[prev in list] [next in list] [prev in thread] [next in thread] 

List:       busybox
Subject:    Re: [RFC] malloced getpw/grxxx functions for bb
From:       tito <farmatito () tiscali ! it>
Date:       2014-10-31 20:38:35
Message-ID: 201410312138.35672.farmatito () tiscali ! it
[Download RAW message or body]

On Friday 31 October 2014 21:16:36 you wrote:
> On Fri, Oct 31, 2014 at 8:13 PM, tito <farmatito@tiscali.it> wrote:
> > On Friday 31 October 2014 19:40:56 you wrote:
> >> Sad to see your monologue. :-(
> >>
> >> For my money, it is not that bad, so it would be nice to get a
> >> feedback from the ultimate maintainer. As far as I can see it is a
> >> very serious hazard in busybox that you are trying to address
> >> following my initial email.
> >
> > Hi,
> > it was a lot of fun and a lot of stuff to learn.
> > I think it could be still improved if somebody
> > of the professional developers (not self-taught like me)
> > could take a look at it.
> > I doubt that this code will ever make it into bb
> > as it would be a hazard to replace well proven
> > code with this rewrite, nonetheless I did my best.
> 
> The "well proven" code is quite broken for said reasons. Currently, it
> is possible to very easily blow a system up with it. If fixing such a
> serious hazard cannot make it in due to some "policies", that sounds
> like an indication for thinking about a fork in my opinion. It is
> unreasonable to leave such serious vulnerabilities in a system.
> 
> Cheers, L.
> 
Hi,

I hope that it will be possible to address all this problems
without forking as busybox is the place where I learned
coding and sending patches (thanks to the patience of 
Erik Andersen) and where I have made my first steps in the
OSS world, so I'm a little sentimental about it (and this
make me bikeshed sometimes as you surely know...).
Let Denys the time to answer about your concerns
as he usually is fast in keeping up with the mailing list.


Just my 2 cents.

Ciao,
Tito
_______________________________________________
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox
[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic