On Fri, Jun 20, 2014 at 09:31:36AM -0700, Kees Cook wrote:
> On Wed, Jun 18, 2014 at 11:29:31PM -0700, Seth Arnold wrote:
> > On Wed, Jun 18, 2014 at 05:44:05PM -0700, Steve Beattie wrote:
> > > This patch adds the abstractions/base abstraction to the
> > > HANDLING_UNTRUSTED_INPUT apache2 hat.
> >
Hello,
Am Freitag, 20. Juni 2014 schrieb Kees Cook:
> On Wed, Jun 18, 2014 at 11:29:31PM -0700, Seth Arnold wrote:
> > HANDLING_UNTRUSTED_INPUT has always had some unexpected
> > consequences; I love the idea but it just might not work with
> > Apache's reality.
Oh yes, there are some funny[tm]
On Wed, Jun 18, 2014 at 11:29:31PM -0700, Seth Arnold wrote:
> On Wed, Jun 18, 2014 at 05:44:05PM -0700, Steve Beattie wrote:
> > This patch adds the abstractions/base abstraction to the
> > HANDLING_UNTRUSTED_INPUT apache2 hat.
> >
> > [I dislike this because the idea for the HANDLING_UNTRUSTED_I
On Wed, Jun 18, 2014 at 05:44:05PM -0700, Steve Beattie wrote:
> This patch adds the abstractions/base abstraction to the
> HANDLING_UNTRUSTED_INPUT apache2 hat.
>
> [I dislike this because the idea for the HANDLING_UNTRUSTED_INPUT is
> that it is to be as minimal as possible, as sort of a poor ma