Yeah. Autism Speaks is not exactly a good source for information.

I have no idea. I have never seen him write a thing that was actually of interest or value, but so far as I can tell, anything he writes is automatically approved by Slashdot. He's guaranteed front-page placement. What is going on here? Who is he, and why does Slashdot owe him this?

Similarly, the Internet has done nothing for science or human knowledge, since so much of the work of pushing it and promoting it has been done for profit.

This isn't people dying so rich people can have fun. This is rich people funding the fundamental research that will make space travel practical in time.

So, on the one hand, it's sort of a spammy/advertisey thing to begin with.

On the other hand, I'm also not entirely convinced that the code coverage tool really solves the problem, because a given line of code can have different effects under different circumstances.

If you read in an address from a text stream, and then write to the memory location denoted, that's just one line of code executing that dereferences the pointer, but good luck determining what it does on all future invocations based on watching it execute once. Similarly, consider a straightforward loop like "for (i = 1; i len; ++i) a[i] = 0;" where every line will be hit if len is at least 1, but the effect of executing the code is, to put it mildly, somewhat variable.

While "only 5% of my disk" is now many times larger than it used to be, so are the things I'm moving around, so "95% full" is just as bad now as it used to be.

Basically, once we got past quotas measured in single or double-digit numbers of kilobytes, this stopped changing for me. 95% full on a 100MB disk and 95% full on a 500GB disk work the same for me.

People who didn't learn to code by the time they were 7 have never been able to program as adults. It sure is lucky a supply of people taught to code by ancient alien astronauts was supplied to us so we could bootstrap the procedure, because no one in the history of our species has learned new skills past age 7.

I got refunds from AT&T for these, and they let me set a thing on my account to prevent them.

Never had it happen with any provider but AT&T.

I am impressed, I thought I had seen some bad legal advice before, but this is spectacular.

I am sure the vexatious litigants of the world greatly appreciate your suggestion that their victims lose on technicalities because they didn't correctly understand the legal process.

Look at it this way:

Do you have full source to everything you run? No? Do you know whether any of them, ever, down any code path, call system() to run something? I bet some of them do. Now, could they ever do it in an environment where at least one variable has a value acquired from an external source?

If so, that's an exploit-in-waiting.

Keep in mind that "I don't call system, I use fork and exec" doesn't mean that the thing you exec doesn't perhaps call system(), or use the shell to execute some command. Or invokes something which is actually implemented as a shell script.

It's not just external exploits of servers; it's external exploits of clients which can ever run something with environment variables obtained from the environment.

For low-traffic stuff, development time is much more important. Furthermore, in some cases, the actual intended function of a thing is to run specific code. And prior to this bug, it was reasonably well-understood that system("/absolute/path --with --fixed --arguments") was pretty safe, since the absolute path prevented any PATH-related shenanigans, and you weren't including any user data. The environment's not executable. Usually.

This one only affects bash, though. Other shells aren't affected, because they don't automatically and unconditionally execute parts of their environment as code.

There is prior art in copyright cases for courts to conclude that if you didn't have a valid license to create the work you created (say, Bukkit, which was created without proper licensing for things without which it couldn't exist), that the answer is "haha no" and you don't get copyright protection at all, and cannot make or enforce license terms. That'd be my ruling; you can't use the fact that you stole someone's stuff to create obligations in them.

His code *always* violated this license in this way. That was his decision when he wrote and submitted the code. No one else is violating his license, he was violating theirs. So, yes, I expect him to roll over when people continue using his code exactly the one and only possible way it could ever have been used, which was unambiguously his intent in contributing it in the first place.

This is basically exactly why I am liking 5e. I liked 3e's rules at first, but they got overwhelming. 5e is a lot more like 1e, only with many fewer complicated and subtly varying tables.

I think you're confusing the "starter set" for the "basic rules". The basic rules are a free download:

http://dnd.wizards.com/article...