[Ffmpeg-devel] CVS --> Subversion conversion, test repository

Christian Iversen chrivers
Wed May 24 18:49:37 CEST 2006


On Wednesday 24 May 2006 17:52, Rich Felker wrote:
> On Tue, May 23, 2006 at 03:31:22PM +0200, Christian Iversen wrote:
> > > > > > - Runs on apache, so it's a proven technology with a fair
> > > > > > security history.
> > > > >
> > > > > Apache is proven but surely not secure, just revisit its formidable
> > > > > list of security advisories.  Besides Apache is huge and complex,
> > > > > which in itself is a contradiction to being secure.  svnserve on
> > > > > the other hand is small and does just one thing.  It's been in
> > > > > production use for enough time to call proven technology as well
> > > > > IMO.
> > > >
> > > > In my defense, I wrote "fair", not "perfect" ;-)
> > >
> > > OK.  Still Apache is something to worry about, it's not vsftpd ..
> >
> > I'd worry about any internet-enabled program, but that's just me. I
> > understand your point though :-)
>
> #include <stdio.h>
> #include <netinet/in.h>
> #include <sys/socket.h>
> int main()
> {
> 	struct sockaddr_in sin = { .sin_family = AF_INET, .sin_port = htons(1234),
> .sin_addr = { .s_addr = 0 } }; int s = socket(AF_INET, SOCK_STREAM, 0), t;
> 	bind(s, &sin, sizeof sin);
> 	listen(s, 1);
> 	while ((t = accept(s)) >= 0) {
> 		printf("hello, world\n");
> 		close (t);
> 	}
> 	return 0;
> }
>
> Some internet-enabled progs are vuln, others are not. :)

Hehe :-)

> After looking at how Apache is coded I would assume it's vuln.....

Well, at least my mail program is saf"#!)(%&()/&

NO CARRIER

-- 
Regards,
Christian Iversen




More information about the ffmpeg-devel mailing list