threebar` has joined #neo900
threebar` has quit [Changing host]
threebar` has joined #neo900
threebar- has quit [Ping timeout: 245 seconds]
infobot has quit [Read error: Connection reset by peer]
infobot has joined #neo900
Pali has quit [Ping timeout: 246 seconds]
Kabouik has quit [Quit: Leaving]
Kabouik has joined #neo900
ArturSha1 has joined #neo900
threebar- has joined #neo900
threebar` has quit [Ping timeout: 248 seconds]
preview has joined #neo900
_Chris_ has quit [Remote host closed the connection]
Donnager has quit [Write error: Broken pipe]
dazinism has quit [Write error: Broken pipe]
_whitelogger has joined #neo900
fling is now known as bedflinger
bedflinger is now known as fling
pagurus` has quit [Read error: Connection reset by peer]
pagurus has joined #neo900
_whitelogger has joined #neo900
_whitelogger has joined #neo900
wpwrak has quit [Read error: Connection reset by peer]
wpwrak has joined #neo900
Donnager has joined #neo900
illwieckz has quit [Ping timeout: 272 seconds]
wpwrak has quit [Read error: Connection reset by peer]
wpwrak has joined #neo900
_whitelogger has joined #neo900
illwieckz has joined #neo900
infobot has quit [Ping timeout: 245 seconds]
yanu_ has joined #neo900
yanu_ has quit [Client Quit]
illwieckz has quit [Ping timeout: 276 seconds]
illwieckz has joined #neo900
himcesjf_ has joined #neo900
him-cesjf has quit [Ping timeout: 268 seconds]
himcesjf_ is now known as him-cesjf
Pali has joined #neo900
_whitelogger has joined #neo900
preview has quit [Ping timeout: 264 seconds]
_Chris_ has joined #neo900
_whitelogger has joined #neo900
houkime has joined #neo900
<houkime> I found ipc standards for BGA courtyards a bit ridiculous and searched for an updated IPC-7351C... only to find this thread. https://www.pcblibraries.com/forum/ipc7351c-draft-or-release-date_topic1818_page1.html
<houkime> so from now i will be far more critical of ipc standards (mostly about their correspondence to current manufacturers capabilities) and employ common logic and metacollin's stuff where datasheets don't recommend anything in particular.
<houkime> Though strategically what i think should happen is that oshw community produce some exhaustive open guidelines on their own.
<houkime> just on the git server somewhere, so people can commit and compile from datasheets, experience and manufacturer data actual contemporary requirements for a PCB design.
<houkime> *producible PCB design.
<houkime> (the thread basically says that IPC is dead)
<houkime> (and is unlikely to update any time soon)
<Joerg-Neo900> >>i will be far more critical of ipc standards [...] employ common logic and metacollin's stuff<< :thumbsup: :-)
<Joerg-Neo900> you caught up with our internal discusion and conclusions/decisions
houkime has quit [Ping timeout: 260 seconds]
xmn has joined #neo900
<Joerg-Neo900> yeah, $() escape exploit in filename of icon
<Joerg-Neo900> in .desktop
<Joerg-Neo900> I already argues with some other hackers yesterday, and finally stand corrected as this would have hit me if I opened any arbitrary dir with konqueror
<Joerg-Neo900> writing a .desktop to ~/Desktop is for sure sth you should try to NOT do when source is shady
<Joerg-Neo900> but even extracting a shady origin tarbal into /tmp/foobar/ would hit you if you open /tmp/foobar/ with konqueror then
<Joerg-Neo900> >>the researcher says the vulnerability can be used to place shell commands inside the standard "Icon" entries found in .desktop and .directory files<<
yanu has quit [Ping timeout: 248 seconds]
<Joerg-Neo900> icon=$(rm -rf /) somesuch
<Joerg-Neo900> [Desktop Entry]
<Joerg-Neo900> Type=Directory
<Joerg-Neo900> Icon[$e]=$(echo${IFS}0>~/Desktop/zero.lol&)
<Joerg-Neo900> nifty use of $IFS
ArturSha1 has quit [Ping timeout: 272 seconds]
<Joerg-Neo900> Remediation:
<Joerg-Neo900> Disable shell expansion / dynamic entries for [Desktop Entry] configurations.
<Joerg-Neo900> MY remediation: *sign* .desktop files with your local PK and expand only files that gave valid signature
<Joerg-Neo900> have, even
<Joerg-Neo900> if expansion detected in an unsigned .desktop file: Rise BIG FAT WARNING requester wit options "DONT EXPAND" "EXPAND ONCE" and "SIGN AND EXPAND ALWAYS"
<Joerg-Neo900> of course requester will show the suspicious line "of code" in .desktop
<Joerg-Neo900> and a 4th option should be "open in $EDITOR"
<Joerg-Neo900> in my book *this* is the canonical way to handle such stuff
<Joerg-Neo900> not feature neutering
<Joerg-Neo900> which always is a lazy idiot's option to deal with such problems
threebar` has joined #neo900
<Joerg-Neo900> you got no idea at all how many users out ther4e depend on this feature
threebar- has quit [Ping timeout: 258 seconds]
Kabouik_ has joined #neo900
threebar` has quit [Quit: Leaving]
Konsieur has joined #neo900
Kabouik_ has quit [Ping timeout: 264 seconds]
preview has joined #neo900
him-cesjf has quit [Ping timeout: 248 seconds]
preview has quit [Ping timeout: 276 seconds]
preview has joined #neo900
clapont has quit [Ping timeout: 245 seconds]
Kabouik has quit [Remote host closed the connection]
clapont has joined #neo900
Oksana_ has joined #neo900
Oksana_ has quit [Changing host]
Oksana_ has joined #neo900
Oksana has quit [Ping timeout: 246 seconds]
Oksana_ is now known as Oksana
xmn has quit [Remote host closed the connection]
Pali has quit [Ping timeout: 272 seconds]