| |||||||||||||
Making EPERM friendlierMaking EPERM friendlierPosted Jan 19, 2013 20:05 UTC (Sat) by dkg (subscriber, #55359)Parent article: Making EPERM friendlier This is definitely potentially a two-edged sword. It's worth noting CVE-2013-0157 (aka debian bug 697464) is a recent and simple example of a way in which more-detailed error reporting causes a data leak that might not be acceptable on some systems. I'm grateful to see the additional error reporting (i do think that obscure errors limit the usability of our systems) but there are some tricky tradeoffs that need to be balanced to do it right.
(Log in to post comments)
Making EPERM friendlier Posted Jan 20, 2013 0:23 UTC (Sun) by dvdeug (subscriber, #10998) [Link]
Actually, that bug shows the same problem happening with
$ mount --guess-fstype /root/.ssh/../../dev/sda1 ; even the error-reporting only looks like an error reporting one, because $ mount /root/.ssh/../../dev/cdrom mounting the cdrom confirms the existence of /root/.ssh as much as an error message would.
|
|||||||||||||