Re: ipcs output when running netscape shows --rwarwarwa
From: Robert Watson (rwatson@freebsd.org)
Date: 10/16/02
- Next message: Steve Reid: "Re: FW: monitor ALL connections to ALL ports"
- Previous message: twig les: "Re: Sniffer nic"
- In reply to: wolf: "ipcs output when running netscape shows --rwarwarwa"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 15 Oct 2002 20:46:18 -0400 (EDT) From: Robert Watson <rwatson@freebsd.org> To: wolf <mjoyner2@hq.dyns.cx>
Could be the sysvshm optimizations used by X11, as opposed to strictly
Mozilla. There were some posts about this sometime earlier this year (or
maybe last year) on bugtraq. I guess a first useful question is how
recent your X server is -- often FreeBSD users upgrade the base OS, but
let X age until there's a specific need to upgrade. If there was a
default protection fix for the X libraries, the problem could be your
Linux X shared libraries need updating, so you might also check the
version of those.
FWIW, my Linux Netscape does use shared libraries:
curry:~/p4/trustedbsd/mac/sys/kern> file
/usr/local/lib/linux-netscape6/mozilla-bin
/usr/local/lib/linux-netscape6/mozilla-bin: ELF 32-bit LSB executable,
Intel 80386, version 1 (SYSV), for GNU/Linux 2.0.0, dynamically linked
(uses shared libs), not stripped
It likewise appears to use poorly protected sysvshm segments:
curry:~/p4/trustedbsd/mac/sys/kern> ipcs
Message Queues:
T ID KEY MODE OWNER GROUP
Shared Memory:
T ID KEY MODE OWNER GROUP
m 2686976 0 --rwarwarwa rwatson rwatson
m 196609 0 --rwarwarwa rwatson rwatson
m 196610 0 --rwarwarwa rwatson rwatson
m 196611 0 --rwarwarwa rwatson rwatson
...
I suspect strongly my Linux X shared libraries are quite old. You might
try upgrading them specifically and see what happens.
Robert N M Watson FreeBSD Core Team, TrustedBSD Projects
robert@fledge.watson.org Network Associates Laboratories
On Sun, 13 Oct 2002, wolf wrote:
> Is the 'mode' as listed below a security issue?
>
> Linux Netscape 6 is running w/ mode rwarwarwa while all the other apps
> I've tested so far (all native compiled btw) show only --rw-------.
>
> :/
>
>
> bash-2.05a$ ipcs -m -o -p
> Shared Memory:
> T ID KEY MODE OWNER GROUP NATTCH CPID LPID
> m 262144 0 --rw------- mjoyner mjoyner 2 597 278
> m 1048577 0 --rwarwarwa mjoyner mjoyner 2 710 278
> m 1179650 0 --rwarwarwa mjoyner mjoyner 2 710 278
> m 131075 0 --rwarwarwa mjoyner mjoyner 2 710 278
> m 131076 0 --rwarwarwa mjoyner mjoyner 2 710 278
> m 131077 0 --rwarwarwa mjoyner mjoyner 2 710 278
> m 131078 0 --rwarwarwa mjoyner mjoyner 2 710 278
>
> bash-2.05a$ ps -p 710
> PID TT STAT TIME COMMAND
> 710 ?? S 0:37.54 ./mozilla-bin
>
> bash-2.05a$ ps -p 278
> PID TT STAT TIME COMMAND
> 278 ?? S 0:21.95 /usr/X11R6/bin/XFree86 -auth
> /var/lib/kdm/authfiles/A
>
> bash-2.05a$ uname -a
> FreeBSD ip-34.internal 4.7-STABLE FreeBSD 4.7-STABLE #0: Fri Oct 11
> 22:21:11 EDT 2002
> mjoyner@ip-34.internal:/usr/src/sys/compile/workstation i386
>
> bash-2.05a$
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Next message: Steve Reid: "Re: FW: monitor ALL connections to ALL ports"
- Previous message: twig les: "Re: Sniffer nic"
- In reply to: wolf: "ipcs output when running netscape shows --rwarwarwa"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
