Custom Query (1145 matches)
Results (136 - 138 of 1145)
Ticket | Resolution | Summary | Owner | Reporter |
---|---|---|---|---|
#209 | fixed | maple / java problem on 64 bit machines | opolon | |
Description |
It looks like the 64bit JRE is not properly installed / linked, when using maple. For instance, add java add maple maple -x returns: eval: 1: /mit/maple_v12.0/distrib/jre.X86_64_LINUX/bin/java: not found |
|||
#260 | fixed | PXE installer: make danger as obvious as possible | nocturne | |
Description |
In the Athena-10 PXE-installer menu, (c.f. http://debathena.mit.edu/images/athena10-menu.png), I'd suggest rephrasing option (1) to make it as obvious as possible to a casual/careless user that this option erases all their data. Instead of "Perform an unattended Athena 10 install, WIPING OUT your ENTIRE DISK", I might suggest "DESTROY ALL DATA ON your COMPUTER'S DISK and perform an unattended Athena 10 install", which both mentions the erasure before "Athena 10", and is somewhat more readable to particularly naive users than "wipe out your disk". |
|||
#820 | fixed | debathena-metrics should only accept messages from the kernel | nelhage | |
Description |
Since auditing for this seems to be my thing lately.... Any process can send a netlink message to any other userspace netlink socket on the system, so users can fake arbitrary proc-connector events. You need to verify the sender was actually the kernel by checking the pid on the received address. You probably don't really care for debathena-metrics, but the connector code is written to be generic, so we might as well fix it lest someone else grab it for another purpose. diff --git a/debathena/metrics/connector.pyx b/debathena/metrics/connector.pyx index 5900556..1f0c44d 100644 --- a/debathena/metrics/connector.pyx +++ b/debathena/metrics/connector.pyx @@ -270,14 +270,16 @@ cdef class Connector: cdef proc_event *ev cdef object ret - from_addr.nl_family = AF_NETLINK - from_addr.nl_groups = CN_IDX_PROC - from_addr.nl_pid = 1 s = sizeof(from_addr) - if recvfrom(self.sock, buf, sizeof(buf), 0, - <sockaddr *>&from_addr, &s) == -1: - raise IOError(errno, strerror(errno)) + while True: + if recvfrom(self.sock, buf, sizeof(buf), 0, + <sockaddr *>&from_addr, &s) == -1: + raise IOError(errno, strerror(errno)) + + if from_addr.nl_pid != 0: + # Ignore messages that don't come from the kernel + continue |