Announcement

Collapse
No announcement yet.

Linux Kernel Exploit Affecting Linux 3.3 To Linux 3.8

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Ibidem
    replied
    Originally posted by johnc View Post
    Yup, and I've never said any different.

    It's definitely the right choice for a kernel (and many other things), but that doesn't change the fact that it's the worst language imaginable.
    If you think C is the worst language imagineable, your imagination is pretty limited:
    -assembler (any PDP, VAX, x86, mips, your choice!)
    -COBOL
    -Try learning FORTRAN77.
    -INTERCAL-here's Hello, World:
    Code:
    DO ,1 <- #13
    PLEASE DO ,1 SUB #1 <- #238
    DO ,1 SUB #2 <- #108
    DO ,1 SUB #3 <- #112
    DO ,1 SUB #4 <- #0
    DO ,1 SUB #5 <- #64
    DO ,1 SUB #6 <- #194
    DO ,1 SUB #7 <- #48
    PLEASE DO ,1 SUB #8 <- #22
    DO ,1 SUB #9 <- #248
    DO ,1 SUB #10 <- #168
    DO ,1 SUB #11 <- #24
    DO ,1 SUB #12 <- #16
    DO ,1 SUB #13 <- #162
    PLEASE READ OUT ,1
    PLEASE GIVE UP

    Leave a comment:


  • dee.
    replied
    Originally posted by tvall View Post
    but then that puts security bugs in a class separate from every other kind of bug. developers will be more interested in fixing a hard to exploit vulnerability than a easy to trip bug that quietly corrupts data. linux will become incredibly secure, but the other important bugs will be ignored.
    Not to mention the potential for abuse. Two people could collude to first introduce an exploit to the kernel, then "find" and "fix" it... yes it's a long shot but why provide the incentive.

    Leave a comment:


  • tvall
    replied
    Originally posted by runeks View Post
    Looks like you're not that updated on the security researcher industry. 10k is pocket change to a security researcher with a loose moral code. I still think it's a good idea though, since it might get some of the holes less tricky to find.
    but then that puts security bugs in a class separate from every other kind of bug. developers will be more interested in fixing a hard to exploit vulnerability than a easy to trip bug that quietly corrupts data. linux will become incredibly secure, but the other important bugs will be ignored.

    Leave a comment:


  • runeks
    replied
    Originally posted by varikonniemi View Post
    [...]
    Why has not Linux foundation put up some prize money for reported 0-day vulnerabilities? Would it be such a burden for such an organization to promise 10k$ for every submitted 0-day root exploit or something similar? 10k would be huge money for a security researcher but pocket change for Linux foundation. This would encourage the 0-day to be reported rather than sold for profit.
    Looks like you're not that updated on the security researcher industry. 10k is pocket change to a security researcher with a loose moral code. I still think it's a good idea though, since it might get some of the holes less tricky to find.

    Leave a comment:


  • JS987
    replied
    Originally posted by dee. View Post
    You can create GTK GUIs with Glade, which are saved as XML files, which are then used by the C code that Vala produces - or if you want I guess you can embed the XML file in the C code although doesn't it make more sense to keep it as separate XML so you don't have to recompile every time you make an interface adjustment? - which is then compiled to machine code.
    It is important GUI to be defined in generated code where every GUI widget is object, which can be directly and type-safely modified and used for connecting signals. Parsing XML file during runtime makes application less reliable because application isn't 100% native and type-safe.

    Leave a comment:


  • a user
    replied
    Originally posted by johnc View Post
    Yup, and I've never said any different.



    It's definitely the right choice for a kernel (and many other things), but that doesn't change the fact that it's the worst language imaginable.
    in that case your imagination is quite short sighted and your experience too.

    Leave a comment:


  • a user
    replied
    Originally posted by Cthulhux View Post
    Well, how do they say? "Open source is more secure because more people can see what's going on". Hahaha. Great.
    more secure =/= 100% bullet proof

    =>

    your post makes absolutely no sense

    =>

    you are just a troll or need mental help

    Leave a comment:


  • dee.
    replied
    Originally posted by JS987 View Post
    Does Vala have something like Qt Designer, which can create GUI as XML file, which is converted using uic to C++ code, which is compiled to machine code?
    You can create GTK GUIs with Glade, which are saved as XML files, which are then used by the C code that Vala produces - or if you want I guess you can embed the XML file in the C code although doesn't it make more sense to keep it as separate XML so you don't have to recompile every time you make an interface adjustment? - which is then compiled to machine code.

    Leave a comment:


  • JS987
    replied
    Originally posted by dee. View Post
    Or you could code in Vala, which is basically syntactically identical to C# but it compiles to C/GObject. Then you can develop GTK apps.
    Does Vala have something like Qt Designer, which can create GUI as XML file, which is converted using uic to C++ code, which is compiled to machine code?

    Leave a comment:


  • dee.
    replied
    Or you could code in Vala, which is basically syntactically identical to C# but it compiles to C/GObject. Then you can develop GTK apps.

    Leave a comment:

Working...
X