-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wednesday 12 February 2003 09:29 pm, Mark J Roberts wrote:
> bdonlan:
[snip]
> With code uploading, you could make _sure_ that the terminal would
> only be capable of outputting questions and reading answers in the
> style you want.
>
> void prompt_user(char question[128], char answer[128])
> {
> printf("%s? ", question);
> scanf("%127s", answer);
> puts("Thank you for your valuable input.");
> }
>
> That code is piped up to the kernel, where it is kept safe from
> modification, and executes with its own special set of priviliges.
> In this case, it would be capable of reading from and writing to the
> terminal, whereas your program proper would not be capable of doing
> that.
And let it at the kernel stack? _BAD_ idea. It can still use printf/scanf to
sniff your password anyway.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE+TA9ox533NjVSos4RAmYXAKCptqdwwoNoLeSjHcWIC26XrzhdzACfZfFt
SHaoBG0w/InhplojtTVVsZc=
=aypT
-----END PGP SIGNATURE-----
_______________________________________________
devl mailing list
[EMAIL PROTECTED]
http://hawk.freenetproject.org:8080/cgi-bin/mailman/listinfo/devl
