Contributed by jose on from the defense-on-many-fronts dept.
Recall that every stack protection mechanism has been defeated in some form or another, but OpenBSD's multifaced stance is sure to help protect things a bit further. Theo's right, the wider community's silence is interesting."List: openbsd-misc Subject: our recent security stuff From: Theo de RaadtLink: http://marc.theaimsgroup.com/?l=openbsd-misc&m=104425125001567&w=2 "Date: 2003-02-03 5:45:36 The most amazing thing about this new buffer overflow stuff is that it appears noone in any other project has commented on it in a public mailing list anywhere. Eerie silence. I don't know about how you guys view that, but to me it is pretty depressing that none of these other projects (or their users) see the impact and import of these changes; that indicates a large lack of vision. The interesting side of ProPolice is that it will, once we ship 3.3, be on everyone's OpenBSD machines. People will run buggy software. ProPolice catches bugs at run-time. When a buffer overflow is accidentally (or purposefully) hit, a syslog will be delivered naming the function where the problem happened, before the program aborts. Since our noses are stuck in the source, and our run-time testing methodology is weak (as weak as the entire industry) many bugs will be found; safely. Many bugs will be found, because there's only a few of us running this stuff now, in the way we run it. But when these runtime errors are caught, it will be easy to find the actual bugs. And easy for an attacker to attack the same software on another system. I don't know how large this impact will be. However, it is possible it might be big. I used to ask Crispin Cowan if StackGuard had ever found any regular bugs; and he never said yes... well, since integrating ProPolice we've already found a whole bunch of bugs as a result of it. So, this might be very interesting...
(Comments are closed)
By systrace () grifter@w3dev.net on mailto:grifter@w3dev.net
By Anonymous Coward () on
Comments
By Anonymous Coward () on
Also, I wonder how many people truly understand what was done. I don't. Of those that understand this in concept, how many understand this in detail? In code? And then have the will to implement it?
The population that *can* comment on this shrinks handily. That, to me, is the probably the primary cause of the silence. Combine that with the industry hands of eyes, mouth, ears, and you get a lot of quiet.
By Anonymous Coward () on http://www.microbsd.net
Comments
By djm () on
Comments
By Anonymous Coward () on
By schubert () on
Two years ago? Are you an idiot? According to freshmeat the initial announcement for 0.1.1a was LESS than ONE year ago.
0.1.1Alpha Initial freshmeat announcement 13-May-2002 21:42
http://freshmeat.net/releases/84225/
Unless by some freak nature it took them 15 months to move from 0.1 to 0.1.1a or they just then decided to post on freshmeat, you wouldn't know from their website since they seem have a habit of not keeping a real history of previous releases.
Do you always rant and rave and carry on without fact checking? (be glad you did so anonymously)
I'm glad MicroBSD exists, it seems to be where alot of useful and not useful and just plain BAD additions to a bsd system can be made, tested, played with yadda yadda. But to hell if its going on one of my boxes, not without some substantial proof of integrity of those additions.
Comments
By Anonymous Coward () on
Comments
By schubert () on
Comments
By Anonymous Coward () on
Comments
By schubert () on
By click46 () click46@operamail.com on www.genmay.net
good luck with that.
By Anonymous Coward () on
By brian () on
stephanie dont try to solve any problems; it exists to allow people who like that "extra layer" there have it. you are more than invited to try the latest version and comment on what you think should get fixed. :)
By couderc () on
I'm also curious on why OpenBSD has been imported instead of the MicroBSD sources ?
MicroBSD sources should have been ready to import, this would have been avoided to commit changes.
I'm also amazed by the way they use to manage sync with OpenBSD ...
By Anonymous Coward () on
By Anonymous () on
Won't nonexecutable data make it tough/impossible to create language implementations that use incremental compilation (aka just-in-time compilation, "JIT"), which is in effect a controlled form of self-modifying code.
Such techniques are important for high-performance implementation of the more dynamic languages, like Lisp and Java.
Comments
By Parturient Ungulate () on
It would be interesting to find out whether the existing mechanisms can be used to run generated code (mmap, etc), or if a new mechanism, syscall, whatever is in order. Are you up to the task?
By Anonymous Coward () on
it needs it to be executable. not doing so is a
bug in the program.
Comments
By Anonymous () on
Yes, but what happens on those architectures where you cannot actually set the protection in a fine-grained way?
Consider the i386, where, as Theo says, you can only "draw a line" across the address space. To write the code, the memory needs to be allocated on the writable-but-nonexecutable side of the line. To execute, it has to be moved to the executable-and-protected side of the line, which changes its address.
I think mprotect() cannot do this! You need to define a new system call like
exe_addr = make_executable(data_addr);
where exe_addr points to the executable code and is different from data_addr, if the CPU does not support making the page executable in-place.
Comments
By tedu () on
By Janne Johansson () on
platform needs to do magic, then they'll just have
to make a magic_mprotect() for it. No big deal.
Whatever the loops are, it STILL is a good idea,
since external injected code can't execute before
it's magic_mprotect()ed anyway, so it can't mprotect()
itself. This is why it's worth the while.
By Anonymous Coward () on
By Anonymous Coward () on
Maybe it hasn't gotten as much admiration as theo would like, but it hasn't exactly been ignored either.
By RooTchO () rootcho@microbsd.net on www.microbsd.net
appears noone in any other project has commented on it in a public
mailing list anywhere. Eerie silence.
I don't know about how you guys view that, but to me it is pretty
depressing that none of these other projects (or their users) see the
impact and import of these changes; that indicates a large lack of vision.
first let me tell you the MicroBSD team had this vision from the start,
sincce they were first to release stack-protection in 0.1 in 2001
second they have added/modified and re-written alot of other features that you dont find in any BSDs (ACLs). We don;t want flame wars we want just the credit for doing it first.
Comments
By Anonymous Coward () on
* How did propolice work in MicroBSD, as there clearly were some bugs in it (these bugs are fixed, thanks to OpenBSD and etoh@)?
By Anonymous Coward () on
kiddies ...
By Anonymous Coward () on
You guys have a serious credibility problem. No wonder you get ignored, if you're not standing up to your work with your real reputation.
Would you trust your networks security to someone you can't fly over to and kick his butt in person if he fucks up?
Comments
By Anonymous Coward () on
The free BSD's come with absolutely no warrantee.
Fact is, no matter who you are, past, present or future, mistakes you will make. Some of the Worlds absolute finest can make probes that land on Mars (back in the 70's) and other probes that travel, explore and communicate for decades, but then also turn a space shuttle into a meteor shower.
Comments
By Anonymous Coward () on
You have little to no credibility. Hence, you are ignored. Don't like it, then change. Don't care, then keep coding and shut up and be silent and let your code speak for itself. Instead, you have done neither.
By Anonymous OBSD user () on
uBSD may, in fact, be cooler than a bag of liquid nitrogen. It's hard to tell, though, as the people behind the project do not seem to understand the concept of "accountability" and "transparency".
The fact is, you are coming across as a bunch of script kiddies. If you want to be taken seriously, then you may want to consider an attitude adjustment.
By matteo () on
i haven't been to the microbsd site, but all the weak egos complaining that they aren't any good because they have funny names reminds me of what i didn't like about 3rd grade.
grow up folks!
By djm () on
By lars Hansson () lars@unet.net.ph on mailto:lars@unet.net.ph
You know what? The day you guys stop hiding behind retarded nicknames (Hackers sucked, kiddo) and take some actual pride in your product people might consider taking you seriously.
Until then you're just soma lamers with little to show and nothing to be credited for.
Comments
By OBD () dingo@microbsd.net on mailto:dingo@microbsd.net
By Anonymous Coward () on
By RC () on
Glad to hear that Theo is excited about it, but it's still VERY early on in the process. I wouldn't expect any interest until, AT LEAST, after 3.3 is released and tested.
By Anonymous Coward () on
Others had already been looking at ProPolice, before Theo decided it was cool enough to integrate, same as they already use ELF's .rodata and are working on changing compilers and the kernel to support non-executable stacks.
So you might say OpenBSD is still playing catch up with others when it comes to security on the fronts mentioned in Theo's post.
Comments
By Anonymous Coward () on
Comments
By Anonymous Coward () on
by their unique smell
Comments
By Anonymous Coward () on
By Anonymous Coward () on
Comments
By Anonymous Coward () on
Comments
By Anonymous Coward () on
By Anonymous Coward () on
Umm, and who are you folks again?
By Anonymous Coward () on
Comments
By Anonymous Coward () on
By Thio Deraatd () thio@redhat.com on http://www.deraatd.org
Over the recent path, I have growingly lost faith in the OpenBSD platform and recognize Linux's leading edge value in the enterprise marketspace. I was recently offered a job by Red Hat, Inc and after much turmoil and thought have decided to accept their offer. I will be in charge of bringing OpenBSD's more security-focused features to the Linux kernel.
Thus, let it be known that today I am resigning as the OpenBSD project lead. Thank you for the many wonderful years in the project, good luck. List members, please post this to the appropriate mailing lists, thanks.
Sincerely,
Thio Deraatd
(Former) OpenBSD Project Lead
Comments
By Anonymous Coward () on
By Anonymous Coward () on
By kremlyn () on
By Anonymous Coward () on
By Anonymous Coward () on
Comments
By Anonymous Coward () on
By Anonymous Coward () on
By Anonymous Coward () on
Is the propolice stuff enabled by default, or do I have to do something special before I compile the system?
Comments
By Anonymous Coward () on
Comments
By Anonymous Coward () on
instead.
By Klaus Feiertag () on
Or better formulated: How do the latter compare to OpenBSD in this respect. Any URLs, hints?
Thanks
Comments
By Michael van der Westhuizen () on
+es flag
Control the ability of user code to execute from stack with the flag values, enable and disable. See the Restricting Execute Permission on Stacks section below for additional information related to security issues.
The "Restricting Execute Permission on Stacks" goes on to explain what we all have heard already about executable stacks, then states:
The message logged by the kernel is:
WARNING: UID # may have attempted a buffer overflow attack. PID # (program_name) has been terminated. See the '+es enable' option of chatr(1).
So the logged message points to the program, not the function.
A little later the man page explains that setting the kernel tunable parameter "executable_stack" to 1 (default) should only be done for compatibility with older releases, while setting it to 0 is recommended for security sensitive systems.
The other valid value for "executable_stack" is 2, which means that non-fatal warnings will be logged - otherwise it's behaviour is the same as 0.
The man page this information is from states that it applies to HP-UX 11.11 (11i) while the system is 11.00 - I'd assume it applies to both systems.
The +es option applies to both PA32 SOM and PA64 ELF executable formats.
By Anonymous Coward () on
By marc () on
documentations, everything that shows it is a serious project..if not, not many people will even download and install it.
And like someone said stop pšeudo name
and put real name..
if it is a fork of openbsd tell it and who
were you in the openbsd team.
Comments
By Anonymous Coward () on
Comments
By Anonymous Coward () on
Comments
By Anonymous Coward () on
By marc () on
and if it isn"t done even if u have the best project
you attract noone.
By ihate'distro'BSDs () on
Really every thing they've done is just incorporate patches from various sources into essentially a distro. If they actually broke new ground on a challenging problem of their own effort, maybe it would raise some more eyebrows - e.g. if they got x86 over to ELF; or got decent SMP support all on their own. Then maybe someone would give a rats ass and borrow some of their code instead of the other way around. As it stands, incorporating other people's patches does not make you unique. Just as "sticking feathers up your ass does not make you a chicken."
I see plenty of other OpenBSD derived releases without the bad karma (e.g. Opensoekris) because they "ain't frontin'" - straight up, such projects know that they're doing little more than the average clued in OpenBSD user with some time and energy. Meanwhile, I think 99.9% of people (or even clued in OpenBSD users) do not have the wherewithall or desire to build and mold -new- things to their needs as OpenBSD has (e.g. pf, openssh, systrace, etc).
Comments
By Anonymous Coward () on
By Che Ge Rootvara () fu@ck.yu on www.nahuy.com
When he started Open it was called "NetBSD and some more", not less, later he discovered security scare venue.
So, what's innovative and truly original in Open?
Comments
By Brad () brad@comstyle.com on mailto:brad@comstyle.com
By grey () on
Actually, when he started OpenBSD it was proportedly called ScandinavianBSD - not "NetBSD and some more" due to the number of Scandinavians who were helping him early on. The security initiative also began pretty much from the get-go as it appeared that very early on some of his machines were tampered with (read: pieces of coremail were deleted from what I recall) by someone with a bit of knowledge about unpublished NetBSD vulnerabilities. This provided the first incentive to really begin the first code audit (which was in process as early as 2.1 - the first 'official' release).
That's more or less a recapitulation of some of the points Theo mentioned at his 2001 talk at CanSecWest - I may have screwed up on some of the details, but it's close to what I remember at least.
I know, it's a long read (but I think well worth it) but if you ever bothered to read coremail (http://zeus.theos.com/deraadt/coremail.html), . you would have noticed that Theo's frustration and eventual fork with the NetBSD core team was related to some 10k lines of Theo's own code to improve original sparc support that he was not allowed to commit himself. You should cough up some facts about Sparc64 status as it stands, beyond things that Theo et al have already admitted themselves to be porked due to insufficient documentation. I don't think I have ever heard claims that NetBSD's sparc64 support is more mature [though I have heard such things regarding Linux support, as they have had documentation - whereas OpenBSD has not even been offered an NDA to sign] Older sparc64 architectures are doing OK as it stands, but USIII (and looking forward towards USIV & USIIIi) support is seriously hindered by lack of cooperation from Sun.
As far as what is truly innovative & original - you need to remember that OpenBSD isn't about the newest and coolest features, so much it is about -correctness-. That said, performing a full & ongoing audit on their tree was a first for opensource OS's, being the first OS to ship with ssh [their own BSD-licensed version no less], being the first OS to ship with IPSec support, and on and on.
I think what OpenBSD has really garnered is a reputation based on true merits. Certainly there are other people out there doing similar work (or even more advanced work) - but it is primarily independant and not well tested. When OpenBSD takes the time to adopt something, they go whole hog and really work to get a lot of the kinks out. The Propolice example is only a recent one of something that had beeen ignored for several years by the community - until OpenBSD adopted it, and now the original developer has worked in cooperation to effect some 2500 lines of changes to the original. That's a real sign of cooperation with other like minded developers - which many independant projects will never attain because they're too focused on simply looking cool rather than hammering things to completeness. I think you'll notice that for dedicated individuals, there has actually been a lot of cooperation with the OpenBSD project. Theo and Solar Designer seem to have quite a bit of respect for each other, and even though OWL and OBSD have different licenses oriented goals - you'll notice that OpenBSD adopted popa3d as part of the base install (though not enabled). While OBSD might have been slower on the uptake of stack protection than others, I don't think anyone can argue that they have done it in a half assed way, in fact just the opposite seems to be true.
What to me seems to be innovative and original, is that here we have a software project which is more concerned with quality & correctness - traditional craftsmanship values than anyone else is, publically. They're -not- trying to win any races in speed, or have cool wizbang chromey features, they're not trying to glorify themselves either - they realize that humans are fallable, and so they do their best to correct mistakes [which very often are in other people's software]. As such the trust and respect they get is one that is earned, I don't see any other project matching them there yet. If you have some examples of software out there that match that in innovation & originality - please let us all know. But I'll bet that if you do, they're not things that many OpenBSD folk have a beef with (e.g. maybe postfix or djbwarez [which I think most OBSD users respect, even if they don't -get- DJB himself]).
Comments
By Anonymous Coward () on
Are you joking..? ignored for several years by all the BSDs but MicroBSD. Everyone says how OpenBSD, and BSD in general overlooked this technology. This is completely not true. Why is it you all decide to downplay the truth and censor other projects that also have merit. Ive read nothing but BS when it comes to accountability. If someone were to really do some solid research and maybe look at MicroBSD 0.1 they would see that stack-protection was released by a "lessor" MicroBSD in 2001. Why cant anyone accept the fact that Theo is not the Visionary everyone claims. There are other thats exist in this community, Well that could exist in this community if they were allowed to.
Comments
By Anonymous Coward () on
Sorry about feeding the trolls, but for the love of all that's holy, someone needs to take their meds.
By grey () on
I don't know the answer to any of those questions, because I don't follow MicroBSD. However, the answer to those three questions is quite clear in the case of OpenBSD, which I do follow - and the Propolice project itself has undergone improvements as a result, not just OpenBSD. So, thanks to OpenBSD's efforts - MicroBSD will also benefit.
No one is trying to censor MicroBSD, prevent them from existing or anything else. MicroBSD was not even mentioned in my above post, nor in the post from 'Che Ge Rootvara' to which I was responding. It was not a conscious consideration in my post. I am sorry that I did not instead say "The Propolice example is only a recent one of something that had been ignored for several years by the community --AT LARGE--..."
Moreover, in my response, I think I stated just the opposite of Theo & OpenBSD being 'visionary' - I'm not claiming that, nor would I argue that. What I feel is unique to OpenBSD is that the project focuses on correctness, not the latest and greatest. They tend not to adopt technologies until they are ready to. I would say that this is the opposite of the visionary innovation complex you seem to be obsessing over - you seem only to be arguing with yourself.
What has traditionally set OpenBSD apart from others, is that when they do finally adopt a technology, a concerted effort is made at doing it right and if they're working from an existing codebase, they try to make some real improvements (OpenSSH started as just v1, but it wasn't a very long wait before v2 support was also added; and even pf was started off of someone else's simplistic packet filtering project). Their efforts are also done cooperatively as often as possible with other development teams (systrace was ported to NetBSD & Linux even before the provos [hopefully just a] hiatus), and that is shown yet again in their Propolice efforts as evidenced by the code changes that have now occurred to Propolice.
This is a free world, and this is all freely BSD-licensed software. The only thing that will affect MicroBSD is their own work, trust & recognition are gained over time by demonstrated excellence of one's own actions; or at least, that's an ideal to strive for.
I do not know if MicroBSD is accomplishing that or not, I would have to try it to know. I will state that while MicroBSD once garnered some curiousity as a project I would keep an eye peeled for if I saw some headlines [which jose has posted information on twice to deadly] I am certainly becoming increasingly less interested to try it out on my own due to the continual pandering found on OpenBSD mailing lists & discussion forums, especially by people that aren't even clearly associated with the project [at least Outback Dingo used a consistent handle]. If you are a MicroBSD developer, then you should try to be a little more diplomatic in your advocacy, if you are a user, then you should really think about how you are helping people get a positive image about the project. -EITHER WAY- I think you should stop taking things out of context and act so defensive for MicroBSD topic when no one else is directing their comments towards that project negatively.
By Anonymous Coward () on
By couderc () on
Looking at cvsweb i can see that :
http://cvs.microbsd.net/cgi-bin/cvsweb/src/share/mk/sys.mk?rev=1.1.1.1&content-type=text/x-cvsweb-markup
So where are previous versions ?
It has been claimed that cvs can prove all that has been said :
"Proof of integrity is in the CVS server and CVSweb. Check it out for yourself..."
As far as i've seen changes are lots of sed OpenBSD/MicroBSD and somme code changes.
I haven't look at propolice yet but as sys.mk was imported for 0.6 i doubt that propolice can speak better in the cvsweb.
The more funny is to look at the changes like here :
http://cvs.microbsd.net/cgi-bin/cvsweb/src/sys/net/pf.c
Sounds like lot of time is wasted to put back change after each sync (well only one sync is visible).
I think all the above is enough.
Comments
By Anonymous Coward () on
Comments
By couderc () on
Also since we had propolice bugs have been found. Did MicroBSD fixed them ? Did they give some feedback to OpenBSD as it is their base ?
You also say that a diff between both is quite different, can you please give me some example of real changes between both ?
We've been told since a while now that they were well know, so why not putting their real name on the web site ?
Anyway, nobody prevent them to "work" ...
Comments
By Anonymous Coward () on
Comments
By couderc () on
You call that a lot of changes ???
For apache
http://cvs.microbsd.net/cgi-bin/cvsweb/src/usr.sbin/httpd/src/include/http_core.h
http://cvs.microbsd.net/cgi-bin/cvsweb/src/usr.sbin/httpd/src/main/http_core.c
http://cvs.microbsd.net/cgi-bin/cvsweb/src/usr.sbin/httpd/src/main/util_script.c
http://cvs.microbsd.net/cgi-bin/cvsweb/src/usr.sbin/httpd/src/support/htpasswd.c:
For sendmail :
http://cvs.microbsd.net/cgi-bin/cvsweb/src/gnu/usr.sbin/sendmail/sendmail/conf.c
For csh :
http://cvs.microbsd.net/cgi-bin/cvsweb/src/bin/csh/func.c
I really hope that you're joking ...
Comments
By OutBack Dingo () dingo@microbsd.net on mailto:dingo@microbsd.net
Comments
By couderc () on
For what i've seen in your cvsweb there are not so much changes, give me some pointers.
By Anonymous Coward () on
They also added some stuff from http://www.stanford.edu/~tedu/ (mainly cgd and device polling).
Brian Innu is developing Stephanie (now called ESF, Extended Security Features) in MicroBSD and ported Verified exec from NetBSD (http://www.netbsd.org/Changes/#veriexec_021029).
They also added Daniel Lucq's POSIX/1.e work (http://www.lucq.org/openbsd/posix1e.html).
The only thing they did themself was replace OpenBSD by MicroBSD. That's it.
Comments
By Dries Schellekens () on
By OutBack Dingo () dingo@microbsd.net on http://www.microbsd.net
no, not taken, it was all commited by the person who wrote it, and is actively involved.
http://www.stanford.edu/~tedu/
someone we also helped debug some of the work he did port that we integrated, ask him!
Brian Innu is developing Stephanie (now called ESF, Extended Security Features) in MicroBSD and ported Verified exec from NetBSD (http://www.netbsd.org/Changes/#veriexec_021029).
another person who commited brand new re-written code to cvs himself and is also actively participating.
http://www.lucq.org/openbsd/posix1e.html
yes this was integrated by myself, blink blink, ive seen code written by other projects integrated in other BSDs by someone other then the maintainer.
we also had Hiroaki Etoh work with us in 2001 to integrate propolice, stack protection, and it was done on our servers, and yes it was committed by me after it was finished.
there is still more... not bad for 6 people.
By brian () on
i integrated stephanie of an earlier version into microbsd to make sure i dont get emails/comments like "stephanie doesn't work" because improper code insertion. i wouldn't call that active participation either - i just make sure my code dont generate any complaints from people who're using it...
ps: "innu" is not my last name
By OutBack Dingo () dingo@microbsd.net on http://www.microbsd.net/doc/donate/donation.html
Comments
By couderc () on
Also where are the famous names ? I'm sorry but your two names are unknow for me (well not yours but only as related to MicroBSD).
And yes i'm getting a life as often as i can.
Comments
By OutBack Dingo () dingo@microbsd.net on mailto:dingo@microbsd.net
Comments
By OutBack Dingo () dingo@microbsd.net on mailto:dingo@microbsd.net
Comments
By couderc () on
Problem is they are well known in many diverse areas of this industry. stop by their IRC you might be surprised, look at the names of some of their commiters...
So who are the well know people ?
And i still get no reply about propolice in microbsd. Did bugs were found and if yes, why did they were not reported to openbsd ?
Comments
By OutBack Dingo () dingo@microbsd.net on mailto:dingo@microbsd.net
Comments
By couderc () on
And as microbsd is 99% based on openbsd, i'm amazed that you didn't encounter any problem.
By Anonymous Coward () on
Comments
By OutBack Dingo () dingo@microbsd.net on mailto:dingo@microbsd.net
By jolan () on
MicroBSD has no major sponsors -- the project's infancy was funded by a large cash donation from the Projects Founder (i.e., "savings").
Is there anything you guys don't search and replace?
Comments
By OutBack Dingo () dingo@microbsd.net on mailto:dingo@microbsd.net
By dmp () on
Comments
By Scott Kamp AKA OutBack Dingo () scottk@microbsd.net on http://www.microbsd.net
Comments
By Anonymous Coward () on
http://www.firstmonday.dk/issues/issue3_10/raymond/
and then carefully reflect upon what your reasons are for working on the project and what your goals are?
Because most people, even if they are not aware of it or blatantly claim otherwise, do care what others think about their work, and it's even a primary motivation.
If you should realize that this might be the case for you as well, it should become obvious why putting your real name on the project is crucial.
And if you come to the conclusion that you really don't care about other people's impressions, there's no reason to advocate the project, here or at all, is there?
We're not asking for your name because we want to harrass you. I think you'll get more satisfied if you drop the pseudonyms. It was a constructive criticism, based on personal experience. You're free to refuse it, of course.
Comments
By OutBack Dingo () dingo@microbsd.net on mailto:dingo@microbsd.net
By Commment101 () co@co.us on mailto:co@co.us
Go and dig the web archives, the web-site is cached and everybody can see.
How appalling, nobody in the community noticed the capabilities of Plan9 until Theo with Godz Grace will exclaim in despair. Or something along the lines.
Btw, sparc64 is broken quite a bit on U1, nobody would run this on younger than 5 y.o. SPARC. Go, dig under yorock and gimme some good code, and useable at that...