Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

+ - Apple libc insecure handling of word expansion->

bobo the hobo writes: It appears that Apple's libc's shell word expansion routine shells out to Perl in a highly questionable fashion.

/* XXX this is _not_ designed to be fast */
/* wordexp is also rife with security "challenges", unless you pass it
WRDE_NOCMD it *must* support subshell expansion, and even if you
don't beause it has to support so much of the standard shell (all
the odd little variable expansion options for example) it is hard
to do without a subshell). It is probbably just plan a Bad Idea
to call in anything setuid, or executing remotely. */


Link to Original Source

Comment: Re:3 cars plus one techie w/a persecution complex (Score 1) 371 371

No. They're cars with petrol engines that get about 6 l/100km. Merces-Benz owns Smart and sells Smart Cars in the US market to offset all the E- and M- class cars which get around 9 l/100km in the CAFE. Personally, I'd feel safer driving in a Trabant 601 than one of these pieces of shit.

Comment: Re:Breed out the need for sports (Score 1) 253 253

It's time to get over the nerd-jock dichotomy from high school and from all the sitcoms you watched. There are a lot of adults who play and train for sports who aren't at a professional level. They have long term goals for self-improvement and work everyday toward them. What happens in professional sports sets benchmarks for what they want to achieve.

Also, people need to be entertained. Even the hardline communists realised this. They invested in sport, entertainment movies, and music for exactly that reason in a system where they could have chosen to use all of those resources to establish a moon colony.

+ - Kevin Mitnick Testifies Before House Committee 2 2

AliasBackslash writes: Kevin Mitnick along with several other security analysts testified before the House Committee regarding the security of the Healthcare.gov website. From the article:

Kevin Mitnick, the former criminal hacker and founder and CEO of Mitnick Security Consulting, wrote: "Healthcare.gov retrieves information from numerous third-party databases belonging to the IRS, Social Security Administration, Department of Homeland Security, and other State agencies. It would be a hacker's wet dream to break into Healthcare.gov and potentially gain access to the information stored in these databases. A breach may result in massive identity theft never seen before — these databases house information on every U.S. citizen!"

Soon after this story hit the news, Mitnick posted this on Twitter

God helps them that themselves. -- Benjamin Franklin, "Poor Richard's Almanac"

Working...