Hi all,
xargs is a gender-changer type program that adapts one program's stdout
to the next program's command line arguments. It's extremely handy for
shell scripting, but it can be tricky. I've written a short guide for
xargs that shows how to get around the usual xargs landmines:
http://www.tro
On 29/07/2015 19:44, Jaromil wrote:
IMHO the bigger barrier to this is not having
a string parsing code (or basic grammar)
that is security oriented, I mean hardened
to run as root and handle corner cases
The tool I linked does no parsing at all. The user gives the end
of the command line she
On Thu, Jul 30, 2015 at 12:40:33AM +0200, Didier Kryn wrote:
> I don't understand the preventions against sudo. It is just up to the
> administrator to take care, like for everything.
>
> Wether execution of the command is allowed by sudo, by a setuid bit or
> by policykit does not change
Le 29/07/2015 16:35, a...@gulbrandsen.priv.no a écrit :
Every last problem of sudo is taken seriously? Did you know that if
someone has limited access, e.g. the right to install standard
packages, then it is easy to leverage that to get complete access.
Various packages run programs in $PATH as
On Mon, Jul 27, 2015 at 5:16 PM, Lars Noodén wrote:
> IIRC the Icon programming language had an exchange operator to swap the
> contents of two variables.
>
> a :=: b
C:
a = a ^ b;
b = a ^ b;
a = a ^ b;
Much more fun. Them :=: look like weird emoticons.
--
"On the internet, nobody k
On July 29, 2015 7:17:23 PM GMT+02:00, Steve Litt
wrote:
>On Wed, 29 Jul 2015 17:07:32 +0200
>tilt! wrote:
>
>
>> I am certain there is a way of solving this "automounting
>> problem" (if I may call it that) cleanly, without the use
>> of either of them. :-)
>
>Yes, a daemon running as root c
> > I am certain there is a way of solving this "automounting
> > problem" (if I may call it that) cleanly, without the use
> > of either of them. :-)
>
> Yes, a daemon running as root could do it. And if the daemon does
> nothing but observe inotify and dmesg, perhaps check a fifo for devices
> t
On Wed, Jul 29, 2015 at 05:17:30PM +0100, Rainer Weikusat wrote:
> Isaac Dunham writes:
> > On Wed, Jul 29, 2015 at 01:21:04PM +0100, Rainer Weikusat wrote:
> >> Isaac Dunham writes:
> >> > Or you can do it with mount, sudo, sh, and nlmon
> >> > (http://git.r-36.net/nlmon).
> >>
> >> Using poll
On Wed, 29 Jul 2015 18:41:36 +0200
Laurent Bercot wrote:
> I know the advantages of the daemon approach, I use it myself and
> advocate it any chance I get. Unfortunately, I have found that many
> users are reluctant to add yet another daemon to their systems, no
> matter how few resources it t
On Wed, 29 Jul 2015 11:04:22 -0400 (EDT)
Rob Owens wrote:
> Spacefm has the ability to use several different methods to
> mount removable media. If you install either pmount or udevil,
> it can use them. By default, I believe it automatically
> chooses which method it wants to use, based on wha
On Wed, 29 Jul 2015 17:07:32 +0200
tilt! wrote:
> I am certain there is a way of solving this "automounting
> problem" (if I may call it that) cleanly, without the use
> of either of them. :-)
Yes, a daemon running as root could do it. And if the daemon does
nothing but observe inotify and dme
On 29/07/2015 18:03, tilt! wrote:
My estimate is that such daemon was not resource hungry:
Actually, I'm talking about a daemon consuming entirely negligible
resources, performing no polling at all, only reacting to an
external command performed either manually or via the hotplug helper.
I k
Isaac Dunham writes:
> On Wed, Jul 29, 2015 at 01:21:04PM +0100, Rainer Weikusat wrote:
>> Isaac Dunham writes:
>> > Or you can do it with mount, sudo, sh, and nlmon
>> > (http://git.r-36.net/nlmon).
>>
>> Using poll to wait for a message followed by recvmsg for reading it
>> offers (in absence
Hi,
Laurent Bercot wrote on 29/07/2015 at 17:34 CEST:
> On 29/07/2015 17:07, tilt! wrote:
>
>> I am certain there is a way of solving this "automounting
>> problem" (if I may call it that) cleanly, without the use
>> of either of them. :-)
>
> There is a way to solve (almost) every suid issue
>
Arnt Gulbrandsen writes:
> Steve Litt writes:
>> I repeat my question: Do you have first hand knowledge indicating that
>> polkit is any safer?
>
> No, I do not. But unlike sudo, I am not aware of any weaknesses in its
> core design either.
You wrote that sudo would keep the PATH environment vari
On 29/07/2015 16:02, kpb wrote:
That is a really interesting way of looing at things, thanks for the mental
prompt.
It's an elementary design principle: separate the engine from the interface.
I very much hope people who design GUIs keep it in mind.
How would you deal with providing notifi
On Wed, Jul 29, 2015 at 01:21:04PM +0100, Rainer Weikusat wrote:
> Isaac Dunham writes:
> > Or you can do it with mount, sudo, sh, and nlmon
> > (http://git.r-36.net/nlmon).
>
> Using poll to wait for a message followed by recvmsg for reading it
> offers (in absence of a timeout) no advantages o
On 29/07/2015 17:07, tilt! wrote:
I am certain there is a way of solving this "automounting
problem" (if I may call it that) cleanly, without the use
of either of them. :-)
There is a way to solve (almost) every suid issue cleanly, but
it requires running a small additional daemon for every c
Steve Litt writes:
I repeat my question: Do you have first hand knowledge indicating that
polkit is any safer?
No, I do not. But unlike sudo, I am not aware of any weaknesses in its core
design either.
Arnt
___
Dng mailing list
Dng@lists.dyne.org
h
Hi Steve,
Steve Litt wrote on 29/07/2015 at 15:35 CEST:
On Wed, 29 Jul 2015 10:21:37 +0200
Steve Litt wrote on 29/07/2015 at 06:25 CEST:
[...]
Meanwhile, as far as I can see, their entanglement with
polkit does nothing more than my idea about sudo.
Does anyone see any reason why polkit should
- Original Message -
> From: "kpb"
> Rob Owens wrote:
>>
>> Before I stopped using Jessie, I had USB mounting working
>> with the spacefm file manager and either udevil or pmount to
>> handle the removable devices. Let me know if anybody wants
>> instruction on that.
>>
>> -Rob
>
> He
On Wed, 29 Jul 2015 16:35:56 +0200
a...@gulbrandsen.priv.no wrote:
> Every last problem of sudo is taken seriously? Did you know that if
> someone has limited access, e.g. the right to install standard
> packages, then it is easy to leverage that to get complete access.
> Various packages run p
Every last problem of sudo is taken seriously? Did you know that if
someone has limited access, e.g. the right to install standard
packages, then it is easy to leverage that to get complete access.
Various packages run programs in $PATH as root, Firefox comes to mind,
so just prepare $PATH and
On Wed, 29 Jul 2015 09:46:18 -0400
Steve Litt wrote:
> Just speaking for myself, I'd feel better if, to the extent possible,
> every GUI action is mapped through commands capable of being run on the
> command line.
>
> SteveT
That is a really interesting way of looing at things, thanks for the
On Wed, 29 Jul 2015 08:18:33 +0100
kpb wrote:
> and being able to add *GUI initiated* mount/unmount (say by clicking
> on a volume name in the file manager) would be a real advance over
> pmount in a terminal window.
The preceding is a matter of opinion and dependent on one's philosophy.
I'd sa
On Wed, 29 Jul 2015 10:21:37 +0200
tilt! wrote:
> Hi,
>
> Steve Litt wrote on 29/07/2015 at 06:25 CEST:
> > [...]
> > Meanwhile, as far as I can see, their entanglement with
> > polkit does nothing more than my idea about sudo.
> > Does anyone see any reason why polkit should be assumed
> > m
Le 29/07/2015 14:15, Hendrik Boom a écrit :
On Wed, Jul 29, 2015 at 10:08:56AM +0200, Didier Kryn wrote:
Le 28/07/2015 21:17, Hendrik Boom a écrit :
Once, an icon for the device would appear on my screen that I
could click to mount.
This feature is working very well with xfce4 on Debian W
Isaac Dunham writes:
> Or you can do it with mount, sudo, sh, and nlmon (http://git.r-36.net/nlmon).
Using poll to wait for a message followed by recvmsg for reading it
offers (in absence of a timeout) no advantages over just doing a
blocking recv. Since this code neither uses control messages no
On Wed, Jul 29, 2015 at 10:08:56AM +0200, Didier Kryn wrote:
> Le 28/07/2015 21:17, Hendrik Boom a écrit :
> >Once, an icon for the device would appear on my screen that I
> >could click to mount.
> This feature is working very well with xfce4 on Debian Wheezy.
> If the partitions on the USB di
Hi,
Steve Litt wrote on 29/07/2015 at 06:25 CEST:
[...]
Meanwhile, as far as I can see, their entanglement with
> polkit does nothing more than my idea about sudo.
> Does anyone see any reason why polkit should be assumed
> more secure than sudo?
I don't know about polkit, but sudoers(5) is a
Le 28/07/2015 21:17, Hendrik Boom a écrit :
Once, an icon for the device would appear on my screen that I
could click to mount.
This feature is working very well with xfce4 on Debian Wheezy. If
the partitions on the USB disk are labelled, they get mountpoints by the
label, on /media. This i
On Tue, 28 Jul 2015 16:26:22 -0400 (EDT)
Rob Owens wrote:
>
> Before I stopped using Jessie, I had USB mounting working
> with the spacefm file manager and either udevil or pmount to
> handle the removable devices. Let me know if anybody wants
> instruction on that.
>
> -Rob
Hello Rob
I'd
32 matches
Mail list logo
