Re: [hackers] [slock] No need for usage() || FRIGN

From: Dimitris Papastamos <sin_AT_2f30.org>
Date: Mon, 15 Feb 2016 10:38:04 +0000

On Mon, Feb 15, 2016 at 11:35:11AM +0100, FRIGN wrote:
> On Mon, 15 Feb 2016 11:15:50 +0100
> Markus Teich <markus.teich_AT_stusta.mhn.de> wrote:
>
> Hey Markus,
>
> > I have to agree with Christoph here. People running off git can just use the rev
> > id they are using. I don't get what you mean with the attack surface sentence.
>
> it was a rather weak argument by me, but still a possibility. Say somebody is running
> an older version of slock, an "attacker" could probe it out.
> However, after further consideration, this could also be done by examining the
> behaviour of the problem while locked to identify an older version. Nevermind then.
>
> > I think we can ignore the possibility of someone wanting to call his custom `-h`
> > or `-v` binary when the screen is locked and revert the commit.
>
> My considerations here were that it was quite arbitrary not to document -h, given
> we "allow" a command to be passed to slock as second + further arguments.
> However, I respect your stances on this and will revert it, but also document -h
> in the manpage.

The right way to do this is to consider -h an invalid option. For
invalid options always print usage.
Received on Mon Feb 15 2016 - 11:38:04 CET