Doesn't matter much since C++ ABI used by GCC doesn't mangle variable
names; however technically is required by Section 7.5 of the C++ spec.
Discussed with/OK guenther@, matthew@.
position zero, skipping a random number of free slots and then
picking the next free one. This slowed things down, especially if
the number of full slots increases.
This changes the scannning to start at a random position in the
bitmap and then taking the first available free slot, wrapping if
the end of the bitmap is reached. Of course we'll still scan more
if the bitmap becomes more full, but the extra iterations skipping
free slots and then some full slots are avoided.
The random number is derived from a global, which is incremented
by a few random bits every time a chunk is needed (with a small optimization
if only one free slot is left).
Thanks to the testers!
Based on our vfprintf etc. implementations. Wide character parts based on
NetBSD but with lots of macros expanded. Minor bump for libc.
ok kettenis espie
to the old /etc/security script because daily sourced it.
Now we fork and exec, so SUIDSKIP must be promoted to the environment.
Problem reported, fix tested and ok weerd@.
By default, rc.{local,shutdown} don't output anything anymore.
original idea from schwarze@
discussed with deraadt@ and no objection from millert@
ok schwarze@ robert@
does not require special permissions. The security(8) scripts hates
group-writeable home directories, so remove the needless permissions.
Issue noticed by Andrew Fresh <andrew at afresh1 dot com>.
If i understand naddy@ correctly, this is unlikely to harm even UUCP users.
"Just remove the group writeable bit" deraadt@.
In effect, this removes the "old" vndX nodes, and renames
the svndX nodes to vndX.
Old svndX nodes will still continue to work though, for now.
Cleanup accordingly.
ok deraadt@, todd@
comments and ok on the man page bits from jmc@
to the new Perl script /usr/libexec/security.
The new script was tested by sthen@ and ajacoutot@.
Committing now due to repeated prodding from deraadt@.
In case problems show up, they will be fixed in tree.
cumbersome to use with compressed files. Idea from ian@ following
a discussion started with a diff to last(1) from by Peter Philipp.
ok martynas@ mk@ millert@
- As noticed by ajacoutot@, re_format(7) does not treat '\t' as a tab,
so some t's got stripped from daemon names.
- The tr(1) failed to sanitize mixtures of blanks and tabs.
ok ajacoutot@
- Use the URL filter to block www.example.com/
- Use "forward to destination" instead of "forward to nat lookup" to use
divert-to instead of rdr-to in PF.
While it is a terribly cool idea, it's just awful and since noone has stepped
up to the plate to keep it up with the current vop state, retire it to the
attic.
ok krw@, deraadt@, guenther@, miod@.
comments from jmc@
about cert checking in OpenSSH. Man page wording tweaks thanks to
jmc@.
ok henning@, jmc@; positive feedback from djm@, ajacoutat@
Committing now to reuse guenther@'s libc minor bump instead of
cranking it again, as suggested by deraadt@.
mpf