LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Re: [patch 03/26] sysfs: zero terminate sysfs write buffers (CVE-2006-1055)

Re: [patch 03/26] sysfs: zero terminate sysfs write buffers (CVE-2006-1055)

Posted Apr 6, 2006 12:03 UTC (Thu) by eskild (subscriber, #1556)
Parent article: Re: [patch 03/26] sysfs: zero terminate sysfs write buffers (CVE-2006-1055)

Corbet, if you see this: You do try to protect the e-mail addresses in the From and To fields using <AT>. However, in the actual message you do not. Would this be a thing to consider in order to make things a wee bit harder for harvesters?

(Log in to post comments)

Re: [patch 03/26] sysfs: zero terminate sysfs write buffers (CVE-2006-1055)

Posted Apr 6, 2006 16:59 UTC (Thu) by JoeBuck (subscriber, #2330) [Link]

You did notice, didn't you, that the "actual message" is on a site that Jon Corbet does not control?

Re: [patch 03/26] sysfs: zero terminate sysfs write buffers (CVE-2006-1055)

Posted Apr 6, 2006 19:21 UTC (Thu) by eskild (subscriber, #1556) [Link]

I'm not entirely certain I understand your wording. If you mean that the actual content originates somewhere else, then of course I'm aware of that.

Now, I may be mistaken, but isn't it the case that LWN has made a cut-and-paste into their own content management system?

Or, are they really downloading text from that remote site whenever you and I load the page? While possible, I honestly doubt it, but please enlighten me if that is the case.

Otherwise, then, the content is now stored at, and served from, LWN and LWN could, if they so chose, apply re-formatting of the e-mail addresses. I doubt anyone would consider that a violation of quotation ethics.

I am also aware that the LKML where the message originates is a highly public place, so in this particular case it makes no difference at all. My comment was merely indended as a note to Mr. Corbet that there is something he could perhaps consider to build into LWN.

Re: [patch 03/26] sysfs: zero terminate sysfs write buffers (CVE-2006-1055)

Posted Apr 8, 2006 23:50 UTC (Sat) by fergal (subscriber, #602) [Link]

In fairness to Eskild, it does not appear that Jon has cut and pasted from the http://article.gmane.org/gmane.linux.kernel/396304. The address mangling in the header is different and is also applied to the body. So presumably he's doing his own mangling (or copying from someone else who's only mangling the header) in which case it could be improved.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds