system activity / detailed memory usage in 4.8.1 ?

Duncan 1i5t5.duncan at cox.net
Sun Mar 18 17:45:37 GMT 2012 

Martin Koller posted on Sun, 18 Mar 2012 17:09:47 +0100 as excerpted:

> I was looking into the source of ksysguard and found that it can load
> .desktop files which define some additional actions in the RMB.
> (In the source it uses KGlobal::dirs()->findAllResources("data",
> "ksysguard/scripts/*/*.desktop",...)
> 
> In the rpm I have installed here
> (kdebase4-workspace-ksysguardd-4.8.1-729.4.i586)
> there is not even the scripts directory, so the file which is obviously
> missing in the RPM is smaps.desktop, which I found in ksysguard source
> tree.
> 
> ok, thanks for your help - I'm going to bother the openSuse packagers...
> ;-)

It's worth noting that in gentoo, installing the ksysguard package prints 
a warning:

"Note that ksysguard has powerful features; one of these is the
executing of arbitrary programs with elevated privileges (as data 
sources).  So be careful opening worksheets from untrusted sources!"

Again, it's possible your distro disables some of that for security 
reasons.

One of the more recent discussions in kernel security has been debate 
over normal user access to various memory mapping information that then 
allows bypassing address randomization schemes that help prevent someone 
from exploiting buffer overrun type vulnerabilities.  As with many 
security decisions, there's a balance between usability and security, 
with the more security conscious choosing to forgo certain usability 
conveniences.  This sort of somewhat obscure detailed memory mapping 
information is just the sort of thing that security conservative distros 
might choose to disable, believing normal users don't need and generally 
won't miss that information anyway, while arranging for it not to be 
exposed arguably does increase security, if only incrementally.


Meanwhile, I routinely run live-git kernels here, and hadn't updated in 
the last day or two, so decided to do a git-pull and kernel rebuild, and 
took the opportunity to enable that kernel option.  So now I have smaps 
enabled, and see all the info in that report.  It is indeed nice, and at 
the level exposed there, I don't see the kde side as a security concern, 
especially if smaps are enabled in the kernel already.  Still, it's 
possible part of the scripting functionality was disabled due to other 
scripts that it allowed to run.

But again, I'd guess it's more likely that it was simply disabled 
accidentally.  KDE has recently converted to git (from svn) for many of 
their sources, and continues to split up the former huge multi-package 
source tarballs into smaller chunks, so stuff is moving around.  It's 
thus quite possible that these bits moved and the OpenSuSe package 
process simply missed some bits in the current round.

-- 
Duncan - List replies preferred.   No HTML msgs.
"Every nonfree program has a lord, a master --
and if you use the program, he is your master."  Richard Stallman

___________________________________________________
This message is from the kde mailing list.
Account management:  https://mail.kde.org/mailman/listinfo/kde.
Archives: http://lists.kde.org/.
More info: http://www.kde.org/faq.html.

More information about the kde mailing list