Announcement

Collapse
No announcement yet.

Threaded Input Finally Lands In The X.Org Server

Collapse
X
Collapse
 
  • Page of 4
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 4 template Next
  • #21
    All I could find in a quick search Firefox ones would have been stopped by NX. If you have something more serious, please do link.
    Every system can be broken, every one can write buffer overflow attack code (with 15 min on google), so if smth overflows your non-sandboxed browser it can execute any code it likes
    Do prove me wrong, and post an exploit you created after 15 minutes of googling that executes code of your choice in my browser, surpassing NX and other existing protections. I will not tell you which browser. platform or distro I'm running, as a general virus writer will not know that either.

    Comment

    • #22
      *for Firefox ones

      Comment

      • #23
        Originally posted by konserw View Post
        jacob Like it has been said - it's feature implemented in library, so gcc has full C11 support, glibc doesn't. here is nice libc implementations comparison: http://www.etalabs.net/compare_libcs.html

        cl333r I believe it's sufficient reason as most linux distributions rely on glibc,, not musl.
        The comparison seems slightly biased, especially in the performance rows

        For example:
        tiny allocation, zero fill, byte search, .. where musl is two or more times slower than the fastest library it's still green, but on the other libraries as soon as they are 2 or more times slower they get yellow and red.

        Another example:
        Algorithms, why is musl-native green and diet-native red? It isn't explained in the text below the table.

        I'm not saying, that musl is bad and the table is wrong, but this needs more explanation

        Comment

        • #24
          Originally posted by curaga View Post
          All I could find in a quick search Firefox ones would have been stopped by NX. If you have something more serious, please do link. Do prove me wrong, and post an exploit you created after 15 minutes of googling that executes code of your choice in my browser, surpassing NX and other existing protections. I will not tell you which browser. platform or distro I'm running, as a general virus writer will not know that either.
          http://www.cvedetails.com/product/32...?vendor_id=452

          I hope that will make you think more seriously about security and sandboxing, if not... tough luck.

          Comment

          • #25
            Originally posted by starshipeleven View Post
            Yo, that's script-kiddie level and most pros move the ssh port to <random high number> just to keep that shit at a minimum. Servers get pwned due to vulnerabilities of the web frameworks.
            Interesting... whenever I talked about it with people higher up in the hierarchy (not management but team leaders, like head of IT ), they said anyone who puts ssh on a random port is an idiot...
            • Likes 1

            Comment

            • #26
              Originally posted by Serafean View Post
              Interesting... whenever I talked about it with people higher up in the hierarchy (not management but team leaders, like head of IT ), they said anyone who puts ssh on a random port is an idiot...
              Did they also explain why? Be inquisitive.

              Comment

              • #27
                Originally posted by dragonn View Post
                Isn't C11 threads and wrap over pthreads? As I remeber I need to include pthreads libs when using C11 threads.
                C11 threads is not a wrap simply because it's not an implementation. Instead it is an (optional) part of the standard.
                An implementation may or may not implement it as a wrap over pthreads.

                Comment

                • #28
                  nocri You claimed you could write an exploit in 15 minutes. Put up or shut up.

                  Comment

                  • #29
                    Originally posted by TheOne View Post
                    And it seems Xorg will stay for a long time , funny all that people saying wayland or mir would finally kill X but it seems X is getting better and better
                    yes, I laugh too
                    on the other hand, innovative products brings new ideas to actual stuff, like fuse from the Hurd translators idea or UTF-8 from the Plan 9
                    • Likes 1

                    Comment

                    • #30
                      Originally posted by starshipeleven View Post
                      Did they also explain why? Be inquisitive.
                      probably because security through obscurity is a bluff, like pretending a closed source program can be secure at all

                      Comment

                      Previous 1 2 3 4 template Next
                      Working...
                      X