- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Advanced Search
Jul 9 2018
Jul 3 2018
Jul 1 2018
In D15801#336741, @eadler wrote:Steal space from RES and SIZE; incrase username
Jun 30 2018
In D16072#340510, @ygy wrote:
Jun 29 2018
Jun 27 2018
Jun 26 2018
Jun 25 2018
Adding kib@ and emaste@. (I think secteam@ do want to pay attention on this one but is probably more of a "FYI" or "Cc" role rather than a reviewer but thanks for the heads up).
Jun 22 2018
Jun 21 2018
Jun 18 2018
In D15886#336083, @sef wrote:In D15886#336082, @delphij wrote:In D15886#336048, @sef wrote:Is it possible to provide a switch to disable the SETQUOTA RPC?
Sorry, I meant a command line option to rpc.rquotad if it's not clear.
I don't have any code in there right now that handles the SETQUOTA RPC, so I'm still confused. Want to discuss it in email?
In D15886#336048, @sef wrote:Is it possible to provide a switch to disable the SETQUOTA RPC?
I'm not sure what you mean by a switch there?
Is it possible to provide a switch to disable the SETQUOTA RPC? (Assuming I'm understanding correctly that no additional authentication is done before it's permitted; rpc.rquotad runs at root privilege so when it issues vfs_quotactl it would not fail because insufficient privilege).
Jun 15 2018
LGTM in principal.
Jun 14 2018
Address reviewer comments.
Jun 13 2018
Jun 6 2018
Jun 4 2018
May 31 2018
Accept as secteam@ -- talked with so@ and we have no objection to the change in principal.
The change LGTM in principal but I'd like to request a few minor (cosmetic) change.
May 24 2018
Mostly LGTM. Is there a reason to keep these #if 0's in tools/tools/crypto/cryptocheck.c?
May 21 2018
May 18 2018
May 17 2018
I think you should exit(EX_OK) or return 0 in main(); without it the compiler would give a warning and caller may or may not get wrong exit status (of whatever was left in %rax) at the point. The change otherwise looks good to me.
May 10 2018
May 8 2018
May 6 2018
Apr 30 2018
Apr 24 2018
Apr 23 2018
Apr 22 2018
LGTM.
Apr 21 2018
Looks good to me in principal.
Apr 11 2018
Apr 10 2018
Mar 30 2018
Mar 28 2018
LGTM, thanks!
Mar 19 2018
Mar 16 2018
Just in case an explicit blessing from secteam is needed.
LGTM, thanks!
Mar 15 2018
Oops, I thought I have send out the comment but turns out I didn't.
Mar 12 2018
Could you please create a review of just the sys/dev/random/randomdev.c portion of change (see my comments inline) as this is a self-contained bugfix and is orthogonal to the rest part of this review? It's easier to understand smaller changesets and future readers of code history would have an easier time to see the reasoning when they are done in smaller and self-contained units.
Mar 7 2018
You have not updated manual page, but the change looks otherwise fine to me.
Mar 6 2018
Please take a look at comments inline.
Mar 3 2018
Mar 2 2018
Please do not remove O3: Kernel Random Numbers Generator from reviewers, the proposed change have material impact to the kernel random number generator's behavior and I don't think it's Okay to bypass it.
In D14500#304788, @cem wrote:In D14500#304661, @delphij wrote:In D14500#304139, @cem wrote:In D14500#304100, @delphij wrote:The same criticism can be leveled at /dev/urandom. This uses the exact same kernel interface (READ_RANDOM_UIO).
Yes, but my understanding is this new API is intended for all applications (while /dev/urandom access may be blocked with permission), e.g. an application in capability mode should have access to it.
I guess so, but the concern is still a completely hypothetical attack against SHA256 and Fortuna. And maybe a local DoS — I'm still unclear on that.
Mar 1 2018
I don't see any problem in principle, the restriction was introduced in r21052 but it didn't explained why it was introduced, and looks like other operating systems, nor LDAP's posixAccount schema seem to enforce similar restrictions.
Feb 28 2018
Feb 27 2018
In D14500#304139, @cem wrote:What specific changes do you want made?