On 2/2/24 12:05, Alan Coopersmith wrote:
On 2/2/24 05:45, Enrico Weigelt, metux IT consult wrote:
Hello folks,
I wonder whether we still need the Fopen() function.
It's a funny and complicated way of loading a file with dropped privs
(by calling `cat` on that file !).
It only does the cat
On 2024-02-02 4:10 PM, Enrico Weigelt, metux IT consult wrote:
Hello folks,
I'm currently writing a security extension and having trouble
understanding what's going on w/ receive hook and xeyes:
when moving the mouse, xeyes receives an event on the root window:
GenericEvent with evtype
Hello folks,
I'm currently writing a security extension and having trouble
understanding what's going on w/ receive hook and xeyes:
when moving the mouse, xeyes receives an event on the root window:
GenericEvent with evtype DestroyNotify. (when blocking this one, the
eyes don't move anymore).
On 2/2/24 05:45, Enrico Weigelt, metux IT consult wrote:
Hello folks,
I wonder whether we still need the Fopen() function.
It's a funny and complicated way of loading a file with dropped privs
(by calling `cat` on that file !).
It only does the cat if HAS_SAVED_IDS_AND_SETEUID is not
"Enrico Weigelt, metux IT consult" writes:
> But this doesn't make much sense to me: why should the xserver - if
> started as root (but dropping privs) - be prevented from reading an
> xauth file ?
Maybe for NFS? Imagine (it's the late 90s and) you've got a workstation
running an X server as
On 2/2/24 10:01, Enrico Weigelt, metux IT consult wrote:
Hello folks,
what exactly is the field party_like_its_1989 actually for ?
It implements the -retro command line option to start up with the grey weave
background and classic X cursor, as X servers did in 1989, instead of the
default
Hello folks,
what exactly is the field party_like_its_1989 actually for ?
--mtx
--
---
Hinweis: unverschlüsselte E-Mails können leicht abgehört und manipuliert
werden ! Für eine vertrauliche Kommunikation senden Sie bitte ihren
GPG/PGP-Schlüssel zu.
---
Enrico Weigelt, metux IT consult
Free
On 2/2/24 03:42, Enrico Weigelt, metux IT consult wrote:
On 01.02.24 19:29, Alan Coopersmith wrote:
Hi Alan,
Which ones are public ?
For the Xorg server, the ones listed in
https://gitlab.freedesktop.org/xorg/xserver/-/blob/master/hw/xfree86/sdksyms.sh
is this script actually used
On 2/2/24 05:13, Enrico Weigelt, metux IT consult wrote:
On 01.02.24 18:15, Alan Coopersmith wrote:
On 2/1/24 05:59, tlaro...@kergis.com wrote:
1) Test for __GNUC__ as well as __clang__ since gcc has no attributes
for __attribute((malloc)) as well;
Current versions of gcc do:
On Fri, Feb 02, 2024 at 08:56:26AM -0800, Alan Coopersmith wrote:
> On 2/2/24 04:14, tlaro...@kergis.com wrote:
> > I have asked for a merge request for libXau.
> >
> > I will very probably make other suggestions for other Xorg packages as
> > I go on with the work I'm doing around NetBSD.
> >
>
Hello,
On Fri, Feb 02, 2024 at 04:45:12PM +0100, Enrico Weigelt, metux IT consult
wrote:
> On 01.02.24 17:10, tlaro...@kergis.com wrote:
>
>
>
> since you're already working on libXau:
>
> do you happen to know any way for adding more data to auth tokens
> (w/o breaking file format) ?
>
>
On 2/2/24 04:14, tlaro...@kergis.com wrote:
I have asked for a merge request for libXau.
I will very probably make other suggestions for other Xorg packages as
I go on with the work I'm doing around NetBSD.
Are the merge requests triggering some note for developers (so the
merge request is
On 01.02.24 17:10, tlaro...@kergis.com wrote:
since you're already working on libXau:
do you happen to know any way for adding more data to auth tokens
(w/o breaking file format) ?
I'm currently working on an namespace-based security extension, which
puts groups of clients into their own
On Fri, 2 Feb 2024 13:15:29 +0100
"Enrico Weigelt, metux IT consult" wrote:
> Hello folks,
>
>
> Does anyone happen to know whether I can tell gitlab not to send CI fail
> reports on some specific branch ?
>
> I've got some hacking branches that are known to be broken and never
> will be
On 02.02.24 13:14, tlaro...@kergis.com wrote:
Are the merge requests triggering some note for developers (so the
merge request is sufficient per se), or do we need to drop on note
on the list to inform that we have something pending?
I'm just wondering the same. There're way over 100 open
Hello folks,
I wonder whether we still need the Fopen() function.
It's a funny and complicated way of loading a file with dropped privs
(by calling `cat` on that file !).
The only call site is LoadAuthorization() (auth.c) for loading the
Xauthority file (if one was passed to xserver via -auth
On 01.02.24 18:15, Alan Coopersmith wrote:
On 2/1/24 05:59, tlaro...@kergis.com wrote:
1) Test for __GNUC__ as well as __clang__ since gcc has no attributes
for __attribute((malloc)) as well;
Current versions of gcc do:
I have asked for a merge request for libXau.
I will very probably make other suggestions for other Xorg packages as
I go on with the work I'm doing around NetBSD.
Are the merge requests triggering some note for developers (so the
merge request is sufficient per se), or do we need to drop on note
Hello folks,
Does anyone happen to know whether I can tell gitlab not to send CI fail
reports on some specific branch ?
I've got some hacking branches that are known to be broken and never
will be submitted to mainline (and I'm pushing very frequently here)
In those cases these mails are just
On 01.02.24 19:29, Alan Coopersmith wrote:
Hi Alan,
Which ones are public ?
For the Xorg server, the ones listed in
https://gitlab.freedesktop.org/xorg/xserver/-/blob/master/hw/xfree86/sdksyms.sh
is this script actually used somewhere ?
It looks like some test script - should we include
20 matches
Mail list logo