jmvalin: (Default)

As of today, it's really important that I don't forget to tell people not to do illegal stuff. That's because today, a new special law states (among other things) that (rough translation):

"Whoever causes, by an act, omission, help, encouragement, advice, consent, authorization, or order, someone to do something which is an offense under that law, then that person is deemed to have committed the same offence".

For those who can read French, here's the French text for that quote. What is still unclear is whether that clause applies recursively and if so, down how many levels. For example, if I don't tell you to tell Joe to tell Bob to tell George not to commit an offence under that law, have I committed an offence?

No, I do not live in China or North Korea, but in the Canadian province of Quebec. The reason why this law is apparently really necessary is that the government had to stop university students from savagely attacking police batons with their heads. I mean, there's a few minor issues, like the fact that the Quebec Bar association considers this new law to be unconstitutional, but hey who really cares about those sorts of details anymore.

jmvalin: (Default)
So a while ago, I wasn't careful with type lengths and wrote some code in the speex encoder (speexenc, not libspeex) that wouldn't work very well on 64-bit machines. More precisely, it would make speexenc crash on startup 100% of the time, so you can't really miss it if you have a 64-bit machine. Fortunately, someone noticed and the bug was promptly fixed. This should normally have been the end of the story... except that Ubuntu was going to ship Dapper with an older version (current Debian unstable).

Turns out that the bug was reported against Dapper very early on. A patch was even posted more than a month before the release of Dapper. From there, it took 11 months for the 2-line fix to be applied and released. And if it wasn't for me harassing some of the developers (thanks crimsun, tritium for pushing the fix in), I don't think the fix would never have made it.

Sometimes one wonders why it is that Ubuntu has a bug tracker. Another example is bug #52600. You can't see it because it's marked as a security bug, but considering I filed it more than 8 months ago, I don't think making it private makes sense anymore. That one comes down to the fact that any local user with no privilege can crash a Dapper machine very easily. You just compile the following program:

#include <sched.h>
int main() {
struct sched_param param;
param.sched_priority = sched_get_priority_max(SCHED_FIFO);
sched_setscheduler(0,SCHED_FIFO,¶m);
while(1);
}

and then execute it. What this does is simply ask the maximum real-time priority and then spin doing nothing, starving every single other process on the machine and forcing a reboot. While allowing SCHED_FIFO to some users in some circumstances makes sense, I can't understand why it's enabled for everyone on the system. It's a bit like making the shutdown command setuid root. Yeah for the Ubuntu LTS (Long Time to get Support) process!

Profile

jmvalin: (Default)
jmvalin

March 2023

S M T W T F S
   1234
567891011
12131415161718
1920212223 2425
262728293031 

Syndicate

RSS Atom

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags
Page generated Jul. 11th, 2025 09:37 am
Powered by Dreamwidth Studios