[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: CVE-2017-14482 - Red Hat Customer Portal
From: |
Emanuel Berg |
Subject: |
Re: CVE-2017-14482 - Red Hat Customer Portal |
Date: |
Tue, 26 Sep 2017 00:02:44 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.4 (gnu/linux) |
Glenn Morris wrote:
> Wow. I find this an extraordinary statement.
> For example, it means that "emacs [-Q]
> somefile" could eg happily delete your home
> directory. Please reconsider.
On Unix systems we like to say everything is
a file [1].
The first thing you do when you don't
understand something is to have a glance under
the hood which translates to reviewing one or
more files.
This is such everyday-behavior I never even
considered it could cause the kind of damage
you describe. If indeed it can, this should be
the exception and the default behavior should
not allow it.
[1] "For example, let's say you want to find
information about your CPU. The /proc
directory contains a special file –
/proc/cpuinfo – that contains
this information.
You don't need a special command that
tells you your CPU info – you can just
read the contents of this file using any
standard command that works with
plain-text files. For example, you could
use the command cat /proc/cpuinfo to print
this file's contents to the terminal –
printing your CPU information to
the terminal.
You could even open /proc/cpuinfo in
a text editor to view its contents."
https://www.howtogeek.com/117939/htg-explains-what-everything-is-a-file-means-on-linux/
--
underground experts united
http://user.it.uu.se/~embe8573
- Re: CVE-2017-14482 - Red Hat Customer Portal, (continued)
- Re: CVE-2017-14482 - Red Hat Customer Portal, Yuri Khan, 2017/09/23
- Re: CVE-2017-14482 - Red Hat Customer Portal, Eli Zaretskii, 2017/09/23
- Re: CVE-2017-14482 - Red Hat Customer Portal, Philipp Stephani, 2017/09/24
- Re: CVE-2017-14482 - Red Hat Customer Portal, Robert Thorpe, 2017/09/24
- Re: CVE-2017-14482 - Red Hat Customer Portal, Eli Zaretskii, 2017/09/29
- Re: CVE-2017-14482 - Red Hat Customer Portal, Stefan Monnier, 2017/09/29
- Re: CVE-2017-14482 - Red Hat Customer Portal, Emanuel Berg, 2017/09/29
- Re: CVE-2017-14482 - Red Hat Customer Portal, Eli Zaretskii, 2017/09/29
- Message not available
- Re: CVE-2017-14482 - Red Hat Customer Portal, Emanuel Berg, 2017/09/24
- Re: CVE-2017-14482 - Red Hat Customer Portal, Glenn Morris, 2017/09/25
- Re: CVE-2017-14482 - Red Hat Customer Portal,
Emanuel Berg <=
- RE: CVE-2017-14482 - Red Hat Customer Portal, Ludwig, Mark, 2017/09/25
- Re: CVE-2017-14482 - Red Hat Customer Portal, Emanuel Berg, 2017/09/26
- RE: CVE-2017-14482 - Red Hat Customer Portal, Ludwig, Mark, 2017/09/26
- Re: CVE-2017-14482 - Red Hat Customer Portal, Philipp Stephani, 2017/09/26
- RE: CVE-2017-14482 - Red Hat Customer Portal, Ludwig, Mark, 2017/09/26
- Re: CVE-2017-14482 - Red Hat Customer Portal, Eli Zaretskii, 2017/09/29
- Re: CVE-2017-14482 - Red Hat Customer Portal, Eli Zaretskii, 2017/09/29
- Re: CVE-2017-14482 - Red Hat Customer Portal, Narendra Joshi, 2017/09/26
- Re: CVE-2017-14482 - Red Hat Customer Portal, Philipp Stephani, 2017/09/26
- Message not available
- Re: CVE-2017-14482 - Red Hat Customer Portal, Emanuel Berg, 2017/09/24