How Windows Handles Pathnames
by Lawrence D'Oliveiro
A Google engineer has published a detailed exposé on how Microsoft
Windows handles file and directory pathnames (as opposed to how it is
documented to handle them)
<http://googleprojectzero.blogspot.com/2016/02/the-definitive-guide-on-win...>
(found from
<http://www.theregister.co.uk/2016/03/01/windows_path_hacks/>). Most of
it, it could be argued, makes some sort of sense from a
backward-compatibility rationale. Except for the reserved device names
(PRN, NUL, CON etc):
Now if just specifying these paths explicitly was all that this
process handled it would be annoying but not the end of the world.
However it’s much worse. The conversion process actively tries to
convert any path with the device name last, even if the path is a
Drive Absolute path. To make matters even worse the device name can
have arbitrary trailing characters as long the trailing characters
are separated from the device by a dot or a colon. The name can
then also have trailing spaces.
...
Why it does the check is beyond me as it seems to serve no actual
purpose. Also note the removal of trailing suffixes, which can come
in handy if something is actively trying to guard against this
behavior. For example, if an application was mindful and was
checking for a filename that matched one of the reserved names you
can just bypass that check by appending an arbitrary suffix.
3 years, 8 months
Op-ed: Oracle attorney says Google’s court victory might kill the GPL
by Peter Reutemann
"The developer community may be celebrating today what it perceives as
a victory in Oracle v. Google. Google won a verdict that an
unauthorized, commercial, competitive, harmful use of software in
billions of products is fair use. No copyright expert would have ever
predicted such a use would be considered fair. Before celebrating,
developers should take a closer look. Not only will creators
everywhere suffer from this decision if it remains intact, but the
free software movement itself now faces substantial jeopardy."
-- source: http://arstechnica.com/tech-policy/2016/05/op-ed-oracle-attorney-says-goo...
Interesting article, I have to say. The verdict might throw a spanner
in what is considered "derivative work" in terms of GPL code.
Companies using GPL libraries will no longer have to open-source their
code, as it is simple considered fair use?
Cheers, Peter
--
Peter Reutemann
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 858-5174
http://www.cms.waikato.ac.nz/~fracpete/
http://www.data-mining.co.nz/
4 years
Tor Browser 6.0: Ditches SHA-1 Support, Uses DuckDuckGo For Default Search Results
by Peter Reutemann
"The version 6.0 of Tor Browser, a free software for enabling
anonymous communication, is now available to download. The new version
introduces several changes, including disabling SHA-1 support, and
removing Mac Gatekeeper issue. Another big change is that Tor now uses
DuckDuckGo for search results by default. The Tor Project, people
behind Tor, add that the "updater is not relying on the signature
alone, but is checking the hash of the downloaded update file as well
before applying it." More details on NetworkWorld."
-- source: https://tech.slashdot.org/story/16/05/31/1643234
Cheers, Peter
--
Peter Reutemann
Dept. of Computer Science
University of Waikato, NZ
+64 (7) 858-5174
http://www.cms.waikato.ac.nz/~fracpete/
http://www.data-mining.co.nz/
4 years
Issue with systemd
by Ian Young
>From this week's Distrowatch. Could be a problem in some circumstances.
The systemd project tends to stir up debate with each new feature it
implements. One of the most recent changes to systemd (available in
version 230), forces user processes to terminate when the user logs
out. On some systems, such behaviour makes sense and effectively
cleans up misbehaving processes when the user leaves. However, many
administrators and developers rely on processes continuing to run to
perform tests, backups or other tasks after they log off. Guus Sliepen
summed up the concerns of the latter group quite nicely in a Debian
bug report: It is now indeed the case that any background processes
that were still running are killed automatically when the user logs
out of a session, whether it was a desktop session, a VT session, or
when you SSHed into a machine. Now you can no longer expect a long
running background processes to continue after logging out. I believe
this breaks the expectations of many users. For example, you can no
longer start a screen or tmux session, log out, and expect to come
back to it. For this reason, I think it is a bad decision on the part
of the systemd maintainers to enable this feature by default, and it
should rather be disabled by default in Debian." A similar discussion
is taking place on a Fedora mailing list. The new default systemd
behaviour can be disabled (either by distributions or system
administrators) by editing the logind configuration file.
4 years
Re: [wlug] Issue with systemd
by Andrew Crosby
To my mind, this seems like a useful feature. Odd choice to have it turned
on by default though given the historic convention.
Cheers
Andrew
On 30 May 2016 22:47, "Michael Cree" <mcree(a)orcon.net.nz> wrote:
On Mon, May 30, 2016 at 10:22:13AM +0000, Ian Young wrote:
> It is now indeed the case that any background processes
> that were still running are killed automatically when the user logs
> out of a session, whether it was a desktop session, a VT session, or
> when you SSHed into a machine. Now you can no longer expect a long
> running background processes to continue after logging out. I believe
> this breaks the expectations of many users.
Yes, it breaks the well established practice that the controlling
terminal sends all its child processes a HUP signal on logout, and
that the default signal handler will kill such processes, and if the
process wants to remain running it therefore establishes a signal
handler to properly receive and handle the HUP signal so that it is
not terminated.
If processes are not being terminated on logout when they should be,
then it is the non-terminating processes fault as the process has
taken action to set up a non-default signal hangler to receive the HUP
signal to achieve this effect. It is most certainly not the
responsibility of systemd to kill processes on logout!
With these critical and non-sensical changes to system behaviour that
is well without the established remit of the init process the systemd
developers are fast losing what little respect I might have had for
them.
Cheers
Michael.
_______________________________________________
wlug mailing list | wlug(a)list.waikato.ac.nz
Unsubscribe: https://list.waikato.ac.nz/mailman/listinfo/wlug
4 years
Whom to contact for a public mirror for a Linux distribution?
by Michael Doerner - Technologywise
Hi all
I am involved with a Linux distribution called "Koozali SME server"
(https://wiki.contribs.org/Main_Page).
Unfortunately we lost our mirror in NZ (Oceania) due to very sad
circumstances and I am looking whether there is a chance to add that
distro to one of the existing public mirrors. I am following the Wiki
http://wiki.wlug.org.nz/NewZealandLinuxMirrors and would like to ask at
University of Canterbury (Hm, there is a directory on their mirror
server called "contrib" and I wonder whether there was something planned
at some time ago).
If someone here knows how to get in contact (email?) with an admin
person there, I would appreciate any hint.
Thanks
Michael Doerner
4 years
