On Sat, May 25, 2013 at 12:16 PM, Yasha Karant <[log in to unmask]> wrote:
> Almost any program that uses a hard coded filename path can be "tricked"
> through the use of soft links. It is only programs that expect very
> specific verification/activation encrypted sequences in specific files, and
> that in some cases "call home", typically from for-profit vendors attempting
> to enforce strict compliance with a licensing "agreement" (the vendor
> dictates, the user must agree), for which this method may (in some cases)
> pose a problem.
*Down*, boy. I can think of half a dozen such programs that use
out-of-band config that are in weird places. These include the perl
CPAN "Config.pm" file, the Emacs config files in /usr/share/emacs, the
"ilastik" component of the open source "CellProfiler" genetic analysis
toolkit I looked at last year,, the "/var/www/naglite3/config.php"
that is part of Naglite3, etc. None of these are in "/etc", and
they're difficult to derive without actually reading the build
system's code.
And do not get me *started* on anything written by Dan Bernstein,
whose qmail, djbdns, and daemontools try the best to spew their config
files all over the top level directories in "/" without form or
standard.
> However, one needs to know WHERE the magic files are kept, and, preferably,
> the internal layout (format) of the files and the data therein.
>
> Yasha Karant
Right. The problem is that It's not derivable, it depends on the
standards followed by upstream dependencies.
|