[PATCH 2/10] Debian patch: Unknown purpose!
Andrew Bartlett
abartlet at samba.org
Wed May 30 20:52:54 GMT 2007
On Wed, 2007-05-30 at 22:10 +0200, Christian Perrier wrote:
> The attached patch is currently used in Debian.
>
> I am afraid that we (at least Steve Langasek and me) have no idea of
> what it may have be meant for.
>
> We can't even tell whether it is Debian specific or not and even the
> name doesn't help....:-|
I remember this one...
The first part is because you have some parinoid users who pass the
password on the command line, but don't want the password's length
easily guessed by how many Xs are left in the argv buffer, visible vi
ps, after we process it. (note the race while we process it is
unprotected).
It would seem to me a reasonable request, except that this information
is probably available by looking at the offset of the next argv buffer.
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc. http://redhat.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20070531/44d9ca0c/attachment.bin
More information about the samba-technical
mailing list