com [199.185.137.1]) by onyx.southwind.net (8.7.4/8.7.3) with SMTP id CAA24091 for <jgoerzen@complete.org>; Wed, 26 Jun 1996 02:06:30 -0500 (CDT)
Received: from LOCALHOST.theos.com by theos.com (4.1/tdr1.0)
id AA28025; Wed, 26 Jun 96 01:08:12 MDT
Message-Id: <9606260708.AA28025@theos.com>
To: John Goerzen <jgoerzen@complete.org>
Subject: Re: NetBSD DOSEMU -- questions from a prospective NetBSD user
In-Reply-To: Your message of "Mon, 24 Jun 1996 12:50:01 CDT."
<199606241750.MAA03208@complete.org>
Date: Wed, 26 Jun 1996 01:08:11 -0600
From: Theo de Raadt <deraadt@theos.com>
Status: RO
> You said you could give me a list of bugs in FreeBSD that you had found. I
> asked for it, so that I could give it to FreeBSD core team. You came up
> with some silly excuse.
here are some security ones.
mktemp()/fopen() races. i fixed 18 of these just today.
*.2049 & SO_REUSEADDR & bind()
rlogin buffer overflow
telnetd buffer overflow
kerberos buffer overflows
i don't want to list any more; i need sleep.
in fact, i didn't want to list any security holes. but, ah, what the heck.
i don't mind as much that freebsd gets them, to be honest. there's two issues:
1) old vendor operating systems, 2) those jerks.
non-security bugs?
well lots. that's why openbsd has the cvs tree publically available. so
that anyone who wants to can "log" it and see the changes in each revision,
as well as why it was made.
some areas are better than others. i see for instance that freebsd and
netbsd/opesbsd share /bin/sh fixes pretty quickly. but other things lag,
or are never made. like today i found a freebsd fix to mountd for a bug i
had seen and fought with over a year ago.
freebsd has this too; they make it available for sup and i can do cvs revision
checking on my machine here at home. this is awesome stuff either way -- sup
or anoncvs -- either way it totally rocks to see why a change was made, and
exactly what lines were changed to make the change. it's way way cool.
anyways, if you grab the openbsd tree you can see all the netbsd fixes + all
the openbsd fixes; any freebsd developer could do that today.
for instance;
RCS file: /cvs/src/sys/kern/uipc_usrreq.c,v
Working file: uipc_usrreq.c
head: 1.3
branch:
locks: strict
access list:
symbolic names:
netbsd_1_1: 1.1.1.1
netbsd_1_1: 1.1.1
keyword substitution: kv
total revisions: 4; selected revisions: 4
description:
----------------------------
revision 1.3
date: 1996/06/25 21:26:11; author: deraadt; state: Exp; lines: +2 -2
consider umask for AF_UNIX bind()
----------------------------
revision 1.2
date: 1996/03/03 17:20:22; author: niklas; state: Exp; lines: +8 -6
>From NetBSD: 960217 merge
----------------------------
revision 1.1
date: 1995/10/18 08:52:47; author: deraadt; state: Exp;
branches: 1.1.1;
Initial revision
----------------------------
revision 1.1.1.1
date: 1995/10/18 08:52:47; author: deraadt; state: Exp; lines: +0 -0
initial import of NetBSD tree
=============================================================================
revision 1.3 was done by me today; let's see what it has:
Index: uipc_usrreq.c
===================================================================
RCS file: /cvs/src/sys/kern/uipc_usrreq.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -b -c -r1.2 -r1.3
*** uipc_usrreq.c 1996/03/03 17:20:22 1.2
--- uipc_usrreq.c 1996/06/25 21:26:11 1.3
***************
*** 418,424 ****
}
VATTR_NULL(&vattr);
vattr.va_type = VSOCK;
! vattr.va_mode = ACCESSPERMS;
VOP_LEASE(nd.ni_dvp, p, p->p_ucred, LEASE_WRITE);
error = VOP_CREATE(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, &vattr);
if (error)
--- 418,424 ----
}
VATTR_NULL(&vattr);
vattr.va_type = VSOCK;
! vattr.va_mode = ACCESSPERMS &~ p->p_fd->fd_cmask;
VOP_LEASE(nd.ni_dvp, p, p->p_ucred, LEASE_WRITE);
error = VOP_CREATE(nd.ni_dvp, &nd.ni_vp, &nd.ni_cnd, &vattr);
if (error)
there ya go; that's a security fix right there, too. anyways, any
person can do this, not just I. it only requires special access to
actually make changes, not to look at them.
[ irrelevant stuff deleted here -- JG ]
--ELM835822497-203-0_--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199606262054.PAA00262>