Announcement

Collapse
No announcement yet.

KDE Plasma Had A Silly But Serious Security Bug

Collapse
X
Collapse
 
  • Page of 4
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 4 template Next
  • #21
    Originally posted by Delgarde View Post

    To be fair, this kind of bug is appalling incompetence from any developer, regardless of what desktop you favour. Seriously, running shell commands without proper escaping would have been a careless error twenty years ago... anyone doing development this decade needs to be absolutely paranoid about this kind of thing...
    To be fair, there's new developers without experience with these issues entering the scene daily and not enough mentors with not enough free time to teach them all the security differences between system() vs fork() + exec() + wait(). The latter is far more complicated so I don't blame the noobs for avoiding it.

    So no, not apalling incompetence. Not unless you yourself have paid for their university education and they are still making these mistakes... then feel free to speak with such contempt about their competence.
    • Likes 3

    Comment

    • #22
      Originally posted by Azrael5 View Post

      many thanks for the answer, how to get it?
      Install Tumbleweed? Or wait until your distro backports the fix on their kde. If you are using Ubuntu this might never happen.
      Last edited by starshipeleven; 10 February 2018, 11:03 AM.
      • Likes 1

      Comment

      • #23
        Originally posted by ferry View Post

        And there we go ...
        Don't take my posst the wrong way though: I'm currently enjoying Plasma 5.12 on Solus (and I was enjoying 5.11 on Solus as well the last few weeks).

        Comment

        • #24
          Originally posted by angrypie
          Do you mean there's serious discussion to be had here?

          • Likes 1

          Comment

          • #25
            Originally posted by angrypie
            starshipeleven Thank you for demonstrating that this forum is just a spin-off of /g/.
            Do you feel at home yet?

            Comment

            • #26
              Originally posted by timofonic View Post

              Can you?
              I'm not the one carrying pitchforks and yelling "GOTO IS BAD". Here's another one for you: put your code where your mouth is. Being a live, talking and walking backup of cat-v.org must be fun at parties.

              Originally posted by halo9en View Post

              Come on, leave the poor troll alone. 9 posts and the best he could say is everybody "needs a GTX1080 just for Mutter".
              At first I assumed you perused my post history to assess the quality of my trolling, but here's what I think it is: you got so offended by my words that you marked every single one of them, waiting for the right moment to use them against me, like the passive-aggressive bitch you are. People walk all over you and all you ever do is resent them, like the humongous wuss you are.

              GNOME is a brick. But you wish it were a dildo.

              (Thank you, Michael, my post really needed copy-editing. Take this as a lesson and ban me next time, instead of deleting my posts.)
              • Likes 1

              Comment

              • #27
                Originally posted by angrypie View Post
                I'm not the one carrying pitchforks and yelling "GOTO IS BAD". Here's another one for you: put your code where your mouth is. Being a live, talking and walking backup of cat-v.org must be fun at parties.
                You know more of them than me, really. And what's your reasoning for this comment? You are the one that trolled and said crap, but I don't see your amazing code here. I just talk about GNOME from a very extensive user POV, that's all.

                Originally posted by angrypie View Post
                At first I assumed you perused my post history to assess the quality of my trolling, but here's what I think it is: you got so offended by my words that you marked every single one of them, waiting for the right moment to use them against me, like the passive-aggressive bitch you are. People walk all over you and all you ever do is resent them, like the humongous wuss you are.

                GNOME is a brick. But you wish it were a dildo.

                (Thank you, Michael, my post really needed copy-editing. Take this as a lesson and ban me next time, instead of deleting my posts.)
                I agree with the last phrase. Michael should have banned you, like most trolls in this forum full of crap.

                Are you using mysoginistic/homophobe insults against her or him? How nice! That shows how mature and forward thinking you are. We need more people like you in Free Software, free from all fascist crap in this society.

                Did you read me? Even me in 30 seconds can reply you a lot better, properly and the way you deserve to

                Michael: Please ban him, forever...
                • Likes 1

                Comment

                • #28
                  Originally posted by timofonic View Post
                  Did you read me? Even me in 30 seconds can reply you a lot better, properly and the way you deserve to
                  No, you can't. Your run-of-the-mill SJW bullshit lacks any brilliance.

                  By the way, Michael shares the same views as I do. Look up his interview to Fedora Magazine.
                  Last edited by angrypie; 10 February 2018, 08:16 PM.
                  • Likes 1

                  Comment

                  • #29
                    Originally posted by linuxgeex View Post

                    To be fair, there's new developers without experience with these issues entering the scene daily and not enough mentors with not enough free time to teach them all the security differences between system() vs fork() + exec() + wait(). The latter is far more complicated so I don't blame the noobs for avoiding it.
                    Sure, there are new developers... I deal with them all the time. And in any sanely-run project, inexperienced new developers don't get to commit code without having someone more experienced reviewing what they've done... both to catch dangerous errors like this, and to give them feedback on how to become better developers.

                    So if someone has written code like this, and someone has merged and released it... someone has screwed up badly.
                    • Likes 1

                    Comment

                    • #30
                      Originally posted by angrypie View Post

                      No, you can't. Your run-of-the-mill SJW bullshit lacks any brilliance.

                      By the way, Michael shares the same views as I do. Look up his interview to Fedora Magazine.
                      Are you another alt-right aka a lame kind of cryptofascist? You were too obvious

                      Show me your brilliance, I'm yet unable to see it. For now, you are only a pathetic person that writes useless bullshit on some blog+forum

                      How old are you?

                      Comment

                      Previous 1 2 3 4 template Next
                      Working...
                      X