Hacker News: chusohttps://news.ycombinator.com/user?id=chusoHacker News RSShttps://hnrss.org/hnrss v2.1.1Sat, 02 May 2026 11:53:25 +0000<![CDATA[New comment by chuso in "Copy Fail"]]>It's the same with Gentoo, setuid binaries are installed without read permission.

But modifying a setuid binary is just the demo exploit that was published with the vulnerability disclosure. The vulnerability actually allows modifying four bytes in any readable file. That means system configuration files, other binaries intended to be run by root, libraries... It's not limited to modifying setuid binaries.

]]>Thu, 30 Apr 2026 08:05:59 +0000https://news.ycombinator.com/item?id=47959620chusohttps://news.ycombinator.com/item?id=47959620https://news.ycombinator.com/item?id=47959620<![CDATA[New comment by chuso in "Balancing “If it ain’t broke, don’t fix it” vs. “Release early and often”"]]>Break it often and don't fix it.

]]>Fri, 23 Sep 2022 15:11:47 +0000https://news.ycombinator.com/item?id=32952985chusohttps://news.ycombinator.com/item?id=32952985https://news.ycombinator.com/item?id=32952985<![CDATA[New comment by chuso in "ISPs Removing Their Customers' Email Encryption"]]>AFAIK, GnuPG and S/MIME only encrypt message body, but not its headers such as sender, receipt, date, subject, ...

]]>Tue, 11 Nov 2014 23:21:44 +0000https://news.ycombinator.com/item?id=8592977chusohttps://news.ycombinator.com/item?id=8592977https://news.ycombinator.com/item?id=8592977