Re: Hurd Login Utility

This seems to be caused by a segfault, so I imagine this is not intended! Tracking down the cause... James On Tue, 29 Sep 2015, James Clarke wrote: Whilst looking through the code in utils/login.c, I noticed a security issue. Even if --paranoid is set, if you give it a UID that doesn’t

[PATCH 1/1] Add missing null checks in libshouldbeinlibc

The getpwnam_r and similar functions only return non-zero on error, but not finding the given name/UID/GID does not count as an error. When they return 0, the value of the result (*result when looking at the arguments in the man pages) still needs to be checked for null. *

[PATCH 0/1] Add missing null checks in libshouldbeinlibc

This stops /bin/login segfaulting when giving it a bad UID. However, the fact that the UID does not exist is still leaked, since libshouldbeinlibc/idvec-verify.c:verify_id falls back on asking for the root password, and indicates this by changing the prompt to "Password for root". James Clarke

Re: Shortest path to significant improvement in hardware support

Hi Bruno! El 29/09/15 a les 11:31, Bruno Félix Rezende Ribeiro ha escrit: My main goal working on Hurd is to get more people to use the GNU system, so we can achieve critical mass to make the system develop at an acceptably pace. In order to solve this problem it's necessary to fix the most

libusb+librump patch

Hello, GNU Hurd hackers! Based on Robert Millan's mplayer rump patch, I was able to make a patch to successfully build libusb-1.0 on Hurd linking it to librump. The patch is attached. To try it, save the patch file in the current working directory and from there follow these steps: $ su -c

Re: Shortest path to significant improvement in hardware support

Hello, Robert! Em Tue, 29 Sep 2015 22:56:59 +0200 Robert Millan escreveu: > When you say USB is one of the things people need most, are you > thinking on any particular usage of USB? I.e. any device class in > particular? A combination of them? Not really --- I mean USB in