#openbsd gamers - #Chasm is a metroidvania indie gem released *today* that runs on OpenBSD with sound and gamepad support - first fully running commercial game of 2018! Steam library needs to be replaced with a stub, but that's all! Then just run #fnaify on it and you're good to go!
Ingo Schwarze (@schwarze) on sed(1) bugfixing with Martijn van Duren (martijn@) , and about other small userland stuff
People are insecure about things you wouldn't even imagine. They're afraid you are judging them based on things you haven't even noticed. They secretly believe they're dull or untalented even as you sit in awe of their skills, insight or accomplishments.
Accept them for who they are. Listen to their fears and doubts. Then show them precisely what it is about them that shines so brightly and fiercely that you can't look away.
Just like clockwork, when I am about to call it a night, the TU Graz guys release a new Spectre level: NetSpectre. It is “a remote Spectre attack without attacker-controlled code on the victim, and the first Spectre attack which works without the cache as covert channel.”
Kenneth Westerback (krw@) on dhcpd(8) fixes, disklabel(8) refactoring and more: https://undeadly.org/cgi?action=article&sid=20180726184322
Theo de Raadt on unveil(2) usage in #OpenBSD base, a userland diff (approx. 37 programs so far) demonstrating how it will be used, also touching a bit on chrome: https://marc.info/?l=openbsd-tech&m=153262228632102&w=2
For people experimenting on -current, robert@ just unveiled his unveil(2) work for chromium on #OpenBSD, including a overhaul of the existing pledge(2) support, still a WIP! ☺️https://marc.info/?l=openbsd-ports-cvs&m=153250162128188&w=2
"Do "Return stack refilling", based on the "Return stack underflow" discussion and its associated appendix at https://support.google.com/faqs/answer/7625886
This should address at least some cases of "#SpectreRSB" and earlier #Spectre variants; more commits to follow." #OpenBSD https://marc.info/?l=openbsd-cvs&m=153236845523439&w=2
"Once great men lived here... giants... gods... once, but long ago."
Heads-up for #OpenBSD -current IPv6 users: "2018/07/23 - rtadvd(8) removed; replaced by rad(8)" https://www.openbsd.org/faq/current.html#r20180723 @florian
This bug highlights a problem with securing containers: the tiniest bit of kernel code can screw it up. All it takes is one infoleak. Have you audited your entire kernel, including modules and binary blobs for information leaks?
Virtualization, whether it be a hypervisor or a container, does not increase security.
Carlos Cardenas (ccardenas@) on vmm/vmd progress, LACP: https://undeadly.org/cgi?action=article&sid=20180721053002
Claudio Jeker (claudio@) on #OpenBGPD developments: https://undeadly.org/cgi?action=article&sid=20180721053011
Klemens Nanni (kn@) on improvements to route(8), pfctl(8), and mount(2): https://undeadly.org/cgi?action=article&sid=20180719100833
Interesting observations while poking around again today, unveil(2) and pledge(2) are separate, yet complimentary features, you can use unveil(2) without using pledge(2). This was confirmed by bob_beck@ on Twitter.
Another thing, while not presently documented, is the possibly to once again "veil" previously unveiled filesystem points, by using an empty string as the flags argument. This appears to be intended for some complex use case, but still very cool.
AKA brynet@. I like tinkering with #OpenBSD and occasionally other Unix-like systems. In other words, not a MCP. He/Him. 🍕🐈💻🇨🇦
Follow friends and discover new ones. Publish anything you want: links, pictures, text, video. This server is run by the main developers of the Mastodon project. Everyone is welcome as long as you follow our code of conduct!