Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Comment Re:Please explain more (Score 1) 129 129

newgrp is a setuid binary. During the startup of that process, if the vulnerable environment variable is set, dyld will open the requested file. Since stdin=0 / stdout=1 / stderr=2 should be the only open files, the next available file descriptor would be 3. So open() should give dyld that file descriptor.

newgrp will then drop it's privileges and run your shell, perhaps by calling exec() without forking another process. Since the file wasn't specified to close on exec, the shell will inherit the open file descriptor.

If we pass "echo "[something]" >&3" to stdin of newgrp, the echo will be executed in the new shell. Even though that shell is running as the logged in user, fd=3 was opened by root. So the result can be appended to any file you want.

Comment Re: It's like Venezuela but without all the gun cr (Score 2) 431 431

That's a good description, but everyone is still missing the actual cause. Firstly, the European Union is founded on an ideology that doesn't allow for an economic crisis. Second, when the crisis hit in 2008, the Greek *private* sector *reduced* their bank borrowing. Their money supply shrank, velocity shrank too, jobs were lost, tax receipts went down. Their government debt ratio went up, not because they were borrowing more, but because GDP fell. But the Euro doesn't allow Greece to run a large deficit, nor to increase their debt level, so they can't stimulate their economy to prevent further job losses.

The Greek government weren't in good shape before, but the combination of a crisis and the rules imposed by the Union have wiped them out.

Comment Re:French citizens should be looking at Greece (Score 1) 334 334

Have you looked at a graph of Greece's unemployment? It's jumped from <10% to >25% since the crisis began.

They need to increase the flow of money around the economy to stimulate job growth. During a downturn the velocity of money shrinks, so no free win there. It's unlikely they're going to increase exports, so a trade surplus is unlikely. They won't be borrowing more money from the banking sector any time soon. Which only leaves a government deficit to stimulate the economy, which is prevented by the Maastricht treaty.

Without leaving the Euro, Greece is screwed.

Comment Re:Depends (Score 1) 517 517

Make sure you aren't running out of RAM for some reason. For example, I've seen the "Server" windows service leaking memory like a sieve in Windows 8. I've seen the BIOS limit available memory to 4GB, even though there was 16GB installed. Combined, these issues caused the machine I was using to practically grind to a halt.

Comment Sparkleshare on a git repository (Score 1) 212 212

Everyone works with their files locally, changes are synced via a common server. Everyone has a compressed backup of the complete history of the entire filesystem for disaster recovery. Everyone should be able to browse and recover any version of any file without adding load to the server, though usability might be slightly lacking. You could also setup a FUSE filesystem on a linux box to browse the history.

You may need to partition the file storage into multiple repositories, so that people don't need to synchronise folders that they don't use.

Comment Re:Infinity (Score 1) 1067 1067

And in C not just the result, but the behaviour is undefined. If you divide by zero the compiler, runtime libraries and the CPU can do whatever they like. They could ignore you, crash, format your hard drive or kill your pet.

For speed reasons, this is a good thing. If it looks like you might run into undefined behaviour, the compiler can assume that the inputs to the program won't trigger that behaviour. This allows all kinds of optimisations to be performed, from dead code elimination, to hoisting invariant code out of loops.

At least other high level languages define precisely what a divide by zero should do. That way you run into platform or compiler specific heisenbugs far less frequently.

If you think the system is working, ask someone who's waiting for a prompt.