[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-commits
Subject: kdeutils/klaptopdaemon [POSSIBLY UNSAFE]
From: Paul Campbell <paul () taniwha ! com>
Date: 2003-01-23 21:44:39
[Download RAW message or body]
CVS commit by campbell:
added code documentation
M +21 -3 acpi_helper.cpp 1.6 [POSSIBLY UNSAFE: printf]
--- kdeutils/klaptopdaemon/acpi_helper.cpp #1.5:1.6
@@ -4,7 +4,4 @@
* Copyright (c) 2002 Paul Campbell <paul@taniwha.com>
*
- * Requires the Qt widget libraries, available at no cost at
- * http://www.troll.no/
- *
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -21,4 +18,25 @@
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
+
+//
+// README!!
+//
+// This file contains code that is intended to be run setuid root
+// (only if the end user enables it themselves, it's not set that
+// way as part of a standard KDE build).
+//
+// Because of this this code should be simple and easily visually
+// inspected for security holes and/or bugs - if you feel the need
+// to change this file please get someone else to review your work
+// (I'll happily do it for you - mail me at paul@taniwha.com, please
+// review mine!)
+//
+// I recommend the following practices here - both for safety and
+// transparency:
+//
+// - check all array references (snprintf/strncpy etc)
+//
+// - avoid malloc/new calls and pointers too if possible
+//
#include <stdio.h>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic