IRC Logs for #crux-devel Thursday, 2014-12-25

*** crash_ has quit IRC00:05
*** Feksclaus has joined #crux-devel00:51
*** Feksclaus has quit IRC03:25
*** mavrick61 has quit IRC03:43
*** mavrick61 has joined #crux-devel03:44
frinnstteK_: yeah sure, if a network service can be crashed with some magic packet it is a dos issue08:11
frinnstbut if a network service just crashes because it sucks, its not08:11
frinnstimo08:11
teK_yes, sure09:56
teK_but I bet that almost 100% of the time a security advisory talks about DoS it's adversary-triggerable09:57
teK_03:49 < frank_rieger> Please take the current DDoS outage of @jabbercccde on IPv4 as a sign that you need more jabber-servers to rely on. Diversify, decentralize!09:57
teK_this explains, why I could not jabber for two days straight *g*09:58
teK_this is a security vulnerability in TCP :)09:59
teK_broadly speaking.10:00
frinnstyeah but i've seen quite a few silly requests on the oss-security list11:34
frinnstinteresting:14:36
frinnst  ftp://ftp.gnu.org/gnu/gettext/gettext-0.19.4.tar.xz   (6.4MB)14:36
frinnst  ftp://ftp.gnu.org/gnu/gettext/gettext-0.19.4.tar.lz   (5.9MB)14:36
frinnstanybody played around with lzip ?14:36
frinnsttek, example:17:27
frinnst> Linux kernel built with the iso9660 file system(CONFIG_ISO9660_FS) support is17:27
frinnst> vulnerable to an infinite recursion loop flaw, which could lead to a crash or17:27
frinnst> render a system unresponsive/unusable after a while. This occurs while17:28
frinnst> mounting an iso9660 image.17:28
frinnst"Use CVE-2014-9420."17:28
juefrinnst: thx for hint, indeed looks interesting in the first view but the lz file was obviously compressed with the max level18:25
juedid some quick tests ;) -> http://25c5037c14102d84.paste.se/18:25
jaegerinteresting18:28
juexz is always faster and with default compression, -6 for both, xz compression is better18:32
juebtw, if we are at tests:18:40
juei did a simple test to get a better feeling about the to be expected performance gain if we use dash as /bin/sh18:41
jueto summarize, it's much worser than I thought ;)18:42
juesee here -> http://e4d482afbb2aa25f.paste.se/18:42
jaegerdoh18:42
jaegersurprising difference18:43
juenote, that mesa is doing somthing strange, because it spawns about 360k shells for the build process :)18:43
jaegerhaha, wow18:44
jueit's the first column in bottom tables18:45
jueif we compare 'normal' builds the difference bettween dash and bash is much smaller but noticable18:46
jaegerdid you try firefox or qt, for example?18:46
jueno, not yet18:47
jaegerno worries, just curious18:47
jueahh, wait I forgot that I wrote a summary about the tests18:51
juelook here -> http://e33e40b3f200dbd7.paste.se18:52
jaegervery nice18:53
jueline 14 is very impressive, mesa spawns over 400 shells each second :)18:53
jaegerI wonder why they do that18:55
jueyep, that's very strange18:55
jueat all I'd say we can estimate a performance gain of something <10%, but it's a gain18:58
jaegerPretty significant for just a shell change18:59
jaegerI wonder how much work it would create in terms of fixing things that break18:59
juewell, I run into zero issues so far, dash seems to be better for that purpose than mksh19:00
jueI've build everything from our ISO and something more so far with dash19:00
juebut I do not use many ports19:01
jaegera good start, definitely19:02
juewhat the tests shows as well is that we cannot expect any reduction in system start time if we make our rc* stuff shell compatible19:05
jaegerI didn't expect much there, to be honest. It already starts up really quickly19:08
jueyeah, indeed19:09
*** tvaalen has quit IRC19:50
*** tvaalen has joined #crux-devel19:51
*** tvaalen has quit IRC20:13
*** tvaalen has joined #crux-devel20:15
*** tvaalen has quit IRC20:32
*** tvaalen has joined #crux-devel20:33
*** Romster has quit IRC20:41

Generated by irclog2html.py 2.11.0 by Marius Gedminas - find it at mg.pov.lt!