[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-debian
Subject:    Re: http://klik.berlios.de/
From:       Kurt Pfeifle <kpfeifle () danka ! de>
Date:       2004-05-26 2:25:06
Message-ID: 40B40002.4040205 () danka ! de
[Download RAW message or body]

Marcin Pawlik wrote:

> On Mon, Feb 02 at 02:21, Kurt Pfeifle wrote:
> 
>>Hi, guys,
>>
>>any of you running Knoppix should have a look at this:
>>
>>    ÿhttp://klik.berlios.de/
> 
> 
> [...]
> 
> 
>>Really, really cool stuff...
> 
> 
> Yes, looks useful. And dangerous. If I understand it correctly this is
> just a client side command execution protocol, without any control,
> sandboxing etc. Unfortunately I don't have time to dig deeper. I'm sure
> the author is just preparing a nice application and I'm sorry to be so
> suspicious but I'm really paranoid about such tools. It'd be nice if
> someone could check it. AFAIK there are no sources, protocol
> specification and:
> 
> #v+
> [...]
> 
> munmap(0x40001000, 54083)               = 0
> vfork(Process 3309 attached (waiting for parent)
> Process 3309 resumed (parent 3308 ready)
> )                                 = 3309
> [pid  3309] --- SIGSTOP (Stopped (signal)) @ 0 (0) ---
> [pid  3308] waitpid(3309, Process 3308 suspended
>  <unfinished ...>
> [pid  3309] getppid()                   = 3308
> [pid  3309] close(0)                    = 0
> [pid  3309] open("/proc/3308/as", O_RDWR|O_EXCL) = -1 ENOENT (No such file or directory)
> [pid  3309] ptrace(PTRACE_ATTACH, 3308, 0, 0) = -1 EPERM (Operation not permitted)
> [pid  3309] write(2, ".klik is being traced!\n", 23.klik is being traced!
> ) = 23
> [pid  3309] kill(3308, SIGKILL)         = 0
> [pid  3309] exit_group(0)               = ?
> Process 3308 resumed
> Process 3309 detached
> +++ killed by SIGKILL +++
> #v-
> 
> I'm not a security specialist but it looks like klik is trying to
> protect itself from being traced by forking/parent tracing trick. 
> Am I right?
> 

Today I got confirmation from the author that klik is now put
under GPL, with source on the website (seems to be a while
already). I noticed a contradictory statement about the license
on the website which was promptly fixed. Also the source now
has at least "GPL" in it (though not a perfect legal statement
as seen elsewhere).

klik works like a charm with Knoppix. I tested it today. It is
certainly worth while to look more closely to.

The author was interested to come to aKadmy and become more
involved with KDE and kde-debian, but in August he is in the USA.
But he'll prepare a paper, and possibly Fabian Franz (Knoppix'
2nd man) will present it.

> Regards,
> 

Cheers,
Kurt

_______________________________________________
kde-debian mailing list
kde-debian@kde.org
https://mail.kde.org/mailman/listinfo/kde-debian
[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic