Mario, could you walk me through how this library is going to be used? - What processes use this library? - How are they started? - What user interaction do they have? How about their parents? - What controls are in place to avoid operating on untrusted inputs?
I'm worried that the tool may not be suitable for unattended undirected automated use when fed malicious inputs. If inputs can be determined to only come via cryptographically signed sources we may be able to work with this tool all the same. (I'd feel most comfortable if the instructions here were, "download a new bios from https://support.dell.com/... ; gpg --import verylongkeyhash ; gpg --verify bios.gpg bios && updatebios ./bios". Any amount of automation beyond that has me worried.) Thanks -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1603072 Title: [MIR] libsmbios To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libsmbios/+bug/1603072/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
