Re: [Full-Disclosure] FAT32 input > output = null?

[jamie <jamie@xxxxxxxx>]

I read m.wood's post, and had to go read the OP.

This is a serious vulnerability.

The type as referenced Microsoft #id-10T et al, Pebkac edition.

The other day, I was at the post office.. My postal person left a 
notice for me to pick up a package.

Big, long, slow moving line.. and this Certain Ethnic woman was on her 
cell phone.. talking at the top of her vocal volume, like she was on a 
tin can and string about 100 miles long, really annoying everyone in 
line.

This lady in front of me finally piped up "Will you be quiet? Take that 
outside."

The CE woman gave this "pissoff" look to the lady in front of me, and 
kept talking.

The lady turned dismissed the CE woman, and turned around to comment to 
me.

"Some people are just too stupid to yell at or explain why they're 
idiots," she said.

I agree.



On 7 Apr 2004, at 18:19, Chris Palmer wrote:

> chris writes:
>
> > This also works with the 2.4.24 Linux kernel (Slackware 9.1):
>
> It's the shell, not the kernel. When you say "./foo > ./foo", the shell
> interprets "> ./foo" FIRST and does something like open("foo", O_TRUNC 
> |
> O_CREAT).
>
> Take a look at any Unix shell document and the open(2) man page -- this
> is old, known, documented behavior. It may violate the principle of
> least surprise, but it's not a vulnerability in the proper sense.
>
>
> --
> Chris Palmer
> Staff Technologist, Electronic Frontier Foundation
> 415 436 9333 x124 (desk), 415 305 5842 (cell)
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html