Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Mon, 19 Mar 2012 21:09:57 +0400
From: gremlin@...mlin.ru
To: owl-dev@...ts.openwall.com
Subject: Re: Google Summer of Code 2012 (GSoC)

On 19-Mar-2012 09:26:34 +0200, Stanislav Uzunchev wrote:

 > Hi, all. I am applying quote from the ideas page on openwall's
 > site. My question is what is the priority of this task. I am
 > going to apply for gsoc and i want to chose a task with higher
 > priority to avoid preparing my application for something that
 > is not nescecary. Regards.
 > > Functionality available out of the box needs to be expanded in
 > > multiple ways, including:
 > > Need to have full LAMP stack in the base system. We need to add
 > > Apache, MySQL, PHP - and do so in accordance with our project
 > > concepts, which will include some security-relevant changes.

For now here's only one significant task, and it's the httpd code
audit. Now I'm working with 2.2 branch, and even have it running
with lower privileges, but possibly we could have a look at recently
published version 2.4.1 (and 2.4 branch in a whole).

 > > DHCP and PPP/PPPoE/PPTP client support (add userland packages,
 > > introduce privilege separation where needed)

Running `dhclient -1` at the boot time is generally safe, so only the
daemon mode should be checked (or disabled completely for now, as Owl
is the server platform, and the servers normally don't change addresses
like dirty socks). PPP and related services (PPPoE, PPTP) require much
more attention, primarily the thorough code audit (including kernel).

 > > Assorted extra packages that are in line with typical uses,
 > > concepts, and goals of Owl

One of those packages should be nginx: while the Apache httpd may be
running as a backend with lowered privileges and dealing with users'
buggy scripts, the nginx is normally set up as a caching frontend.
This solution is very effective (and, therefore, popular), so we'd
obviously need it.

If you feel you have enough skills for any of the above, it will be a
good choice.

 > > Support and setup a package repository (for easier updates),
 > > possibly with Zypper, yum, or apt

To me this task seems mostly administrative, not technical...

 > On Sat, Mar 17, 2012 at 4:41 AM, Solar Designer <solar@...nwall.com>
 > wrote:

- Because it messes up the order in which people normally read text.
- Why it is annoying?
- Top-posting.
- What is considered the most annoying thing in messages?


-- 
Alexey V. Vissarionov aka Gremlin from Kremlin
<gremlin ПРИ gremlin ТЧК ru>
GPG key ID: 0xEF3B1FA8, keyserver: hkp://subkeys.pgp.net
GPG key fingerprint: 8832 FE9F A791 F796 8AC9 6E4E 909D AC45 EF3B 1FA8

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.