Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×

Comment Re:Doesn't sound like a flaw to me (Score 1) 184

Having your terminal session stored on disk mean that everything you see is suddenly on your filesystem, and staying on it if your /tmp is backed by the harddrive.

No. If you open(O_CREAT) a file than immediately unlink it, and use the opened handle to store temporary data, that data has no more chance to hit the disk than regular memory being swapped out.

Try to learn a bit about buffer cache and such stuff.

This "bug" is about someone ignorant about security and how an OS works having his naive assumptions contradicted by reality.

So, the fact that it does work with the current implementation of some terminal emulator doesn't count as reality?
I didn't say that there is no good way to do this correctly...

Comment Re:Doesn't sound like a flaw to me (Score 1) 184

This really sounds like how it was designed to work.

Thats what /tmp is for, after all, is it not? Sounds like the problem would be solved by partitioning different users data into seperate, appropriately secured /tmp files.

Is bash history a "flaw" too? I'm sure plenty of people don't know that it's a text file anybody with access to it can read.

Bash history is a different kind of threat; it's only about what command you used. Sure, you could get a few hostnames from it, but no more.
Having your terminal session stored on disk mean that everything you see is suddenly on your filesystem, and staying on it if your /tmp is backed by the harddrive.

Comment Re:Oh good (Score 4, Informative) 209

by Cley Faye (#38112876) Attached to: France To Tax the Internet To Pay For Music
That would be a logical step, right ? wrong.

A small summary about how the french government think it can help funding music (and art in general):
- put tax on blank media, check (but the money don't go to artist)
- put tax on internet subscription to fund movie industry, check (search for COSIP tax, but still not a penny for artists)
- put another tax, again on internet subscription, to fund the music industry, in progress (guess who won't get anything from this? artists)

For those that don't know, the fact that we're paying taxes on blank media doesn't mean we can use them to copy our own stuff, and taxes on internet subscriptions doesn't mean anything for both subscribers, and people behind music/movies. Only some cash stream for a few very poor corporations...

Comment Re:Big whoop (Score 1) 495

by Cley Faye (#37719374) Attached to: Samsung Lawyer Fails To Differentiate iPad and Galaxy Tab In Court
If taking the most ugly thing that appeared before the iPad and four models that does have the same look after is indicative, then yes, we can see a radical shift in design caused by the iPad.
I won't search for tablets from the "before" era, but today there is a lot of different models, and not all of them imitate the apple look. I can look at Archos, Acer and Dell tablets and tell them appart.

Comment Re:Fix the crashes (Score 2) 113

by Cley Faye (#37231344) Attached to: Notch Shows <em>Minecraft</em> Adventure Update
Not that I like Java, but having those hs_err_pid files doesn't mean that java is the culprit. Error in native code execution is. Seeing the amount of native library used by minecraft (jinput, lwjgl, openal...), they might be at fault. Or badly used. But it would be more or less the same if he's gone with another language I guess.

Comment Re:Split-screen and level editors on one platform (Score 1) 47

by Cley Faye (#36107248) Attached to: <em>Portal 2</em> Authoring Tools Beta Released
Granted, Valve could have added this as a menu option, but there IS split screen for Portal 2 on PC, you just have to fiddle a bit in the config files

http://segmentnext.com/2011/04/20/how-to-play-portal-2-split-screen-coop-on-pc/

(not tested, but since it's based on the L4D split screen trick that worked...)

Comment Re:French style (Score 1) 433

by Cley Faye (#35742592) Attached to: France Outlaws Hashed Passwords
Please replace "The French don't like..." by "The French government don't like...". In addition, you can add "The French don't like their government", as they are only working for large corporations now, without even trying to hide this fact.

Comment Re:For what reason? (Score 1) 390

by Cley Faye (#35381078) Attached to: Posting AC - a Thing of the Past?
You want something fun about this ? Try reading about the LCEN in France (sorry, I only have link in french, try wikipedia http://fr.wikipedia.org/wiki/Loi_pour_la_confiance_dans_l'%C3%A9conomie_num%C3%A9rique)

The main point : every service provider must log information about what anyone did, when, and how; including login, password, and anything available to identify someone. And it's not even on a case by case basis, but an obligation for all service provider...

Comment Re:IRC (Score 1) 491

by Cley Faye (#35080612) Attached to: New PS3 Firmware Contains Backdoor
No, my hatred is not exclusive to the PS3. Since I play mostly on PC and don't have an Xbox360, the same goes for some titles here (not the two you mentionned, they are really overrated).
However Xbox exclusives tend to show up on PC after a while lately, but with PS3 exclusive we can barely hope for a port on the PSP (I'm still talking about Disgaea) or nothing at all.

Comment Re:IRC (Score 1) 491

by Cley Faye (#35067242) Attached to: New PS3 Firmware Contains Backdoor

Any PS3 games that will not play on the 360? Or maybe just quit consoles and try computer gaming again. Haven't touched a computer game since the 32-bit Amiga era.

I'd say, Disgaea 3. That's one game that make me want a PS3... Sadly, as good as it is, it's still not good enough to counter Sony "bend-over" policy.
I really hate it when titles that can perfectly work on every recent system get locked down to one without reason (at least, good reason).

Slashdot Top Deals

As long as we're going to reinvent the wheel again, we might as well try making it round this time. - Mike Dennison

Close