Excellent!
1 Like
test -L filename
âŚchecks symlinks.
1 Like
I was thinking of just checking if the file is a regular, because that would block all others types of files.
pure-bash-bible - file conditionals
-bblock special file-ccharacter special file-ddirectory-h,-Lsymbolic link-pnamed pipe-topen file descriptor-Ssocket
From all of the file alternatives, I donât think vitor should edit anything that is not a a -f regular file. What do you think?
That is OK.
Pointing out âitâs a symlinkâ would be good for usability. If you like implementing this. Small usability gain.
if test -L /path/to/filename ; then
echo something
fi
1 Like
More answers to come soon, probably.
Yes, edit regular file only.
1 Like
Well, a lot of this is for quite advanced threat models. The problem is, while many geeks assume that threat model, I havenât seen it fully spelled out.
Itâs for very nuanced, advanced threat models. See:
There are good arguments between âall sudo is security theaterâ, âmalware running under user account is as good as root compromiseâ as well as
So in case of editing a torrc file on the gateway (maybe even any Debian) itâs hard to come up with a realistic threat where this would prevent security compromise.
1 Like
Pointing out âitâs a symlinkâ would be good for usability. If you like implementing this. Small usability gain.
Done with info messages.
So in case of editing a torrc file on the gateway (maybe even any Debian) itâs hard to come up with a realistic threat where this would prevent security compromise.
Yeah, no way to cover all possible security ground. What could be done was done.
1 Like
Vitor is not gonna be included by TPO because now they are focusing on Rust for Arti, so unless someone contributes, it is not gonna happen upstream.
1 Like