Hacker News new | past | comments | ask | show | jobs | submit login
Introduction to redo (ntlworld.com)
33 points by soundsop on March 28, 2015 | hide | past | favorite | 2 comments



This article claims that redo suffers from several security issues at the very end. But can anyone explain to me how a userspace program that is run directly by the user can have any security issues at all? Also, apart from the PATH issue, all those "security holes" seem to require changing files, making them useless.

Besides, the author is wrong about the reasoning of apenwarr to implement #! processing[0]: it's done primarily to avoid having to make .do files executable. execlp() even executes /bin/sh all by itself if no header could be recognized[1]:

"If the header of a file isn't recognized (the attempted execve(2) failed with the error ENOEXEC), these functions will execute the shell (/bin/sh) with the path of the file as its first argument. (If this attempt fails, no further searching is done.)"

[0] https://github.com/apenwarr/redo#can-my-do-files-be-written-...

[1] http://linux.die.net/man/3/execv


Here is a great little video series that goes through implementing Redo in Haskell:

https://www.youtube.com/watch?v=zZ_nI9E9g0I




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: