chuso.net

How to split back with POSIX standard tools text files that were merged into one single file.

Since Novembmer ‘21 update, Active Directory new conditions may make it raise a CONSTRAINT_ATT_TYPE violation affecting other products.

So let me put it clear from the first line: trusting invalid certificates is wrong.

And now I will explain why it’s wrong and why there are few excuses for it.

We are talking here about certificates for SSL encryption, which serves basically two purposes:

• Privacy — data is transferred encrypted and can only be decrypted by the intended recipient and not a third party wiretapping the line.
• Authentication — making sure the receiving end that will be able to decrypt the data is who they claim to be and data is not diverted to a different receiver by a third party with access to manipulating our transfers.

Invalid certificates obviously defeat the second purpose of verifying the other end’s identity:

Yes, I know, it may be a little stupid renaming ld.so, can we skip this detail?
It's not something I do very often, but that day I felt like I had to innovate or something like that.

But innovation was a disaster, it is not a good idea to rename a library linked using its exact path by all system dynamic executables, just to take into account if you are going to have the same idea.