artswrapper defanged
Thomas Zander
zander at planescape.com
Fri Jul 19 11:40:26 BST 2002
On Friday 19 July 2002 09:22, Stefan Westerfeld wrote:
> Hi!
...
> Well, you don't seem to understand the nature of the "exploit".
>
> The _very purpose_ of artswrapper is to give artsd a very high priority and
> drop the root privileges thereafter. It does _exactly_ this. So artswrapper
> is neither broken nor vulnerable.
>
> The _very purpose_ of a sound server is to compute the things (sound, that
> is), that the user wants to compute. This produces CPU usage, and depending
> on how complex the computations are, more CPU usage.
>
> The _combination_ of these two purposes leads to a straightforward "local
> denial of service attack": you let artsd compute lots of things. Since
> artsd monitors its own CPU usage, you can only safely take away 90% of the
> CPU usage a system has. Solution: start another artsd. Then you can take
> away 100% of the CPU usage a system has. So a non root user can produce a
> system hang in tiny shell script (will not post it here).
It seems to me that this can be fixed correctly. I can't think of a good way
to do this right now, but arguing like this will not get the problem solved,
good old hacking and brainstorming might :)
As you point out, there is a very real problem, and you also point out that it
is not really easy to fix this.
That only makes me believe that Rik made the right decision to disable the
code for now, giving you guys time to think about a better solution.
We all want this to be enabled soon again, but please make sure the problem
pointed out are fixed.
I remember people arguing that a simple bash script which spawned sub-bashes
was a DOS attack that could not be solved. In fact it has been solved, and
it probably took some people a long time to do so.
If you want you can take the shortcut and do the GUI-solution you pointed out,
but that should be a temporary solution until a good and fool-proof fix is in
place.
Thanx. for reading :)
--
Thomas Zander zander at planescape.com
We are what we pretend to be
More information about the kde-core-devel
mailing list