[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-debian
Subject: Re: http://klik.berlios.de/
From: Kurt Pfeifle <kpfeifle () danka ! de>
Date: 2004-05-26 2:25:06
Message-ID: 40B40002.4040205 () danka ! de
[Download RAW message or body]
Marcin Pawlik wrote:
> On Mon, Feb 02 at 02:21, Kurt Pfeifle wrote:
>
>>Hi, guys,
>>
>>any of you running Knoppix should have a look at this:
>>
>> ÿhttp://klik.berlios.de/
>
>
> [...]
>
>
>>Really, really cool stuff...
>
>
> Yes, looks useful. And dangerous. If I understand it correctly this is
> just a client side command execution protocol, without any control,
> sandboxing etc. Unfortunately I don't have time to dig deeper. I'm sure
> the author is just preparing a nice application and I'm sorry to be so
> suspicious but I'm really paranoid about such tools. It'd be nice if
> someone could check it. AFAIK there are no sources, protocol
> specification and:
>
> #v+
> [...]
>
> munmap(0x40001000, 54083) = 0
> vfork(Process 3309 attached (waiting for parent)
> Process 3309 resumed (parent 3308 ready)
> ) = 3309
> [pid 3309] --- SIGSTOP (Stopped (signal)) @ 0 (0) ---
> [pid 3308] waitpid(3309, Process 3308 suspended
> <unfinished ...>
> [pid 3309] getppid() = 3308
> [pid 3309] close(0) = 0
> [pid 3309] open("/proc/3308/as", O_RDWR|O_EXCL) = -1 ENOENT (No such file or directory)
> [pid 3309] ptrace(PTRACE_ATTACH, 3308, 0, 0) = -1 EPERM (Operation not permitted)
> [pid 3309] write(2, ".klik is being traced!\n", 23.klik is being traced!
> ) = 23
> [pid 3309] kill(3308, SIGKILL) = 0
> [pid 3309] exit_group(0) = ?
> Process 3308 resumed
> Process 3309 detached
> +++ killed by SIGKILL +++
> #v-
>
> I'm not a security specialist but it looks like klik is trying to
> protect itself from being traced by forking/parent tracing trick.
> Am I right?
>
Today I got confirmation from the author that klik is now put
under GPL, with source on the website (seems to be a while
already). I noticed a contradictory statement about the license
on the website which was promptly fixed. Also the source now
has at least "GPL" in it (though not a perfect legal statement
as seen elsewhere).
klik works like a charm with Knoppix. I tested it today. It is
certainly worth while to look more closely to.
The author was interested to come to aKadmy and become more
involved with KDE and kde-debian, but in August he is in the USA.
But he'll prepare a paper, and possibly Fabian Franz (Knoppix'
2nd man) will present it.
> Regards,
>
Cheers,
Kurt
_______________________________________________
kde-debian mailing list
kde-debian@kde.org
https://mail.kde.org/mailman/listinfo/kde-debian
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic