No relation to the sports channel.

  • 0 Posts
  • 15 Comments
Joined 2 years ago
cake
Cake day: June 9th, 2023

help-circle
  • But if someone creates a file called HEAD, should it overwrite a file called head?

    That shouldn’t matter to the “nontechnical” end-user at all. To the nontechnical user, even the abstraction of “creating a file” has largely gone away. You create a document, and changes you make to it are automatically persisted to storage, either local or cloud.

    Only the technical command-line user cares about whether /usr/bin/HEAD and /usr/bin/head are the same path. And only in a specific circumstance — such as the early days of Mac OS X, where the Macintosh and Unix cultures collided — could the bug that I described emerge.


  • I recall a case-insensitivity bug from the early days of Mac OS X.

    There are three command-line utilities that are distributed as part of the Perl HTTP library: GET, HEAD, and POST. These are for performing the HTTP operations of those names from the command line.

    But there’s also a POSIX-standard utility for extracting the first few lines of a text file. It’s called head.

    I think you see where I’m going with this. HEAD and head are the same name in a case-insensitive filesystem such as the classic Mac filesystem. They are different names on a Unix-style filesystem.

    Installing /usr/bin/HEAD from libwww-perl onto a Mac with the classic filesystem overwrote /usr/bin/head and broke various things.














  • fubo@lemmy.worldtoTechnology@lemmy.worldPasswords
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    2 years ago

    Since 2017 at least; and IIRC years before that; that’s just the earliest NIST publication on the subject I could find with a trivial Web search.

    https://pages.nist.gov/800-63-3/sp800-63b.html

    Verifiers SHOULD NOT impose other composition rules (e.g., requiring mixtures of different character types or prohibiting consecutively repeated characters) for memorized secrets. Verifiers SHOULD NOT require memorized secrets to be changed arbitrarily (e.g., periodically). However, verifiers SHALL force a change if there is evidence of compromise of the authenticator.

    “Memorized secrets” means classic passwords, i.e. a one-factor authentication through a shared secret presumed to be known to only the right person.