Hm, yes, you could perheaps restrict the code segment to a part of the linear memory, and have stack and data somewhere else. But, you would need to put some non-mapped pages in between, to be sure buffer-overruns don't just "grow" over it anyway. And a int a[2]; a[4711] = 2; might still jump on it anyway... But plain buffer-overruns (where all positions between the last real position and the last position really written are all written to), would be catched by a single separating, non-mapped, page. And what do we do with a program that we catch witha buffer-overrun? Terminate it? You still have the problem of the stack-segment being the same as the data-segment.
When I think about it, this won't work, since in Linux, all adresses within segments must be the same as linear adresses, and thus all segments must start at linear adress zero... Ok, if you put code first, you could make this work anyway.
The problem is that under a UNIXy system Like Linux, you _need_ to be able to write to your own memory. You as an application are not to be protected from yourself. At all. Removing this natural right of an application would make things like ld.so and the like impossible (they would have to be part of the kernel - shrugg!).
Because you have two segments overlapping in memory completely.
As I said, under any x86 UNIXy system (like Linux), you have a data segment and an exec-segment that have the same linear adresses, spanning all of the linear adress space. This means that you more or less entirely bypass the segmentation system. This method of bypassing the system is even described in the Intel manual, with reference to porting mainframe OSes! In this model, CS is allways equal to the segment descriptor with the exec flag set, and SS/DS/ES/FS/GS the one with the write/read flags set. All access control (read only or read write) is then done in the page system, where there is no notion of execution.
If you don't beleave me, check out the Pentium manual, page 108, figure 4-1 (Not the same as the hardcopy I refered to before, this is for the Pentium, not Pentium Pro, but this particular thing haven't changed a bit).
According to page 3-13 of "Pentium Pro Family Developer's Manual" "Volume 3: Operating System Writer's Guide", table 3-1: Code and Data segment types, there are four types of data segments - read-only, read/write, read-only-exapnd-down and read-write-expand-down, and four types of code segments - execute-only, execute-read, execute-only-conforming and execute-read-conforming. The problem is that under any UNIXy x86 systems, you don't use segmentation, but creates one big executable segment and one big data segment, spanning all of the linear adress space, and use page control as access control. This is because a) old big UNIX machines didn't have segmentation and b) some hackers consider segmentation an uggly cludge...
On the other hand: Why should (s)he get paid for each person getting the knowledge, when the work to create it is fixed?
And btw, the right to make parodies, joke about and quote from, a work of an other, is protected in law since long, long time. To deny it would be to kill all what is human - culture.
You missunderstund. I want to have a GUI, which uses the backend. The newbie uses the GUI, but a hacker can still use the functionality without the GUI.
This program is just one of many coming out lately that does the same error as Microsoft: Merging functionality and user interface. A package tool should consist of either one (or both) of a) a library b) a command line tool. Merging UI and functionality makes it very hard to change the UI (bringing it to a web-based administration, automation, etc) in the future, if needed.
Unfourtunately, this have been done a lot lately, mainly by KDE developers (No offense, you make a really good GUI, and some really nice functionalities, but could you please separate the two?):
* KMail have functionality to download mails and filter mails to different mailboxes (It should have used fetchmail and procmail for that, and provided only a graphical configuration tool for those two backends).
* QT contains both basic datastructures (Linked lists, hash-tables, etc) and GUI widgets (Buttons, listboxes, etc). In GNOME, those two parts are separated in Gtk+ (GUI widgets) and glib (basic datastructures).
* KDE contains a virtual filesystem that enables the user to transparently use files on remote sites using any KDE application. This functionality should have been in the operating system filesystem layer (There are several projects to achive this (portable): Podfuk, Alex, etc) VirtualFS), since as it is now, only KDE applications benefit. Here I might add that GNOME are unfourtunately heading for the same, developing the gnome-vfs (which stems from the Midnight Commander VFS).
You youngsters. Don't you see it? Tetris is the most addictive game _ever_. And there are millions of versions of it! And don't complain about lack of cool graphics - there is even several 3D-tetris-versions...
All these new games are just a lot of nice graphics and no new ideas behind.
Does this tree-based rendering thingy mean that it would be possible to implement a tree of layers, instaed as it is now a stack of layers, that is, that layers could be grouped into "meta-layers", to which the same things (like opacioty, mode, colour balance, etc) could be applied as to real layers? I have missed this feature in gimp.
Perheaps it would allready be possible to implement (just a bit messy?). I don't know. I am a developer, but I have never looked at the gimp sources...
Oh, those groupings allready exist! At least there are names for the persons creating different type of "software":
Webslave - Person creating HTML, JavaScript and PERL CGIs and perheaps some database bindings. "Software" with high user-expressive (I won't use the term expressive power as the author, since IMHO, even a sorting algorithm contains a lot of such) content.
Sysadmin - high-level programs merely interconnecting big entities. Not so high user-expressive-power, not so high engineering-power neither. This is more like the person planning where to bild the bridge, what islands to connect with bridges, etc.
Script-kiddie - like sysadmin, but with different big buildingblocks, and different intentions...
KDE-hacker - programmer creating everything in one place, low-level low-user-expressive and themes and widgets all in one place.
Forgot someone?
Yes, this is meant to be a troll, but a funny one, at least:)
This hgappened in all of Europe at that time (Bildschirmtext in germany, Teledata in sweden, to give two examples). All other countries have killed their "Minitels" since long... Just France is to proud to admit a centralised system is _they_ build is BAD.
I personally wrote a indentation-sensitive-syntax for Scheme (A LISP dialcet). I've been writing quite much Scheme since then, without a single parentesis... But OK, you get as many (if not more) spaces as you would normally have parentesis...
> Why does everybody seem to think that since OOP was created there is no longer a need for procedural programming?!
You forget functional and logic programming, you bastard;)
> From the Jargon file "Real Programmers Don't Document: If it was hard to write, it should be hard to read"
Most of the time, Perl isn't hard to write, so it shouldn't need to be hard to read. Except for the regexps, of course, which are _allways_ harder to write than to read (despite what newbies seing a regexp for the first tim e thinks).
> It's easy to obfuscate any language
Of course. But most languages doesn't come with _auto_obfuscation_...
Trolls are what makes/. worth reading! Don't be so boring serious!
* never specify Arial, at its own, and especially not together with a size of 0 or -1, since on all systems but Windows, Arial does not exist, and the default font, in size 0 or -1 is just unreadable. This holds true for both MAC and UNICes. Instaed, specify "Arial,Helvetica,Geneva"
* Do not clutter the page with a lot of small boxes, frams and icons.
* Remember that the information as such, not the design, is the most important. Nice graphics pretty, but most of the time just annoying...
*If you have several levels of "directories" of information, try to make each level look more or less the same, that is, don't have the first level be a traditional menu to the left, the next one a horizontal list at the top of the page, and the third one a bullet-list in the middle of the page. What I'm trying to say is that similarity between all the pages in where different parts of them are to be found, is good.
Didn't know. I'm quite issolated from what happens in my former home region (I'm from Swerden, where it'
s really Felia, the Hell Labs, since they are the old state-owned monopoly, which owns like all wires...) (I've moved to France)... Oh, that sounds great...
> Linux is not designed to support a wide range of different software applications, but excels with fairly straightforward tasks such as giving access to Internet sites.
So webserving is straightforward, and I can not run Quake and GIMP on Linux, I guess?
Anyway, for any scandinave, Telia switching to Linux is no big deal, since Telia is the devil itself anyway (Like AT&T in the US I guess?):) But it's nice to see IBM shipping a supercomputer w/ Linux, using their new hack to run several Linuxes under VM:s...
You don't give up any privacy; you can easily check that the browser doesn't tell the Opera people anything (tcpdump, anyone?). What you do give up, however, wethever you pay or not, is freedom. You don't have the freedom to give your friend a copy, and even more important, you don't have the freedom to fixe bugs for yourself, but have to wait for the Opera people to fix them. This has nothing to do with privacy, whatsoever... <Mode type=RMS>Go get a free browser, like conqueror or mozilla</Mode>
Who do not use ssh anyway? This neither less, nor more, public than the Internet. It can be eavesdropped? Yes. So can my connection from France (where I live) to sweden (where my webserver, IRC-client and more or less everything but my physical body, lives). But any eavesdropper won't be able to _use_ the collected data for much, except as random-source:) That is, if he doesn't have a big numbercruncher and can break my ssh...
Watermarsk may mean two things. What he was talking about was simply _signing_. Signing does not protect against copying (nothing can), neither does it protect against modifivcation. But it makes all modification _visible_, i.e. you can tell from a copy if it has been modified. This is _reasonable_ working - you need a huge numbercruncher to break it.
Gave me an idea: Why not set up a hole load of domains that resolves to 127.0.0.1 (Or, if that can be done in teh DNS protocol, I don't know the details of it (Sorry, I'm a luser): resolving to the requester)? They may be subdomains of "real" domains, and with just random names, so that they are hard to distinguish from real ones, and then poisoning the spambot with randomstring@random.spam.poison.domain?
All but.00385 % of all mp3 files out there might be illegal copies. But the persentage of unique illegal mp3s (all duplicates removbed) I would estimate to something like 1%...
He should review his contract with them - in detail. If it doesn't state they are allowed to do this type of thing, he can sue them, otherwize - he was stupid enought to sign a contract allowing them to do such nasty things...
Slashdot Mirror
Hm, yes, you could perheaps restrict the code segment to a part of the linear memory, and have stack and data somewhere else. But, you would need to put some non-mapped pages in between, to be sure buffer-overruns don't just "grow" over it anyway. And a int a[2]; a[4711] = 2; might still jump on it anyway... But plain buffer-overruns (where all positions between the last real position and the last position really written are all written to), would be catched by a single separating, non-mapped, page. And what do we do with a program that we catch witha buffer-overrun? Terminate it? You still have the problem of the stack-segment being the same as the data-segment.
When I think about it, this won't work, since in Linux, all adresses within segments must be the same as linear adresses, and thus all segments must start at linear adress zero... Ok, if you put code first, you could make this work anyway.
The problem is that under a UNIXy system Like Linux, you _need_ to be able to write to your own memory. You as an application are not to be protected from yourself. At all. Removing this natural right of an application would make things like ld.so and the like impossible (they would have to be part of the kernel - shrugg!).
Because you have two segments overlapping in memory completely.
As I said, under any x86 UNIXy system (like Linux), you have a data segment and an exec-segment that have the same linear adresses, spanning all of the linear adress space. This means that you more or less entirely bypass the segmentation system. This method of bypassing the system is even described in the Intel manual, with reference to porting mainframe OSes! In this model, CS is allways equal to the segment descriptor with the exec flag set, and SS/DS/ES/FS/GS the one with the write/read flags set. All access control (read only or read write) is then done in the page system, where there is no notion of execution.
If you don't beleave me, check out the Pentium manual, page 108, figure 4-1 (Not the same as the hardcopy I refered to before, this is for the Pentium, not Pentium Pro, but this particular thing haven't changed a bit).
According to page 3-13 of "Pentium Pro Family Developer's Manual" "Volume 3: Operating System Writer's Guide", table 3-1: Code and Data segment types, there are four types of data segments - read-only, read/write, read-only-exapnd-down and read-write-expand-down, and four types of code segments - execute-only, execute-read, execute-only-conforming and execute-read-conforming. The problem is that under any UNIXy x86 systems, you don't use segmentation, but creates one big executable segment and one big data segment, spanning all of the linear adress space, and use page control as access control. This is because a) old big UNIX machines didn't have segmentation and b) some hackers consider segmentation an uggly cludge...
On the other hand: Why should (s)he get paid for each person getting the knowledge, when the work to create it is fixed?
And btw, the right to make parodies, joke about and quote from, a work of an other, is protected in law since long, long time. To deny it would be to kill all what is human - culture.
You missunderstund. I want to have a GUI, which uses the backend. The newbie uses the GUI, but a hacker can still use the functionality without the GUI.
This program is just one of many coming out lately that does the same error as Microsoft: Merging functionality and user interface. A package tool should consist of either one (or both) of a) a library b) a command line tool. Merging UI and functionality makes it very hard to change the UI (bringing it to a web-based administration, automation, etc) in the future, if needed.
Unfourtunately, this have been done a lot lately, mainly by KDE developers (No offense, you make a really good GUI, and some really nice functionalities, but could you please separate the two?):
* KMail have functionality to download mails and filter mails to different mailboxes (It should have used fetchmail and procmail for that, and provided only a graphical configuration tool for those two backends).
* QT contains both basic datastructures (Linked lists, hash-tables, etc) and GUI widgets (Buttons, listboxes, etc). In GNOME, those two parts are separated in Gtk+ (GUI widgets) and glib (basic datastructures).
* KDE contains a virtual filesystem that enables the user to transparently use files on remote sites using any KDE application. This functionality should have been in the operating system filesystem layer (There are several projects to achive this (portable): Podfuk, Alex, etc) VirtualFS), since as it is now, only KDE applications benefit. Here I might add that GNOME are unfourtunately heading for the same, developing the gnome-vfs (which stems from the Midnight Commander VFS).
You youngsters. Don't you see it? Tetris is the most addictive game _ever_. And there are millions of versions of it! And don't complain about lack of cool graphics - there is even several 3D-tetris-versions...
All these new games are just a lot of nice graphics and no new ideas behind.
And for multiuser-games: MUD just rox!
Then, we are all going to wonder what you americans bitched so much about about the russians during the cold war...
Does this tree-based rendering thingy mean that it would be possible to implement a tree of layers, instaed as it is now a stack of layers, that is, that layers could be grouped into "meta-layers", to which the same things (like opacioty, mode, colour balance, etc) could be applied as to real layers? I have missed this feature in gimp.
Perheaps it would allready be possible to implement (just a bit messy?). I don't know. I am a developer, but I have never looked at the gimp sources...
Oh, those groupings allready exist! At least there are names for the persons creating different type of "software":
:)
Webslave - Person creating HTML, JavaScript and PERL CGIs and perheaps some database bindings. "Software" with high user-expressive (I won't use the term expressive power as the author, since IMHO, even a sorting algorithm contains a lot of such) content.
Sysadmin - high-level programs merely interconnecting big entities. Not so high user-expressive-power, not so high engineering-power neither. This is more like the person planning where to bild the bridge, what islands to connect with bridges, etc.
Script-kiddie - like sysadmin, but with different big buildingblocks, and different intentions...
KDE-hacker - programmer creating everything in one place, low-level low-user-expressive and themes and widgets all in one place.
Forgot someone?
Yes, this is meant to be a troll, but a funny one, at least
This hgappened in all of Europe at that time (Bildschirmtext in germany, Teledata in sweden, to give two examples). All other countries have killed their "Minitels" since long... Just France is to proud to admit a centralised system is _they_ build is BAD.
I personally wrote a indentation-sensitive-syntax for Scheme (A LISP dialcet). I've been writing quite much Scheme since then, without a single parentesis... But OK, you get as many (if not more) spaces as you would normally have parentesis...
> Why does everybody seem to think that since OOP was created there is no longer a need for procedural programming?! ;)
/. worth reading! Don't be so boring serious!
You forget functional and logic programming, you bastard
> From the Jargon file "Real Programmers Don't Document: If it was hard to write, it should be hard to read"
Most of the time, Perl isn't hard to write, so it shouldn't need to be hard to read. Except for the regexps, of course, which are _allways_ harder to write than to read (despite what newbies seing a regexp for the first tim e thinks).
> It's easy to obfuscate any language
Of course. But most languages doesn't come with _auto_obfuscation_...
Trolls are what makes
* never specify Arial, at its own, and especially not together with a size of 0 or -1, since on all systems but Windows, Arial does not exist, and the default font, in size 0 or -1 is just unreadable. This holds true for both MAC and UNICes. Instaed, specify "Arial,Helvetica,Geneva"
* Do not clutter the page with a lot of small boxes, frams and icons.
* Remember that the information as such, not the design, is the most important. Nice graphics pretty, but most of the time just annoying...
*If you have several levels of "directories" of information, try to make each level look more or less the same, that is, don't have the first level be a traditional menu to the left, the next one a horizontal list at the top of the page, and the third one a bullet-list in the middle of the page. What I'm trying to say is that similarity between all the pages in where different parts of them are to be found, is good.
Je desolé!
Ursäkta!
Excuse me!
Urskuld!
Didn't know. I'm quite issolated from what happens in my former home region (I'm from Swerden, where it'
s really Felia, the Hell Labs, since they are the old state-owned monopoly, which owns like all wires...) (I've moved to France)... Oh, that sounds great...
> Linux is not designed to support a wide range of different software applications, but excels with fairly straightforward tasks such as giving access to Internet sites.
:) But it's nice to see IBM shipping a supercomputer w/ Linux, using their new hack to run several Linuxes under VM:s...
So webserving is straightforward, and I can not run Quake and GIMP on Linux, I guess?
Anyway, for any scandinave, Telia switching to Linux is no big deal, since Telia is the devil itself anyway (Like AT&T in the US I guess?)
You don't give up any privacy; you can easily check that the browser doesn't tell the Opera people anything (tcpdump, anyone?). What you do give up, however, wethever you pay or not, is freedom. You don't have the freedom to give your friend a copy, and even more important, you don't have the freedom to fixe bugs for yourself, but have to wait for the Opera people to fix them. This has nothing to do with privacy, whatsoever... <Mode type=RMS>Go get a free browser, like conqueror or mozilla</Mode>
Sorry. Read the book in swedish :(
English socialism
1948, the time was badly predicted. But the history not. It didn't happen 1984, but 2048 it will all have happened...
Who do not use ssh anyway? This neither less, nor more, public than the Internet. It can be eavesdropped? Yes. So can my connection from France (where I live) to sweden (where my webserver, IRC-client and more or less everything but my physical body, lives). But any eavesdropper won't be able to _use_ the collected data for much, except as random-source :) That is, if he doesn't have a big numbercruncher and can break my ssh...
Watermarsk may mean two things. What he was talking about was simply _signing_. Signing does not protect against copying (nothing can), neither does it protect against modifivcation. But it makes all modification _visible_, i.e. you can tell from a copy if it has been modified. This is _reasonable_ working - you need a huge numbercruncher to break it.
Gave me an idea: Why not set up a hole load of domains that resolves to 127.0.0.1 (Or, if that can be done in teh DNS protocol, I don't know the details of it (Sorry, I'm a luser): resolving to the requester)? They may be subdomains of "real" domains, and with just random names, so that they are hard to distinguish from real ones, and then poisoning the spambot with randomstring@random.spam.poison.domain?
All but .00385 % of all mp3 files out there might be illegal copies. But the persentage of unique illegal mp3s (all duplicates removbed) I would estimate to something like 1%...
He should review his contract with them - in detail. If it doesn't state they are allowed to do this type of thing, he can sue them, otherwize - he was stupid enought to sign a contract allowing them to do such nasty things...