Hi Aurelien,
[…]
>All the above are purely hypothetical cases and I do not have a good
Thanks for the insight, you have me understanding your point.
These were about eatmydata in particular, do you have any
insight on the other?
Yves-Alexis Perez dixit:
>My own opinion on this is that no setuid bits should be added to a library
>without a thorough audit of the source code to make sure it can't be abused
>against an suid binary in order to escalate privilege.
OK. We have that, plus the known bugs in eatmydata. So this is an
issue for README.Debian… or, no, the upstream README probably, plus
fixing bugs. Then the user can set that bit themselves, if they want.
As for my xunihex (final name yet undecided), if I wanted to have
such an audit, how’d I best do that? It’s best if not the original
author does it, due to organisational blindness. Would I perhaps
find someone here willing to do it for a small donation or $beverage?
(It’s going to be a really small thing.)
Thanks,
//mirabilos
--
> emacs als auch vi zum Kotzen finde (joe rules) und pine für den einzig
> bedienbaren textmode-mailclient halte (und ich hab sie alle ausprobiert). ;)
Hallooooo, ich bin der Holger ("Hallo Holger!"), und ich bin ebenfalls
... pine-User, und das auch noch gewohnheitsmäßig ("Oooooooohhh"). [aus dasr]
