|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: possible gnome remote overflow
kay (kay
PHREEDOM.ORG)
Wed, 20 Oct 1999 13:42:20 +0300
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Next message: George Kurtz: "Re: Classes?"
- Previous message: Rick Magill: "Re: Need help cracking wwwboard passwd.txt"
- In reply to: Devin Walters: "Need help cracking wwwboard passwd.txt"
- Next in thread: Elliot Lee: "[update 2] Re: possible gnome remote overflow"
On Tue, Oct 19, 1999 at 01:58:17AM +0000, Crispin Cowan wrote:
> Ryan Permeh wrote:
>
> > This will crash an open X session, even from remote. I do not know a
> > lot about gnome, but i do know X sessions
> > crashing is generally regarded as a "Bad Thing". I poked at the code a
> > bit, but couldn't find the piece where
> > this is likely happening.
I'm not a GNOME guru too, but:
The program you refer to as gnome-ses is actually gnome-session, and it is
responsible for managing users' sessions (e.g. saving information about
active tasks, desktop geometry etc., on logout and restore everything on
the next logon).
Next, I failed to reproduce this on Debian Potato (unstable, upgraded up to
19 Oct 1999) using:
Linux kernel 2.2.12 + OpenWall ow6 patch
GNOME October Release
GNU libc 2.1.2
XFree86 3.3.5
First as a normal user I started a GNOME session using gdm (GNOME replacement
for xdm).
# dpkg -l libc6 gnome-session xlib6g gdm
[snip]
ii libc6 2.1.2-5 GNU C Library: Shared libraries and timezone
ii gnome-session 1.0.53-2 The Gnome Session Manager
ii xlib6g 3.3.5-1 shared libraries required by X clients
ii gdm 2.0-0.beta4.2 GNOME Display Manager
# lsof -i | grep gnome
gnome-ses 764 kay 3u inet 1054 TCP *:1029 (LISTEN)
gnome-nam 828 kay 4u inet 1295 TCP *:1039 (LISTEN)
gnomepage 839 kay 5u inet 1370 TCP *:1042 (LISTEN)
# dd if=/dev/urandom count=1048576 ibs=1024 | nc localhost 1029
[...]
Nothing happend, GNOME was running just fine during and after my flooding.
> If X and Gnome were StackGuarded, then you might get a present in your
> syslog telling you the name of the function containing the smashed buffer:
>
> * if the buffer was an auto variable
> * and if the function containing the buffer tried to return *before* the
> core dump happened
Really neat features, IMHO.
> Conversely, if someone can point us at an easy to recompile-from-source
> pile of source RPMs for the necessary Gnome components, then we might take
> a poike at it.
I think the GNOME distribution includes SRPM's as well as tarballs?
Regards,
-- key ID: 1024D/F00A7E3F (DSS) user ID: kay <kay
- Next message: George Kurtz: "Re: Classes?"
- Previous message: Rick Magill: "Re: Need help cracking wwwboard passwd.txt"
- In reply to: Devin Walters: "Need help cracking wwwboard passwd.txt"
- Next in thread: Elliot Lee: "[update 2] Re: possible gnome remote overflow"
This archive was generated by hypermail 2.0b3 on Sun Oct 24 1999 - 12:26:35 CDT