Re[8]: [gentoo-hardened] getting started.. - gentoo-hardened

From:	"Christian Schäfer" <caefer@××××××××××.net>
To:	Chris PeBenito <pebenito@g.o>
Cc:	Hardened Gentoo Mail List <gentoo-hardened@g.o>
Subject:	Re[8]: [gentoo-hardened] getting started..
Date:	Sun, 17 Aug 2003 07:42:31
Message-Id:	`1274685517.20030817094105@krachstoff.net`
In Reply to:	Re: Re[6]: [gentoo-hardened] getting started.. by Chris PeBenito

1

hi Chris,

2

3

Saturday, August 16, 2003, 8:49:41 PM, you wrote:

4

> Did you remember to load the policy after changing the .te files? (cd

5

> /etc/security/selinux/src/policy ; make load) I still see file_t files.

6

7

no I didn't.

8

but I did now. still errors in dmesg output..

9

10

so this is what I did:

11

- removing network hacks from kernel

12

- added the following lines to fsadm.te

13

  "dontaudit fsadm_t random_device_t:chr_file getattr;"

14

  "dontaudit fsadm_t ppp_device_t:chr_file getattr;"

15

- make load

16

- make relabel

17

18

<current dmesg output>

19

Linux version 2.4.20-hardened-r4 (root@r00t) (gcc version 3.2.3 20030422 (Gentoo Linux 1.4 3.2.3-r1, propolice)) #3 SMP Sat Aug 16 18:14:40 CEST 2003

20

BIOS-provided physical RAM map:

21

 BIOS-e820: 0000000000000000 - 00000000000a0000 (usable)

22

 BIOS-e820: 00000000000f0000 - 0000000000100000 (reserved)

23

 BIOS-e820: 0000000000100000 - 0000000008000000 (usable)

24

 BIOS-e820: 00000000ffff0000 - 0000000100000000 (reserved)

25

128MB LOWMEM available.

26

On node 0 totalpages: 32768

27

zone(0): 4096 pages.

28

zone(1): 28672 pages.

29

zone(2): 0 pages.

30

Kernel command line: root=/dev/hda2 vga=791

31

No local APIC present or hardware disabled

32

Initializing CPU#0

33

Detected 233.868 MHz processor.

34

Console: colour VGA+ 80x25

35

Calibrating delay loop... 465.30 BogoMIPS

36

Memory: 126464k/131072k available (1596k kernel code, 4224k reserved, -2208k data, 264k init, 0k highmem)

37

Security Scaffold v1.0.0 initialized

38

SELinux:  Initializing.

39

SELinux:  Starting in permissive mode

40

Dentry cache hash table entries: 16384 (order: 5, 131072 bytes)

41

Inode cache hash table entries: 8192 (order: 4, 65536 bytes)

42

Mount-cache hash table entries: 2048 (order: 2, 16384 bytes)

43

Buffer-cache hash table entries: 8192 (order: 3, 32768 bytes)

44

Page-cache hash table entries: 32768 (order: 5, 131072 bytes)

45

Intel Pentium with F0 0F bug - workaround enabled.

46

CPU:     After generic, caps: 008001bf 00000000 00000000 00000000

47

CPU:             Common caps: 008001bf 00000000 00000000 00000000

48

Checking 'hlt' instruction... OK.

49

POSIX conformance testing by UNIFIX

50

CPU:     After generic, caps: 008001bf 00000000 00000000 00000000

51

CPU:             Common caps: 008001bf 00000000 00000000 00000000

52

CPU0: Intel Pentium MMX stepping 03

53

per-CPU timeslice cutoff: 160.32 usecs.

54

task migration cache decay timeout: 10 msecs.

55

SMP motherboard not detected.

56

Local APIC not detected. Using dummy APIC emulation.

57

migration_task 0 on cpu=0

58

PCI: PCI BIOS revision 2.10 entry at 0xfb550, last bus=0

59

PCI: Using configuration type 1

60

PCI: Probing PCI hardware

61

Limiting direct PCI/PCI transfers.

62

Linux NET4.0 for Linux 2.4

63

Based upon Swansea University Computer Society NET3.039

64

Initializing RT netlink socket

65

Starting kswapd

66

devfs: v1.12c (20020818) Richard Gooch (rgooch@××××××××××.au)

67

devfs: boot_options: 0x1

68

Installing knfsd (copyright (C) 1996 okir@×××××××××.de).

69

There is already a security framework initialized, register_security failed.

70

Failure registering capabilities with the kernel

71

selinux_register_security:  Registering secondary module capability

72

Capability LSM initialized

73

pty: 256 Unix98 ptys configured

74

Serial driver version 5.05c (2001-07-08) with MANY_PORTS SHARE_IRQ SERIAL_PCI enabled

75

ttyS00 at 0x03f8 (irq = 4) is a 16550A

76

ttyS01 at 0x02f8 (irq = 3) is a 16550A

77

Uniform Multi-Platform E-IDE driver Revision: 6.31

78

ide: Assuming 33MHz system bus speed for PIO modes; override with idebus=xx

79

PIIX4: IDE controller on PCI bus 00 dev 39

80

PIIX4: chipset revision 1

81

PIIX4: not 100% native mode: will probe irqs later

82

    ide0: BM-DMA at 0xf000-0xf007, BIOS settings: hda:pio, hdb:pio

83

    ide1: BM-DMA at 0xf008-0xf00f, BIOS settings: hdc:pio, hdd:pio

84

hda: ST3630A, ATA DISK drive

85

hdb: ATAPI CDROM, ATAPI CD/DVD-ROM drive

86

hdc: ST34321A, ATA DISK drive

87

ide0 at 0x1f0-0x1f7,0x3f6 on irq 14

88

ide1 at 0x170-0x177,0x376 on irq 15

89

blk: queue c01876c4, I/O limit 4095Mb (mask 0xffffffff)

90

hda: 1232784 sectors (631 MB) w/120KiB Cache, CHS=611/32/63, DMA

91

blk: queue c0187a28, I/O limit 4095Mb (mask 0xffffffff)

92

hdc: 8404830 sectors (4303 MB) w/128KiB Cache, CHS=8894/15/63, UDMA(33)

93

hdb: ATAPI 40X CD-ROM drive, 128kB Cache, UDMA(33)

94

Uniform CD-ROM driver Revision: 3.12

95

Partition check:

96

 /dev/ide/host0/bus0/target0/lun0: p1 p2

97

 /dev/ide/host0/bus1/target0/lun0: p1 p2 p3 p4 < p5 p6 >

98

Floppy drive(s): fd0 is 1.44M

99

FDC 0 is a post-1991 82077

100

loop: loaded (max 8 devices)

101

PPP generic driver version 2.4.2

102

8139too Fast Ethernet driver 0.9.26

103

eth0: RealTek RTL8139 Fast Ethernet at 0xc8804000, 00:30:84:28:e3:12, IRQ 9

104

eth0:  Identified 8139 chip type 'RTL-8139C'

105

eth1: RealTek RTL8139 Fast Ethernet at 0xc8806000, 00:e0:7d:82:48:3c, IRQ 12

106

eth1:  Identified 8139 chip type 'RTL-8139B'

107

Linux agpgart interface v0.99 (c) Jeff Hartmann

108

agpgart: Maximum main memory to use for agp memory: 96M

109

agpgart: no supported devices found.

110

SCSI subsystem driver Revision: 1.00

111

scsi0 : AM53/79C974 PCscsi driver rev. 0.5; host I/O address: 0x6700; irq: 11

112

113

NET4: Linux TCP/IP 1.0 for NET4.0

114

IP Protocols: ICMP, UDP, TCP, IGMP

115

IP: routing cache hash table of 1024 buckets, 8Kbytes

116

TCP: Hash tables configured (established 8192 bind 8192)

117

NET4: Unix domain sockets 1.0/SMP for Linux NET4.0.

118

reiserfs: checking transaction log (device 03:02) ...

119

Using r5 hash to sort names

120

ReiserFS version 3.6.25

121

VFS: Mounted root (reiserfs filesystem) readonly.

122

SELinux:  Completing initialization.

123

security:  loading policy configuration from /etc/security/selinux/policy.12

124

security:  3 users, 6 roles, 338 types

125

security:  29 classes, 22777 rules

126

SELinux: initialized (dev 03:02, type reiserfs), uses PSIDs

127

SELinux: initialized (dev 00:08, type devpts), uses transition SIDs

128

SELinux: initialized (dev 00:07, type devfs), uses genfs_contexts

129

SELinux: initialized (dev 00:06, type binfmt_misc), not configured for labeling

130

SELinux: initialized (dev 00:05, type pipefs), uses task SIDs

131

SELinux: initialized (dev 00:04, type tmpfs), uses transition SIDs

132

SELinux: initialized (dev 00:03, type sockfs), uses task SIDs

133

SELinux: initialized (dev 00:02, type proc), uses genfs_contexts

134

SELinux: initialized (dev 00:01, type bdev), not configured for labeling

135

SELinux: initialized (dev 00:00, type rootfs), not configured for labeling

136

Mounted devfs on /dev

137

Freeing unused kernel memory: 264k freed

138

Adding Swap: 499864k swap-space (priority -1)

139

140

avc:  denied  { add_name } for  pid=181 exe=/bin/bash path=/tmp/sh-thd-1061096098 scontext=system_u:system_r:update_modules_t tcontext=system_u:object_r:file_t tclass=dir

141

142

avc:  denied  { create } for  pid=181 exe=/bin/bash path=/tmp/sh-thd-1061096098 scontext=system_u:system_r:update_modules_t tcontext=system_u:object_r:file_t tclass=file

143

144

avc:  denied  { getattr } for  pid=181 exe=/bin/bash path=/tmp/sh-thd-1061096098 dev=03:02 ino=40072 scontext=system_u:system_r:update_modules_t tcontext=system_u:object_r:file_t tclass=file

145

146

avc:  denied  { write } for  pid=181 exe=/bin/bash path=/tmp/sh-thd-1061096098 dev=03:02 ino=40072 scontext=system_u:system_r:update_modules_t tcontext=system_u:object_r:file_t tclass=file

147

148

avc:  denied  { read } for  pid=181 exe=/bin/bash path=/tmp/sh-thd-1061096098 dev=03:02 ino=40072 scontext=system_u:system_r:update_modules_t tcontext=system_u:object_r:file_t tclass=file

149

150

avc:  denied  { remove_name } for  pid=181 exe=/bin/bash path=/tmp/sh-thd-1061096098 dev=03:02 ino=40072 scontext=system_u:system_r:update_modules_t tcontext=system_u:object_r:file_t tclass=dir

151

152

avc:  denied  { unlink } for  pid=181 exe=/bin/bash path=/tmp/sh-thd-1061096098 dev=03:02 ino=40072 scontext=system_u:system_r:update_modules_t tcontext=system_u:object_r:file_t tclass=file

153

154

avc:  denied  { getattr } for  pid=263 exe=/sbin/reiserfsck scontext=system_u:system_r:fsadm_t tcontext=system_u:object_r:proc_t tclass=filesystem

155

reiserfs: checking transaction log (device 16:01) ...

156

Using r5 hash to sort names

157

ReiserFS version 3.6.25

158

SELinux: initialized (dev 16:01, type reiserfs), uses PSIDs

159

reiserfs: checking transaction log (device 16:02) ...

160

Using r5 hash to sort names

161

ReiserFS version 3.6.25

162

SELinux: initialized (dev 16:02, type reiserfs), uses PSIDs

163

reiserfs: checking transaction log (device 16:03) ...

164

Using r5 hash to sort names

165

ReiserFS version 3.6.25

166

SELinux: initialized (dev 16:03, type reiserfs), uses PSIDs

167

reiserfs: checking transaction log (device 16:06) ...

168

Using r5 hash to sort names

169

ReiserFS version 3.6.25

170

SELinux: initialized (dev 16:06, type reiserfs), uses PSIDs

171

SELinux: initialized (dev 00:09, type tmpfs), uses transition SIDs

172

eth0: Setting 100mbps full-duplex based on auto-negotiated partner ability 45e1.

173

174

avc:  denied  { read } for  pid=815 exe=/bin/bash path=/root dev=03:02 ino=3872 scontext=root:staff_r:staff_t tcontext=system_u:object_r:sysadm_home_dir_t tclass=dir

175

176

avc:  denied  { write } for  pid=820 exe=/bin/bash path=/root/dmesg.txt dev=03:02 ino=39881 scontext=root:staff_r:staff_t tcontext=system_u:object_r:sysadm_home_t tclass=file

177

178

avc:  denied  { setattr } for  pid=820 exe=/bin/bash path=/root/dmesg.txt dev=03:02 ino=39881 scontext=root:staff_r:staff_t tcontext=system_u:object_r:sysadm_home_t tclass=file

179

</current dmesg output>

180

181

182

gruss

183

/Christian                   mailto:caefer@××××××××××.net

184

185

---

186

187

188

I propose that the following character sequence for joke markers:

189

190

:-)

191

192

                             19-Sep-82 11:44    Scott E  Fahlman

193

194

195

--

196

gentoo-hardened@g.o mailing list

1	hi Chris,
2
3	Saturday, August 16, 2003, 8:49:41 PM, you wrote:
4	> Did you remember to load the policy after changing the .te files? (cd
5	> /etc/security/selinux/src/policy ; make load) I still see file_t files.
6
7	no I didn't.
8	but I did now. still errors in dmesg output..
9
10	so this is what I did:
11	- removing network hacks from kernel
12	- added the following lines to fsadm.te
13	"dontaudit fsadm_t random_device_t:chr_file getattr;"
14	"dontaudit fsadm_t ppp_device_t:chr_file getattr;"
15	- make load
16	- make relabel
17
18	<current dmesg output>
19	Linux version 2.4.20-hardened-r4 (root@r00t) (gcc version 3.2.3 20030422 (Gentoo Linux 1.4 3.2.3-r1, propolice)) #3 SMP Sat Aug 16 18:14:40 CEST 2003
20	BIOS-provided physical RAM map:
21	BIOS-e820: 0000000000000000 - 00000000000a0000 (usable)
22	BIOS-e820: 00000000000f0000 - 0000000000100000 (reserved)
23	BIOS-e820: 0000000000100000 - 0000000008000000 (usable)
24	BIOS-e820: 00000000ffff0000 - 0000000100000000 (reserved)
25	128MB LOWMEM available.
26	On node 0 totalpages: 32768
27	zone(0): 4096 pages.
28	zone(1): 28672 pages.
29	zone(2): 0 pages.
30	Kernel command line: root=/dev/hda2 vga=791
31	No local APIC present or hardware disabled
32	Initializing CPU#0
33	Detected 233.868 MHz processor.
34	Console: colour VGA+ 80x25
35	Calibrating delay loop... 465.30 BogoMIPS
36	Memory: 126464k/131072k available (1596k kernel code, 4224k reserved, -2208k data, 264k init, 0k highmem)
37	Security Scaffold v1.0.0 initialized
38	SELinux: Initializing.
39	SELinux: Starting in permissive mode
40	Dentry cache hash table entries: 16384 (order: 5, 131072 bytes)
41	Inode cache hash table entries: 8192 (order: 4, 65536 bytes)
42	Mount-cache hash table entries: 2048 (order: 2, 16384 bytes)
43	Buffer-cache hash table entries: 8192 (order: 3, 32768 bytes)
44	Page-cache hash table entries: 32768 (order: 5, 131072 bytes)
45	Intel Pentium with F0 0F bug - workaround enabled.
46	CPU: After generic, caps: 008001bf 00000000 00000000 00000000
47	CPU: Common caps: 008001bf 00000000 00000000 00000000
48	Checking 'hlt' instruction... OK.
49	POSIX conformance testing by UNIFIX
50	CPU: After generic, caps: 008001bf 00000000 00000000 00000000
51	CPU: Common caps: 008001bf 00000000 00000000 00000000
52	CPU0: Intel Pentium MMX stepping 03
53	per-CPU timeslice cutoff: 160.32 usecs.
54	task migration cache decay timeout: 10 msecs.
55	SMP motherboard not detected.
56	Local APIC not detected. Using dummy APIC emulation.
57	migration_task 0 on cpu=0
58	PCI: PCI BIOS revision 2.10 entry at 0xfb550, last bus=0
59	PCI: Using configuration type 1
60	PCI: Probing PCI hardware
61	Limiting direct PCI/PCI transfers.
62	Linux NET4.0 for Linux 2.4
63	Based upon Swansea University Computer Society NET3.039
64	Initializing RT netlink socket
65	Starting kswapd
66	devfs: v1.12c (20020818) Richard Gooch (rgooch@××××××××××.au)
67	devfs: boot_options: 0x1
68	Installing knfsd (copyright (C) 1996 okir@×××××××××.de).
69	There is already a security framework initialized, register_security failed.
70	Failure registering capabilities with the kernel
71	selinux_register_security: Registering secondary module capability
72	Capability LSM initialized
73	pty: 256 Unix98 ptys configured
74	Serial driver version 5.05c (2001-07-08) with MANY_PORTS SHARE_IRQ SERIAL_PCI enabled
75	ttyS00 at 0x03f8 (irq = 4) is a 16550A
76	ttyS01 at 0x02f8 (irq = 3) is a 16550A
77	Uniform Multi-Platform E-IDE driver Revision: 6.31
78	ide: Assuming 33MHz system bus speed for PIO modes; override with idebus=xx
79	PIIX4: IDE controller on PCI bus 00 dev 39
80	PIIX4: chipset revision 1
81	PIIX4: not 100% native mode: will probe irqs later
82	ide0: BM-DMA at 0xf000-0xf007, BIOS settings: hda:pio, hdb:pio
83	ide1: BM-DMA at 0xf008-0xf00f, BIOS settings: hdc:pio, hdd:pio
84	hda: ST3630A, ATA DISK drive
85	hdb: ATAPI CDROM, ATAPI CD/DVD-ROM drive
86	hdc: ST34321A, ATA DISK drive
87	ide0 at 0x1f0-0x1f7,0x3f6 on irq 14
88	ide1 at 0x170-0x177,0x376 on irq 15
89	blk: queue c01876c4, I/O limit 4095Mb (mask 0xffffffff)
90	hda: 1232784 sectors (631 MB) w/120KiB Cache, CHS=611/32/63, DMA
91	blk: queue c0187a28, I/O limit 4095Mb (mask 0xffffffff)
92	hdc: 8404830 sectors (4303 MB) w/128KiB Cache, CHS=8894/15/63, UDMA(33)
93	hdb: ATAPI 40X CD-ROM drive, 128kB Cache, UDMA(33)
94	Uniform CD-ROM driver Revision: 3.12
95	Partition check:
96	/dev/ide/host0/bus0/target0/lun0: p1 p2
97	/dev/ide/host0/bus1/target0/lun0: p1 p2 p3 p4 < p5 p6 >
98	Floppy drive(s): fd0 is 1.44M
99	FDC 0 is a post-1991 82077
100	loop: loaded (max 8 devices)
101	PPP generic driver version 2.4.2
102	8139too Fast Ethernet driver 0.9.26
103	eth0: RealTek RTL8139 Fast Ethernet at 0xc8804000, 00:30:84:28:e3:12, IRQ 9
104	eth0: Identified 8139 chip type 'RTL-8139C'
105	eth1: RealTek RTL8139 Fast Ethernet at 0xc8806000, 00:e0:7d:82:48:3c, IRQ 12
106	eth1: Identified 8139 chip type 'RTL-8139B'
107	Linux agpgart interface v0.99 (c) Jeff Hartmann
108	agpgart: Maximum main memory to use for agp memory: 96M
109	agpgart: no supported devices found.
110	SCSI subsystem driver Revision: 1.00
111	scsi0 : AM53/79C974 PCscsi driver rev. 0.5; host I/O address: 0x6700; irq: 11
112
113	NET4: Linux TCP/IP 1.0 for NET4.0
114	IP Protocols: ICMP, UDP, TCP, IGMP
115	IP: routing cache hash table of 1024 buckets, 8Kbytes
116	TCP: Hash tables configured (established 8192 bind 8192)
117	NET4: Unix domain sockets 1.0/SMP for Linux NET4.0.
118	reiserfs: checking transaction log (device 03:02) ...
119	Using r5 hash to sort names
120	ReiserFS version 3.6.25
121	VFS: Mounted root (reiserfs filesystem) readonly.
122	SELinux: Completing initialization.
123	security: loading policy configuration from /etc/security/selinux/policy.12
124	security: 3 users, 6 roles, 338 types
125	security: 29 classes, 22777 rules
126	SELinux: initialized (dev 03:02, type reiserfs), uses PSIDs
127	SELinux: initialized (dev 00:08, type devpts), uses transition SIDs
128	SELinux: initialized (dev 00:07, type devfs), uses genfs_contexts
129	SELinux: initialized (dev 00:06, type binfmt_misc), not configured for labeling
130	SELinux: initialized (dev 00:05, type pipefs), uses task SIDs
131	SELinux: initialized (dev 00:04, type tmpfs), uses transition SIDs
132	SELinux: initialized (dev 00:03, type sockfs), uses task SIDs
133	SELinux: initialized (dev 00:02, type proc), uses genfs_contexts
134	SELinux: initialized (dev 00:01, type bdev), not configured for labeling
135	SELinux: initialized (dev 00:00, type rootfs), not configured for labeling
136	Mounted devfs on /dev
137	Freeing unused kernel memory: 264k freed
138	Adding Swap: 499864k swap-space (priority -1)
139
140	avc: denied { add_name } for pid=181 exe=/bin/bash path=/tmp/sh-thd-1061096098 scontext=system_u:system_r:update_modules_t tcontext=system_u:object_r:file_t tclass=dir
141
142	avc: denied { create } for pid=181 exe=/bin/bash path=/tmp/sh-thd-1061096098 scontext=system_u:system_r:update_modules_t tcontext=system_u:object_r:file_t tclass=file
143
144	avc: denied { getattr } for pid=181 exe=/bin/bash path=/tmp/sh-thd-1061096098 dev=03:02 ino=40072 scontext=system_u:system_r:update_modules_t tcontext=system_u:object_r:file_t tclass=file
145
146	avc: denied { write } for pid=181 exe=/bin/bash path=/tmp/sh-thd-1061096098 dev=03:02 ino=40072 scontext=system_u:system_r:update_modules_t tcontext=system_u:object_r:file_t tclass=file
147
148	avc: denied { read } for pid=181 exe=/bin/bash path=/tmp/sh-thd-1061096098 dev=03:02 ino=40072 scontext=system_u:system_r:update_modules_t tcontext=system_u:object_r:file_t tclass=file
149
150	avc: denied { remove_name } for pid=181 exe=/bin/bash path=/tmp/sh-thd-1061096098 dev=03:02 ino=40072 scontext=system_u:system_r:update_modules_t tcontext=system_u:object_r:file_t tclass=dir
151
152	avc: denied { unlink } for pid=181 exe=/bin/bash path=/tmp/sh-thd-1061096098 dev=03:02 ino=40072 scontext=system_u:system_r:update_modules_t tcontext=system_u:object_r:file_t tclass=file
153
154	avc: denied { getattr } for pid=263 exe=/sbin/reiserfsck scontext=system_u:system_r:fsadm_t tcontext=system_u:object_r:proc_t tclass=filesystem
155	reiserfs: checking transaction log (device 16:01) ...
156	Using r5 hash to sort names
157	ReiserFS version 3.6.25
158	SELinux: initialized (dev 16:01, type reiserfs), uses PSIDs
159	reiserfs: checking transaction log (device 16:02) ...
160	Using r5 hash to sort names
161	ReiserFS version 3.6.25
162	SELinux: initialized (dev 16:02, type reiserfs), uses PSIDs
163	reiserfs: checking transaction log (device 16:03) ...
164	Using r5 hash to sort names
165	ReiserFS version 3.6.25
166	SELinux: initialized (dev 16:03, type reiserfs), uses PSIDs
167	reiserfs: checking transaction log (device 16:06) ...
168	Using r5 hash to sort names
169	ReiserFS version 3.6.25
170	SELinux: initialized (dev 16:06, type reiserfs), uses PSIDs
171	SELinux: initialized (dev 00:09, type tmpfs), uses transition SIDs
172	eth0: Setting 100mbps full-duplex based on auto-negotiated partner ability 45e1.
173
174	avc: denied { read } for pid=815 exe=/bin/bash path=/root dev=03:02 ino=3872 scontext=root:staff_r:staff_t tcontext=system_u:object_r:sysadm_home_dir_t tclass=dir
175
176	avc: denied { write } for pid=820 exe=/bin/bash path=/root/dmesg.txt dev=03:02 ino=39881 scontext=root:staff_r:staff_t tcontext=system_u:object_r:sysadm_home_t tclass=file
177
178	avc: denied { setattr } for pid=820 exe=/bin/bash path=/root/dmesg.txt dev=03:02 ino=39881 scontext=root:staff_r:staff_t tcontext=system_u:object_r:sysadm_home_t tclass=file
179	</current dmesg output>
180
181
182	gruss
183	/Christian mailto:caefer@××××××××××.net
184
185	---
186
187
188	I propose that the following character sequence for joke markers:
189
190	:-)
191
192	19-Sep-82 11:44 Scott E Fahlman
193
194
195	--
196	gentoo-hardened@g.o mailing list

Gentoo Archives: gentoo-hardened