Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

ANN: dh, the daemon helper 2009-09-12 11:11

1 view
Skip to first unread message

John Kelly

unread,
Sep 12, 2009, 4:23:25 PM9/12/09
to

dh, the daemon helper 2009-09-12 11:11

Yet another fix, to prevent attacks using world writable files.

It think this version covers all the security issues. But who knows,
UNIX and C are a security minefield.

I invite code review, but I don't have time for ng trolls; if you have
concerns, email me. My real email address is in this post, and on the
ftp site.

ftp://ftp.isp2dial.com/users/jak/src/dh/


--
Webmail for Dialup Users
http://www.isp2dial.com/freeaccounts.html

Seebs

unread,
Sep 12, 2009, 4:51:04 PM9/12/09
to
On 2009-09-12, John Kelly <j...@isp2dial.com> wrote:
> dh, the consistently buggy daemon helper 2009-09-12 11:11

> Yet another fix, to prevent attacks using world writable files.

In short, this continues to be totally off-topic to at least some of these
groups, and continues to reveal that you're just plain not the right guy
to write one of these even if there were a need, which there doesn't seem to
be.

> It think this version covers all the security issues. But who knows,
> UNIX and C are a security minefield.

Might I recommend learning the language and becoming familiar with the
environment before trying to write a program for UNIX and C which,
by design, needs to be written by someone experienced and capable of
writing secure code?

> I invite code review,

I doubt it. When people have pointed out to you, with clear evidence, that
your posts were off-topic, you've responded with derision and dismissal. It
seems unlikely that you are genuinely interested in code review.

> but I don't have time for ng trolls;

Which is odd, because you are one.

> if you have concerns, email me.

So you can lie about what was said? No, I don't think so.

I looked at the code. It's not fixable, because your fundamental design
is just plain incoherent. You don't understand the problem space, meaning
you can't design a solution that makes sense. Add on a bunch of cargo-cult
behavior and a clear demonstration or three that you don't understand the
mechanisms you're using, and all that's left is the spam.

-s
--
Copyright 2009, all wrongs reversed. Peter Seebach / usenet...@seebs.net
http://www.seebs.net/log/ <-- lawsuits, religion, and funny pictures
http://en.wikipedia.org/wiki/Fair_Game_(Scientology) <-- get educated!

0 new messages