Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://mastodon.social/users/hyc/statuses/112197467301264106">Howard Chu @ Symas (hyc@mastodon.social)'s status on Tuesday, 02-Apr-2024 11:42:15 JST</a><a href="https://mastodon.social/@hyc" title="hyc@mastodon.social"><img src="https://gnusocial.jp/avatar/29613-48-20221117233524.webp" width="48" height="48" alt="Howard Chu @ Symas" style="position: absolute; left: 0; top: 0;">Howard Chu @ Symas</a><div><a href="https://hachyderm.io/@dalias/112196561657811805" rel="in-reply-to">in reply to</a><ul><li></ul></div></section><article><p><a href="https://hachyderm.io/@dalias">@dalias</a> your mention of constructors reminded me of this ticket regarding destructors. <a href="https://github.com/openssl/openssl/issues/23575" rel="nofollow noreferrer">https://github.com/openssl/openssl/issues/23575</a></p><p>Unfortunately constructors are pretty much the safest way to do library init, especially in a threaded program. And you could do all kinds of mischief in a destructor too, running long after privilege checks were done.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/2890485#notice-5744154">In conversation</a><time datetime="2024-04-02T11:42:15+09:00" title="Tuesday, 02-Apr-2024 11:42:15 JST">about 8 months ago</time> <span>from <span><a href="https://mastodon.social/@hyc/112197467301264106" rel="external" title="Sent from mastodon.social via ActivityPub">mastodon.social</a></span></span><a href="https://mastodon.social/@hyc/112197467301264106">permalink</a><h4>Attachments</h4><ol><li><article><header><div>Domain not in remote thumbnail source whitelist: opengraph.githubassets.com</div><h5><a href="https://github.com/openssl/openssl/issues/23575Unfortunately">Issues · openssl/openssl</a></h5><div></div></header><div>TLS/SSL and crypto library. Contribute to openssl/openssl development by creating an account on GitHub.</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Howard Chu @ Symas (hyc@mastodon.social)'s status on Tuesday, 02-Apr-2024 11:42:15 JSTHoward Chu @ Symas
in reply to
- Rich Felker
@dalias your mention of constructors reminded me of this ticket regarding destructors. https://github.com/openssl/openssl/issues/23575
Unfortunately constructors are pretty much the safest way to do library init, especially in a threaded program. And you could do all kinds of mischief in a destructor too, running long after privilege checks were done.
In conversationabout 8 months ago from mastodon.socialpermalink
Attachments
1. Domain not in remote thumbnail source whitelist: opengraph.githubassets.com
  Issues · openssl/openssl
  TLS/SSL and crypto library. Contribute to openssl/openssl development by creating an account on GitHub.

Public

Embed Notice

HTML Code

Corresponding Notice