lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Wed, 13 Apr 2011 07:54:50 -0700
From:	Linus Torvalds <torvalds@...ux-foundation.org>
To:	George Spelvin <linux@...izon.com>
Cc:	davej@...hat.com, linux-kernel@...r.kernel.org, joro@...tes.org
Subject: Re: Linux 2.6.39-rc3

On Tue, Apr 12, 2011 at 9:32 PM, George Spelvin <linux@...izon.com> wrote:
>
> Note that the discussion on the libmount mailing list revealed a possible
> kernel workaround: escape the hyphens as \055.  Damn hard to read for
> a human, but it does parse correctly, and the workaround can be fixed
> once the library updates have propagated.

I'd rather replace it with some non-dash character that is
human-readable, like '+' or some utf-8 sequence that _looks_ like a
dash.

So it wouldn't parse as a uuid to some code - big deal. Clearly
neither does the correct dash. Using \055 would be just ugly.

Of course, not exposing it at all is also a reasonable strategy.

Who uses /proc/self/mountinfo? I see the problem on my alpha Fedora-15
test-machine, but Fedora-14 doesn't seem to do it. Ubuntu? SuSE? Do we
know how widespread the breakage is?

If it is _just_ Fedora-15, then I presume that pushing out the
util-linux fix and waiting a few weeks will fix it (since anybody
using F-15 right now lives on the edge anyway, and a real release
hasn't happened). But if we have real releases using it, then we may
need to look at workarounds using non-'-' characters if people really
want the uuid showing up any time soon.

                      Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ