GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE
  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Embed Notice

HTML Code

Corresponding Notice

  1. Embed this notice
    翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Friday, 04-Apr-2025 15:21:14 JST翠星石翠星石
    in reply to
    • 翠星石
    • H. Faust
    @hfaust Of course they never name the GNU (there would be no mention of GNU if it wasn't for the 2 gnu.org URLs).

    >extend our analysis to other bootloaders like U-boot and Barebox, which share code with GRUB2
    Considering you cannot combine GPLv3-or-later with GPLv2-only, this doesn't seem correct.

    They also write about "saving a weeks worth of time", but they've clearly wasted more than a weeks worth of time filing pointless CVEs (which are only useful if you want to embarrass a proprietary software developer into fixing bugs).

    >The dangers of a GRUB2
    >Since bootloaders run before operating systems run
    Of course it's sooo dangerous to run GRUB and GRUB isn't an OS.

    If you want NX, ASLR, pointer authentication or stack cookies/canaries, it's simply a matter of enabling that in GCC or implementing it in the GRUB OS.

    >Suggestion of completely junk integer overflow detection like; if (size + 1 < size)
    It looks convincing, but those sort of checks *do not work*.

    The only working way to detect integer overflow is to use a compiler built-in like; __builtin_add_overflow https://gcc.gnu.org/onlinedocs/gcc/Integer-Overflow-Builtins.html

    https://git.savannah.gnu.org/cgit/grub.git/tree/include/grub/safemath.h#n29
    In conversationabout a month ago from freesoftwareextremist.compermalink

    Attachments

    1. Domain not in remote thumbnail source whitelist: www.gnu.org
      The GNU Operating System and the Free Software Movement
      from mailto:webmasters@gnu.org
      Since 1983, developing the free Unix style operating system GNU, so that computer users can have the freedom to share and improve the software they use.
    2. No result found on File_thumbnail lookup.
      Integer Overflow Builtins (Using the GNU Compiler Collection (GCC))
      Integer Overflow Builtins (Using the GNU Compiler Collection (GCC))
    3. Domain not in remote thumbnail source whitelist: git.savannah.gnu.org
      safemath.h\grub\include - grub.git - GNU GRUB
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.