Date: Wed, 11 Jul 2012 17:31:28 +0400 From: Solar Designer <solar@...nwall.com> To: oss-security@...ts.openwall.com Subject: Re: libdbus hardening On Wed, Jul 11, 2012 at 11:05:03AM +0200, Sebastian Krahmer wrote: > Ok. We are not in a hurry. I added the new patch to > > https://bugzilla.novell.com/show_bug.cgi?id=697105 > > using __secure_getenv(). You could want to add a #warning after the #else (when __secure_getenv is not detected by the configure script), although I'd prefer these things to be fail-close (build failing if __secure_getenv is expected to be present, but is not detected). This is an issue with security-related autoconf checks in general. Alexander
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.