This seems to be caused by a segfault, so I imagine this is not intended!
Tracking down the cause...
James
On Tue, 29 Sep 2015, James Clarke wrote:
Whilst looking through the code in utils/login.c, I noticed a security issue.
Even if --paranoid is set, if you give it a UID that doesn’t exist
The getpwnam_r and similar functions only return non-zero on error, but not
finding the given name/UID/GID does not count as an error. When they return 0,
the value of the result (*result when looking at the arguments in the man pages)
still needs to be checked for null.
* libshouldbeinlibc/idvec-
This stops /bin/login segfaulting when giving it a bad UID. However, the fact
that the UID does not exist is still leaked, since
libshouldbeinlibc/idvec-verify.c:verify_id falls back on asking for the root
password, and indicates this by changing the prompt to "Password for root".
James Clarke (1)
Hi Bruno!
El 29/09/15 a les 11:31, Bruno Félix Rezende Ribeiro ha escrit:
My main goal working on Hurd is to get more people to use the GNU
system, so we can achieve critical mass to make the system develop at
an acceptably pace. In order to solve this problem it's necessary to
fix the most pro
Hello, GNU Hurd hackers!
Based on Robert Millan's mplayer rump patch, I was able to make a
patch to successfully build libusb-1.0 on Hurd linking it to librump.
The patch is attached. To try it, save the patch file in the current
working directory and from there follow these steps:
$ su -c 'ap
Hello, Robert!
Em Tue, 29 Sep 2015 22:56:59 +0200
Robert Millan escreveu:
> When you say USB is one of the things people need most, are you
> thinking on any particular usage of USB? I.e. any device class in
> particular? A combination of them?
Not really --- I mean USB in general. However, if
