Announcement

Collapse
No announcement yet.

Linux Kernel Exploit Affecting Linux 3.3 To Linux 3.8

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • #46
    Originally posted by Luke_Wolf View Post
    Actually doing that is a rather interesting way to do a microkernel and there's this project http://www.mosa-project.org/ and Microsoft Midori doing a managed microkernel in C#. I'll definitely be interested to see if either of those actually goes anywhere.
    for every idea one has...there's someone out there who already realized it.

    *edit

    I never programmed any Kernel stuff, I'm a (or is it 'an'? 'an' would sound strange here but it'd be right...I guess) application developer and to me the difference between C# and C/C++ is that with C#, you got all tools you'll ever need to build your nice house (aka program). In C/C++ you got...two pebbles and a stick. Before you can actually build your nice house, you've to first build all your tools (for example: build a string class).

    So...if you are really good with C/C++ you'll beat a C# program any time any day when it comes to things like performance. But you need more time to develop stuff and your code will be harder to understand/read/change for other people, because you only got those tools YOU needed and you used them the way YOU needed to.

    Also you actually can build your own tools on a level that is completely alien to a C# developer. And you can do stuff that is not even possible in C#. (at least not without calling C libs)

    Sometimes when I boot up Linux, look at it and ask myself how it is even possible that such a large amount of C code, cludged together by many different people, just...works. That's mostly the time when my XServer decides to forget my graphic card or some other weird thing happens.
    Last edited by Detructor; 02-26-2013, 01:20 PM.

    Comment


    • #47
      Originally posted by Detructor View Post
      I'm a (or is it 'an'? 'an' would sound strange here but it'd be right...I guess) application developer and to me the difference between C# and C/C++ is that with C#, you got all tools you'll ever need to build your nice house (aka program). In C/C++ you got...two pebbles and a stick. Before you can actually build your nice house, you've to first build all your tools (for example: build a string class).
      Well actually we have a string class in C++ but I get your point... however... we do have a very very nice toolkit called Qt you might want to familiarize yourself with http://qt-project.org/ it will make your life in programming C++ so much easier.

      Comment


      • #48
        Or you could code in Vala, which is basically syntactically identical to C# but it compiles to C/GObject. Then you can develop GTK apps.

        Comment


        • #49
          Originally posted by dee. View Post
          Or you could code in Vala, which is basically syntactically identical to C# but it compiles to C/GObject. Then you can develop GTK apps.
          Does Vala have something like Qt Designer, which can create GUI as XML file, which is converted using uic to C++ code, which is compiled to machine code?

          Comment


          • #50
            Originally posted by JS987 View Post
            Does Vala have something like Qt Designer, which can create GUI as XML file, which is converted using uic to C++ code, which is compiled to machine code?
            You can create GTK GUIs with Glade, which are saved as XML files, which are then used by the C code that Vala produces - or if you want I guess you can embed the XML file in the C code although doesn't it make more sense to keep it as separate XML so you don't have to recompile every time you make an interface adjustment? - which is then compiled to machine code.

            Comment


            • #51
              Originally posted by Cthulhux View Post
              Well, how do they say? "Open source is more secure because more people can see what's going on". Hahaha. Great.
              more secure =/= 100% bullet proof

              =>

              your post makes absolutely no sense

              =>

              you are just a troll or need mental help

              Comment


              • #52
                Originally posted by johnc View Post
                Yup, and I've never said any different.



                It's definitely the right choice for a kernel (and many other things), but that doesn't change the fact that it's the worst language imaginable.
                in that case your imagination is quite short sighted and your experience too.

                Comment


                • #53
                  Originally posted by dee. View Post
                  You can create GTK GUIs with Glade, which are saved as XML files, which are then used by the C code that Vala produces - or if you want I guess you can embed the XML file in the C code although doesn't it make more sense to keep it as separate XML so you don't have to recompile every time you make an interface adjustment? - which is then compiled to machine code.
                  It is important GUI to be defined in generated code where every GUI widget is object, which can be directly and type-safely modified and used for connecting signals. Parsing XML file during runtime makes application less reliable because application isn't 100% native and type-safe.

                  Comment


                  • #54
                    Originally posted by varikonniemi View Post
                    [...]
                    Why has not Linux foundation put up some prize money for reported 0-day vulnerabilities? Would it be such a burden for such an organization to promise 10k$ for every submitted 0-day root exploit or something similar? 10k would be huge money for a security researcher but pocket change for Linux foundation. This would encourage the 0-day to be reported rather than sold for profit.
                    Looks like you're not that updated on the security researcher industry. 10k is pocket change to a security researcher with a loose moral code. I still think it's a good idea though, since it might get some of the holes less tricky to find.

                    Comment


                    • #55
                      Originally posted by runeks View Post
                      Looks like you're not that updated on the security researcher industry. 10k is pocket change to a security researcher with a loose moral code. I still think it's a good idea though, since it might get some of the holes less tricky to find.
                      but then that puts security bugs in a class separate from every other kind of bug. developers will be more interested in fixing a hard to exploit vulnerability than a easy to trip bug that quietly corrupts data. linux will become incredibly secure, but the other important bugs will be ignored.

                      Comment


                      • #56
                        Originally posted by tvall View Post
                        but then that puts security bugs in a class separate from every other kind of bug. developers will be more interested in fixing a hard to exploit vulnerability than a easy to trip bug that quietly corrupts data. linux will become incredibly secure, but the other important bugs will be ignored.
                        Not to mention the potential for abuse. Two people could collude to first introduce an exploit to the kernel, then "find" and "fix" it... yes it's a long shot but why provide the incentive.

                        Comment


                        • #57
                          Originally posted by johnc View Post
                          Yup, and I've never said any different.

                          It's definitely the right choice for a kernel (and many other things), but that doesn't change the fact that it's the worst language imaginable.
                          If you think C is the worst language imagineable, your imagination is pretty limited:
                          -assembler (any PDP, VAX, x86, mips, your choice!)
                          -COBOL
                          -Try learning FORTRAN77.
                          -INTERCAL-here's Hello, World:
                          Code:
                          DO ,1 <- #13
                          PLEASE DO ,1 SUB #1 <- #238
                          DO ,1 SUB #2 <- #108
                          DO ,1 SUB #3 <- #112
                          DO ,1 SUB #4 <- #0
                          DO ,1 SUB #5 <- #64
                          DO ,1 SUB #6 <- #194
                          DO ,1 SUB #7 <- #48
                          PLEASE DO ,1 SUB #8 <- #22
                          DO ,1 SUB #9 <- #248
                          DO ,1 SUB #10 <- #168
                          DO ,1 SUB #11 <- #24
                          DO ,1 SUB #12 <- #16
                          DO ,1 SUB #13 <- #162
                          PLEASE READ OUT ,1
                          PLEASE GIVE UP

                          Comment


                          • #58
                            Originally posted by Ibidem View Post
                            -INTERCAL-here's Hello, World:
                            Code:
                            DO ,1 <- #13
                            PLEASE DO ,1 SUB #1 <- #238
                            DO ,1 SUB #2 <- #108
                            DO ,1 SUB #3 <- #112
                            DO ,1 SUB #4 <- #0
                            DO ,1 SUB #5 <- #64
                            DO ,1 SUB #6 <- #194
                            DO ,1 SUB #7 <- #48
                            PLEASE DO ,1 SUB #8 <- #22
                            DO ,1 SUB #9 <- #248
                            DO ,1 SUB #10 <- #168
                            DO ,1 SUB #11 <- #24
                            DO ,1 SUB #12 <- #16
                            DO ,1 SUB #13 <- #162
                            PLEASE READ OUT ,1
                            PLEASE GIVE UP
                            I think there was an assumed "serious" in there somewhere. I don't think languages created with express intention of being terrible really count.

                            Comment


                            • #59
                              Originally posted by TheBlackCat View Post
                              I think there was an assumed "serious" in there somewhere. I don't think languages created with express intention of being terrible really count.
                              Somewhat serious but with A LOT of hyperbole.

                              Comment


                              • #60
                                Originally posted by TheBlackCat View Post
                                I think there was an assumed "serious" in there somewhere. I don't think languages created with express intention of being terrible really count.
                                I figured if he was using hyperbole, I was free to throw in a couple joke languages
                                But COBOL and FORTRAN77 make C look incredibly clean.

                                Comment

                                Working...
                                X