I had the same problem as the parent with the same config the grandparent was using. Two things helped immensely.
First, a few rules in my Postfix helo_access file:
/\.mydomain\.mytld$/ 550 You are not me. /^mydomain\.mytld$/ 550 You are not me. /^[\d.]+$/ 550 See RFC 2821. /^\[my.dot.ted.quad\]$/ 550 You are not me. /^\[10\.[\d.]+\]$/ 550 Your network is unreachable. /^\[192\.168\.[\d.]+\]$/ 550 Your network is unreachable.
(Yes, that doesn't trap all ways of writing IP address, and leaves out 172.16/12. It's the first 3 rules that do most of the work, as it turned out.)
Second, turning on some more RFC strictness in Postfix SMTP chat:
And I'm thinking of moving permit_mynetworks to just above check_helo_access now that I've got SASL working nicely on all the other stations.
But it's all moot now, because pobox.com can now do MX for customer domains with wildcard addresses AND you get all of their peer-IP-address- and header-based anti-spam checks. I've been using them for _years_, so was quite happy to use that new service.
Well, I left it all there, so that no-one going directly to the A record for the domain can invent things, either.
Oooh, your #2 one really used to annoy me. It would lose the current play "context", too; I usually play by artist or album, sometimes playlist. I pretty much never just go to "Music" and hit play, that would be a very strange mix.
That being fixed and the 80 gig capacity are what I really like about the 5.1G model. (Apparently it can do "video" and "photo", but I don't care. OK, so maybe there's some porn on it....) And, being a Mac owner with USB1.1 machines, I never noticed the USB charging problem--I always used a FireWire cable.
Hmmm. Now that I think about it, I'm still using a FireWire-type charger on the 5.1G at work, which is generally the only place I charge while listening. So I have no idea if that USB problem still exists. (Linux insists on logging on to any mass storage device--even if it is unmounted--so charging from my workstation's USB port isn't going to happen, as it will go into disk/sync mode.)
Rolling back the repository on the server is a very, very bad idea unless you're recovering from a major "OH DAMN!". Much better, in Subversion, is to just copy the old, good one that you want to the latest version, then the clients will know to update.
CVS can get so badly lost you have to manually hack the entries file if you start making revisions vanish on the server.
Any system without full Secure Attention Key support is spoofable.
All I need to do on UNIX-a-likes is make something called 'sudo' that gets invoked earlier in your path and says "Password: " the same way.
Since you can customize the 'sudo' password prompt, for Extra Fun Bonus, what I really want to do is invoke 'sudo' connected to a PTY that my program controls the other side of. That way, I can pass the actual password through and have sudo work.
Same applies for fake screensaver unlock boxes, console login prompts, GDM logins (heck, with Red Hat Enterprise, I never know what the GDM login is going to look like from one machine to the next), and so on.
Without a true Secure Attention Key, and one which must be used to have the system verify a password, any system is spoofable.
What we really need is, like others say, a vast reduction in the number of programs that ask for elevated privileges but don't really need them, they're just badly coded. (And this goes for Mac OS X apps, too; frankly, I think there's too much junk in installer form rather than just a drag-and-drop.app folder in a disk image download. If I copy the.app to/Applications, sure, Finder may want some extra privs. But if I put it in ~/MyStuff, no password.)
It needs to be so that people see a password prompt and say, "Why does it need this?" rather than "oh not again."
Page zero on AIX is mapped read-only and guaranteed zero.
So writes through a NULL pointer crash just fine.
Reads through a NULL pointer read zero.
There's a reason for this. It's a performance optimization; remember, AIX 2 and up run on superscalar pipelined CPUs, which everything is today, but it was a bigger deal in the RT PC and first-generation RS/6000 days. Well, the biggest deal on the RT PC was keeping a fire extinguisher close at hand, the RS/6000 was rather better.
What that means is, say you have C code like this:
On AIX, the compiler can generate pseudo code like this (not valid syntax or opcodes):
test cr0,gr3 load gr3,(gr3) beq.S1,cr0 blr do_something_else .S1 noop ...
The important part being, the load through (*somewhere) has been started before the pointer is verified as valid. This allows the compiler to avoid issuing a no-op; the optimizer knows load gr3,(0) is safe (== won't fault), so it doesn't have to wait for the test to complete. Actually, on POWER, it doesn't have to put a no-op in, the processor will just stall the pipeline if it sees a set and use of a register too close together.
Also, AIX guarantees that uninitialized storage (BSS) is zeroed before being given to the process; newly allocated pages are also zero. (This is at the brk(2) level.) In fact, if you aren't using the C memory routines or derivatives (malloc/free), the fastest way to get blocks of zero on AIX is to disclaim(2) the memory and then brk(2) it back in.
As another poster said, this is to prevent information leakage between processes.
And yes, assumption that "all OSes are like this OS" is the mother of all porting nightmares. Just try and get an "everything is Solaris" program working on a non-ELF based system. Apple's actually done a fair job of allowing that to work; but most other non-ELF systems are a big pain for people who assume the Solaris (and therefore Linux) dynamic linker will fix their mess--like their violations of the ANSI C++ One Definition Rule.
The 80gb disk may not have been much of an upgrade on the 5G (I can't bring myself to call it 5.5G either), but it did make the disk big enough that I upgraded from my 20 gigger....
I don't sync my iPod regularly; I just put everything on it and I can listen to whatever I want whenever I want. Figuring out what I might want on iTunes is not for me; so I'm happy to have the Big Disk (and still have 20 GB free for moving data around, too.)
So, you're advising getting the extended scam I mean warranty on Blu-Ray and HD-DVD players? Otherwise, just revoke the player keys after they've been out of production for 90 days (or whatever the factory warranty is), and presto! Everyone now has a player that won't play new discs!
The automakers can only dream of something like this. Or maybe OnStar can crash your car. (Hey, there's airbags, so the customer or insurance can buy another one!)
There are countries where there's more than just the manufacturer's warranty that applies; the U.S. is mostly not one of them. (State-to-state legal differences....)
Which is why I gave up on that, and use Windows for two things: DVDDecrypter and Garmin MapSource. And DVDShrink. I use Windows for three things, DVDDecrypter, DVDShrink, Garmin MapSource, and Dungeon Keeper II....
I didn't know that going to google.com was like going to the Oracle at Delphi.
I know people who think that. Well, one person, anyway. He doesn't care how Google actually works, explaining "keyword search" and link-relevance gets an "I don't care, it should show me what I want". With your example, he would want the "Oracle at Delphi Visitor's Guide", and anything about the Oracle database or competing visionaries would really piss him off.
Fortunately, I don't care about people who don't want to understand something, yet think that something should understand them. It's a two-way street.
Yup, my cheap Blu-Ray player (or expensive PS2 and PSone game machine) plays conventional (and burned) DVDs just fine. It actually is slightly nicer to use than my dedicated DVD player; so I watch movies in the PS3 and leave TV-on-DVD in the DVD machine so "resume play" works. (It doesn't remember last-play position after eject. Hmmm, I think the PS3 does, maybe the dedicated DVD player is completely useless now.)
Tell your telcos to look north. We've got competition for local telephone service and local DSL, also DSL on "dry line" (one without POTS provisioned on it).
Though the cable company still won't open its plant to competition; in defiance of a regulatory order years ago. (But the cable company is very happy to provide local phone service, regulations are for other companies.)
DSL competition works reasonably well, when it works. When it doesn't, you get the finger-pointing game... well, you get that if you subscribe to the phone company's DSL service (Bell Sympatico) too, so I guess they're at least being indiscriminately incompetent.
Older stud finders didn't detect metal... they only detected material that was right up against the wallboard. The one I have with a deepscan mode can't distinguish between the stud you want to drill into and the mains cable you don't... or drain... or gas pipe.
If you have one of those, get a new one with live AC and metal detection.
Is there really a difference in the error correcting codes written to +R and -R?
The important difference is buffer underrun recovery. The +R blanks have a time-code in the groove that's pre-cast into the polycarbonate. -R blanks don't. So, in the event of a buffer underrun, DVD+R can accurately locate the last-time-written position and resume burning without a gap. DVD-R will have to have a gap, just like CD-R with buffer-underrun protection.
For.ISO-type pre-burned image streaming, this isn't a big deal; pick a speed where "Disc At Once" won't be too fast for your hard disk, and there won't be a gap on -R and +R won't win you anything.
But for backup programs, which make things up as they go along, they often underrun. DVD-R takes forever to re-synchronize, and the backup takes much, much longer as a result--and may not read in a DVD-ROM drive if you need it as an emergency boot disk (where facilities exist yadda yada). DVD+R will re-synchronize very quickly.
The gaps also result in a loss of usable disc; with Retrospect for Macintosh, I get about 2.7-3.2 GB on a DVD-R, and 4.3 GB on DVD+R. (There's checksums and catalog data eating up the remaining.4 GB of DVD+R.) That, and 10-15 minutes to write a +R vs. nearly an hour for -R (in an 8X nominal burner), means: Video goes to -R, and Data goes to +R.
That's just Sun being late to the party. Everyone else had that bug in the "r" commands back in the early 90s; 'rlogin -l -froot hostname' was great when you got spam from an unpatched server. (Which was rare enough to be entertaining.)
I think it was the Linux port of the "r" commands that had someone say, "Hey, these things have been broken _forever_!"
The Rockwell 6502 was a hard-wired processor; there was no "illegal instruction" check. So, any bit-patter you loaded as an instruction would try to do something. Sometimes, because of the internal open-collector busses, you'd get neat "something OR something" that wouldn't normally happen.
Here's the I'm Feeling Lucky hit on it: 6502 Opcodes.
Thing is, the results might vary from implementation to implementation. So they might not work usefully on the 6510, which was otherwise a 6502 with an I/O register at $0000-$0001.
So maybe they'll let me use a keyboard and mouse on the console? I've got one plugged in already. Actually, it's a Model M with built-in trackball and a USB-PS2 (IBM PS2, not Sony PS2) adapter. I'd want a real mouse for games, but it works nicely with the webby thing and for entering names and stuff.
I've got two relatively cheap 4:3 SDTV sets, both with 480i component in. One's a Toshiba 14", and the other is an LG 20". They're not old, less than 4 years or so. The LG does not have S-Video, the only "decent" video you can feed it from DVD or a game console is 480i component.
The Toshiba, being the cheaper of the two, does have a "16:9" squeeze mode, which compresses the vertical scan range. I don't remember if the LG can do it.
Not that I see any use for the Apple TV; it's too limited. I might as well just use a video iPod or my AVOX Jukebox hard-disk enclosure.
That was my first reaction, too. It's exactly a dot-matrix line printer. Just ink jet instead of impact, and with all the dots instead of 1/8 of them and a slightly moving "comb".
And the corresponding remote control for the PS3 works very nicely indeed; it only has one downside... it's Bluetooth, so I can't use my infrared learning remote. And I still aim it at the PS3, even though it doesn't matter.
(Everyone has noticed that pressing the "PS" button on a PS3 remote or controller turns on the system? Good.)
The PS3 is actually slightly nicer to use than my nice DVD player. Easier to get to the slow/pause/step functions. 'Cept "STOP" is in the middle of all that transport stuff and I hit it accidentally a few times; but PLAY goes right back to where you left off.
High Definition, HDMI and the DRM is not the devil - it's merely a mechanism that prevents movies from being copied.
Tell that to my PS3, Harman/Kardon AV receiver and Panasonic Viera TV that get along like a house on fire when dealing with HDMI signals. As in, screaming, flashing, and a lot of smoke but not much worth watching. It's not just Westinghouse that has "blinking screen" issues. The audio drops out on my ExpressVu HD box over HDMI.
Both work flawlessly up to 1080i on component and optical digital; well, as far as I can tell, it's only a 720p native TV.
Frankly, I love the idea of a single-connector interconnect between devices. But the day I see copy protection technology that actually permits unencumbered playback while preventing copying I'll... I'll... I'll switch to Windows.
Problem with the spammers hoping #3 works is, a bunch of us report stock pump'n'dump scams to the SEC. The SEC is not watching the trading patterns only.
All that Firefox lacks is password storage in the keychain and bookmark sync across multiple machines.
Between the two, it doesn't matter where I am, Safari has the same stuff in it.
Which is handy 'cause my stupid G4 iBook has a thermal fault somewhere around the NVRAM and I really should call the repair centre and see how they're getting along.
It's not like the G3 iBook had 6 bad main logic boards put in it....
(And yet I still can't stand to use Windows as a primary OS. Maybe I'll get one of those laptop Solaris machines. Or one of those old PowerPC Thinkpads that run AIX.)
Slashdot Mirror
I had the same problem as the parent with the same config the grandparent was using. Two things helped immensely.
First, a few rules in my Postfix helo_access file:
(Yes, that doesn't trap all ways of writing IP address, and leaves out 172.16/12. It's the first 3 rules that do most of the work, as it turned out.)Second, turning on some more RFC strictness in Postfix SMTP chat:
And I'm thinking of moving permit_mynetworks to just above check_helo_access now that I've got SASL working nicely on all the other stations.But it's all moot now, because pobox.com can now do MX for customer domains with wildcard addresses AND you get all of their peer-IP-address- and header-based anti-spam checks. I've been using them for _years_, so was quite happy to use that new service.
Well, I left it all there, so that no-one going directly to the A record for the domain can invent things, either.
Oooh, your #2 one really used to annoy me. It would lose the current play "context", too; I usually play by artist or album, sometimes playlist. I pretty much never just go to "Music" and hit play, that would be a very strange mix.
That being fixed and the 80 gig capacity are what I really like about the 5.1G model. (Apparently it can do "video" and "photo", but I don't care. OK, so maybe there's some porn on it....) And, being a Mac owner with USB1.1 machines, I never noticed the USB charging problem--I always used a FireWire cable.
Hmmm. Now that I think about it, I'm still using a FireWire-type charger on the 5.1G at work, which is generally the only place I charge while listening. So I have no idea if that USB problem still exists. (Linux insists on logging on to any mass storage device--even if it is unmounted--so charging from my workstation's USB port isn't going to happen, as it will go into disk/sync mode.)
Rolling back the repository on the server is a very, very bad idea unless you're recovering from a major "OH DAMN!". Much better, in Subversion, is to just copy the old, good one that you want to the latest version, then the clients will know to update.
CVS can get so badly lost you have to manually hack the entries file if you start making revisions vanish on the server.
If the prefix was '@@', then I'd suspect them of being ClearCase fans.
I always suspected ClearCase as being, originally, written by some guys who missed the VMS filesystem on UNIX; all the other cruft being added later.
But boy could it panic a Red Hat box when we tried it....
Any system without full Secure Attention Key support is spoofable.
All I need to do on UNIX-a-likes is make something called 'sudo' that gets invoked earlier in your path and says "Password: " the same way.
Since you can customize the 'sudo' password prompt, for Extra Fun Bonus, what I really want to do is invoke 'sudo' connected to a PTY that my program controls the other side of. That way, I can pass the actual password through and have sudo work.
Same applies for fake screensaver unlock boxes, console login prompts, GDM logins (heck, with Red Hat Enterprise, I never know what the GDM login is going to look like from one machine to the next), and so on.
Without a true Secure Attention Key, and one which must be used to have the system verify a password, any system is spoofable.
What we really need is, like others say, a vast reduction in the number of programs that ask for elevated privileges but don't really need them, they're just badly coded. (And this goes for Mac OS X apps, too; frankly, I think there's too much junk in installer form rather than just a drag-and-drop .app folder in a disk image download. If I copy the .app to /Applications, sure, Finder may want some extra privs. But if I put it in ~/MyStuff, no password.)
It needs to be so that people see a password prompt and say, "Why does it need this?" rather than "oh not again."
Page zero on AIX is mapped read-only and guaranteed zero.
So writes through a NULL pointer crash just fine.
Reads through a NULL pointer read zero.
There's a reason for this. It's a performance optimization; remember, AIX 2 and up run on superscalar pipelined CPUs, which everything is today, but it was a bigger deal in the RT PC and first-generation RS/6000 days. Well, the biggest deal on the RT PC was keeping a fire extinguisher close at hand, the RS/6000 was rather better.
What that means is, say you have C code like this:
On AIX, the compiler can generate pseudo code like this (not valid syntax or opcodes):
The important part being, the load through (*somewhere) has been started before the pointer is verified as valid. This allows the compiler to avoid issuing a no-op; the optimizer knows load gr3,(0) is safe (== won't fault), so it doesn't have to wait for the test to complete. Actually, on POWER, it doesn't have to put a no-op in, the processor will just stall the pipeline if it sees a set and use of a register too close together.
Also, AIX guarantees that uninitialized storage (BSS) is zeroed before being given to the process; newly allocated pages are also zero. (This is at the brk(2) level.) In fact, if you aren't using the C memory routines or derivatives (malloc/free), the fastest way to get blocks of zero on AIX is to disclaim(2) the memory and then brk(2) it back in.
As another poster said, this is to prevent information leakage between processes.
And yes, assumption that "all OSes are like this OS" is the mother of all porting nightmares. Just try and get an "everything is Solaris" program working on a non-ELF based system. Apple's actually done a fair job of allowing that to work; but most other non-ELF systems are a big pain for people who assume the Solaris (and therefore Linux) dynamic linker will fix their mess--like their violations of the ANSI C++ One Definition Rule.
The 80gb disk may not have been much of an upgrade on the 5G (I can't bring myself to call it 5.5G either), but it did make the disk big enough that I upgraded from my 20 gigger....
I don't sync my iPod regularly; I just put everything on it and I can listen to whatever I want whenever I want. Figuring out what I might want on iTunes is not for me; so I'm happy to have the Big Disk (and still have 20 GB free for moving data around, too.)
And you have to do 'em all on a pre-emptive multitasking system, as your registers will get written to RAM during a context-switch.
Even on a non-pre-emptive system, there's still interrupts to worry about.
So, you're advising getting the extended scam I mean warranty on Blu-Ray and HD-DVD players? Otherwise, just revoke the player keys after they've been out of production for 90 days (or whatever the factory warranty is), and presto! Everyone now has a player that won't play new discs!
The automakers can only dream of something like this. Or maybe OnStar can crash your car. (Hey, there's airbags, so the customer or insurance can buy another one!)
There are countries where there's more than just the manufacturer's warranty that applies; the U.S. is mostly not one of them. (State-to-state legal differences....)
Which is why I gave up on that, and use Windows for two things: DVDDecrypter and Garmin MapSource. And DVDShrink. I use Windows for three things, DVDDecrypter, DVDShrink, Garmin MapSource, and Dungeon Keeper II....
I really need to get a comfy chair.
I know people who think that. Well, one person, anyway. He doesn't care how Google actually works, explaining "keyword search" and link-relevance gets an "I don't care, it should show me what I want". With your example, he would want the "Oracle at Delphi Visitor's Guide", and anything about the Oracle database or competing visionaries would really piss him off.
Fortunately, I don't care about people who don't want to understand something, yet think that something should understand them. It's a two-way street.
Yup, my cheap Blu-Ray player (or expensive PS2 and PSone game machine) plays conventional (and burned) DVDs just fine. It actually is slightly nicer to use than my dedicated DVD player; so I watch movies in the PS3 and leave TV-on-DVD in the DVD machine so "resume play" works. (It doesn't remember last-play position after eject. Hmmm, I think the PS3 does, maybe the dedicated DVD player is completely useless now.)
Tell your telcos to look north. We've got competition for local telephone service and local DSL, also DSL on "dry line" (one without POTS provisioned on it).
Though the cable company still won't open its plant to competition; in defiance of a regulatory order years ago. (But the cable company is very happy to provide local phone service, regulations are for other companies.)
DSL competition works reasonably well, when it works. When it doesn't, you get the finger-pointing game... well, you get that if you subscribe to the phone company's DSL service (Bell Sympatico) too, so I guess they're at least being indiscriminately incompetent.
Older stud finders didn't detect metal... they only detected material that was right up against the wallboard. The one I have with a deepscan mode can't distinguish between the stud you want to drill into and the mains cable you don't... or drain... or gas pipe.
If you have one of those, get a new one with live AC and metal detection.
Is there really a difference in the error correcting codes written to +R and -R?
The important difference is buffer underrun recovery. The +R blanks have a time-code in the groove that's pre-cast into the polycarbonate. -R blanks don't. So, in the event of a buffer underrun, DVD+R can accurately locate the last-time-written position and resume burning without a gap. DVD-R will have to have a gap, just like CD-R with buffer-underrun protection.
For .ISO-type pre-burned image streaming, this isn't a big deal; pick a speed where "Disc At Once" won't be too fast for your hard disk, and there won't be a gap on -R and +R won't win you anything.
But for backup programs, which make things up as they go along, they often underrun. DVD-R takes forever to re-synchronize, and the backup takes much, much longer as a result--and may not read in a DVD-ROM drive if you need it as an emergency boot disk (where facilities exist yadda yada). DVD+R will re-synchronize very quickly.
The gaps also result in a loss of usable disc; with Retrospect for Macintosh, I get about 2.7-3.2 GB on a DVD-R, and 4.3 GB on DVD+R. (There's checksums and catalog data eating up the remaining .4 GB of DVD+R.) That, and 10-15 minutes to write a +R vs. nearly an hour for -R (in an 8X nominal burner), means: Video goes to -R, and Data goes to +R.
That's just Sun being late to the party. Everyone else had that bug in the "r" commands back in the early 90s; 'rlogin -l -froot hostname' was great when you got spam from an unpatched server. (Which was rare enough to be entertaining.)
I think it was the Linux port of the "r" commands that had someone say, "Hey, these things have been broken _forever_!"
The Rockwell 6502 was a hard-wired processor; there was no "illegal instruction" check. So, any bit-patter you loaded as an instruction would try to do something. Sometimes, because of the internal open-collector busses, you'd get neat "something OR something" that wouldn't normally happen.
Here's the I'm Feeling Lucky hit on it: 6502 Opcodes.
Thing is, the results might vary from implementation to implementation. So they might not work usefully on the 6510, which was otherwise a 6502 with an I/O register at $0000-$0001.
So maybe they'll let me use a keyboard and mouse on the console? I've got one plugged in already. Actually, it's a Model M with built-in trackball and a USB-PS2 (IBM PS2, not Sony PS2) adapter. I'd want a real mouse for games, but it works nicely with the webby thing and for entering names and stuff.
Of course, seeing as the FSF got started because someone wanted a working printer driver, the intent was to have the code work on the original system.
I've got two relatively cheap 4:3 SDTV sets, both with 480i component in. One's a Toshiba 14", and the other is an LG 20". They're not old, less than 4 years or so. The LG does not have S-Video, the only "decent" video you can feed it from DVD or a game console is 480i component.
The Toshiba, being the cheaper of the two, does have a "16:9" squeeze mode, which compresses the vertical scan range. I don't remember if the LG can do it.
Not that I see any use for the Apple TV; it's too limited. I might as well just use a video iPod or my AVOX Jukebox hard-disk enclosure.
That was my first reaction, too. It's exactly a dot-matrix line printer. Just ink jet instead of impact, and with all the dots instead of 1/8 of them and a slightly moving "comb".
And the corresponding remote control for the PS3 works very nicely indeed; it only has one downside... it's Bluetooth, so I can't use my infrared learning remote. And I still aim it at the PS3, even though it doesn't matter.
(Everyone has noticed that pressing the "PS" button on a PS3 remote or controller turns on the system? Good.)
The PS3 is actually slightly nicer to use than my nice DVD player. Easier to get to the slow/pause/step functions. 'Cept "STOP" is in the middle of all that transport stuff and I hit it accidentally a few times; but PLAY goes right back to where you left off.
Tell that to my PS3, Harman/Kardon AV receiver and Panasonic Viera TV that get along like a house on fire when dealing with HDMI signals. As in, screaming, flashing, and a lot of smoke but not much worth watching. It's not just Westinghouse that has "blinking screen" issues. The audio drops out on my ExpressVu HD box over HDMI.
Both work flawlessly up to 1080i on component and optical digital; well, as far as I can tell, it's only a 720p native TV.
Frankly, I love the idea of a single-connector interconnect between devices. But the day I see copy protection technology that actually permits unencumbered playback while preventing copying I'll... I'll... I'll switch to Windows.
Problem with the spammers hoping #3 works is, a bunch of us report stock pump'n'dump scams to the SEC. The SEC is not watching the trading patterns only.
All that Firefox lacks is password storage in the keychain and bookmark sync across multiple machines.
Between the two, it doesn't matter where I am, Safari has the same stuff in it.
Which is handy 'cause my stupid G4 iBook has a thermal fault somewhere around the NVRAM and I really should call the repair centre and see how they're getting along.
It's not like the G3 iBook had 6 bad main logic boards put in it....
(And yet I still can't stand to use Windows as a primary OS. Maybe I'll get one of those laptop Solaris machines. Or one of those old PowerPC Thinkpads that run AIX.)