- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
Set this comment to featured, I guess.
Admin
Chief Wiggums' son is Ralph, m-hay. Nelson Muntz is the "ha-ha" kid, no relation between them, but Nelsons' grandfather is a judge, with the robes and gavel, good goyven-glayven!
Admin
Admin
Specifically, I'm with the folks who are wondering what this script is doing on TDWTF. It's a slightly messy and slightly overcomplicated, but otherwise apparently perfectly workable, init script for a Linux device. I haven't seen one plausible WTF comment about it. Indeed, the things I find the most disturbing---the 1-second sleep, the gratuitous tarball created in the middle, the mass copying of files around the system rather than symlinking---haven't been commented on at all.
Lots of Simpsons discussion and not-very-insightful comments about rm paths, though.
Lately CSOD has been a huge disappointment. Quite a few snippets have been posted for which the largest WTF seems to be that the poster and editor didn't understand what the code is doing. Not that we get more than a few CSODs a month now anyhow.
Hing: Before you post a chunk of code outside your area of expertise as WTF, talk to a clueful developer or two who specializes in that area, and see what they think. If they aren't too bothered by it, you don't get to be.
Admin
No, that kind of "security" is just a plain bad idea. If attacker can control environent, then IFS, LD_PRELOAD etc etc works very well. Protecting against a specific instance (exploit) of a general attack vector is just sad. Fix the problem, not the symptom.
Btw: the real reason for doing e.g. /bin/ls is to avoid confusion with a possible user alias ls, or a with possible "extended version" of the command in /local/bin (e.g. GNU ls installed there on a legacy UNIX). (Usually, this is not an issue with system scripts). So sometimes it has its merits, but not really related to security.
Admin
It is not related; "Many of these settings, such as max_size, max_delay, and min_delay, relate to controlling the size of the routing cache."
Anyway, why hasn't anyone put more empasis on ICMP? http://www.networksorcery.com/enp/protocol/icmp/msg3.htm "Another case is when a datagram must be fragmented to be forwarded by a gateway yet the Don't Fragment flag is on. In this case the gateway must discard the datagram and may return a destination unreachable message."
So basically, when the packets becomes sufficiently large, this router will silently fail to forward it. Now for a treat: if machine X will send a jumbo frame ( http://en.wikipedia.org/wiki/Jumbo_Frame ) or other large frame, and it actually manages to pass through all the way to this dsl router, it will die when reaching an Fast Ethernet with 1500 MTU. Might not be the cause (so many if's and but's: is their part of the internet supporting large frames, etc etc), but darn it would explain the symptoms described.
Maybe the editor had figured that out as well :-)
Admin
an lengthy explaination: http://www.netheaven.com/pmtu.html
i.e. it is retarded to drop outgoing ICMP 3 (unless you like getting your connections to die, die, die)
Admin
you call /bin/rm to avoid user's aliases (rm -i)
Admin
and they've used insmod all over the place... should use modprobe.