netscape call chown
hi...
today i found that netscape calls "chown".
using netscape 4.7 and suse 6.3 (all updated) i had enabled java and javascript
(not for emails..) and disabled cookies including to warn.
after i'd calling the website www.einslive.de and wanna go back via click to
home to my homesite www.heise.de, netscape hangs.
looking in kde-taskmanager i found a zombie "chown" and saw, that this was
initialized from netscape. nothing was happend, just netscape hangs.
for my underständing it is incredible that netscape can call chown. whyever.
there is no one reason therefore.
should be checked or?
----------------------------------
E-Mail: Oliver Leue
Hi,
today i found that netscape calls "chown".
using netscape 4.7 and suse 6.3 (all updated) i had enabled java and javascript (not for emails..) and disabled cookies including to warn.
after i'd calling the website www.einslive.de and wanna go back via click to home to my homesite www.heise.de, netscape hangs.
looking in kde-taskmanager i found a zombie "chown" and saw, that this was initialized from netscape. nothing was happend, just netscape hangs.
for my underständing it is incredible that netscape can call chown. whyever. there is no one reason therefore.
should be checked or?
Send bug reports concerning non-open-source programs to the authors. We can't fix bugs w/o source code. Bye, Thomas -- Thomas Biege, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg E@mail: thomas@suse.de Function: Security Support & Auditing "lynx -source http://www.suse.de/~thomas/thomas.pgp | pgp -fka" Key fingerprint = 09 48 F2 FD 81 F7 E7 98 6D C7 36 F1 96 6A 12 47
On Tue, 18 Jan 2000, Thomas Biege wrote:
Hi,
today i found that netscape calls "chown".
using netscape 4.7 and suse 6.3 (all updated) i had enabled java and javascript (not for emails..) and disabled cookies including to warn.
after i'd calling the website www.einslive.de and wanna go back via click to home to my homesite www.heise.de, netscape hangs.
looking in kde-taskmanager i found a zombie "chown" and saw, that this was initialized from netscape. nothing was happend, just netscape hangs.
for my underständing it is incredible that netscape can call chown. whyever. there is no one reason therefore.
should be checked or?
Send bug reports concerning non-open-source programs to the authors. We can't fix bugs w/o source code.
Bye, Thomas -- Thomas Biege, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg
I think, that this is not a bug report, this is a security question! If something happens as mentioned above, this should be dicussed! (btw I found the same a zombie of chmod started by Netscape) Marc R. Stockmeier
On 18-Jan-00 Thomas Biege wrote:
Hi,
today i found that netscape calls "chown".
not chown, but chmod.
Send bug reports concerning non-open-source programs to the authors. We can't fix bugs w/o source code.
that's what i did. send it to netscape.
but that's not only a bug. it's a security-hole too isn't it?
----------------------------------
E-Mail: Oliver Leue
Oliver Leue wrote:
today i found that netscape calls "chown". not chown, but chmod. Send bug reports concerning non-open-source programs to the authors. We can't fix bugs w/o source code. that's what i did. send it to netscape. but that's not only a bug. it's a security-hole too isn't it?
Well, we do a simple "grep chmod /usr/X11R6/bin/netscape" and found this command in the SuSE netscape startup-script . So, is it a "bug" in netscape or in the startup script?! -- Rainer Link, eMail: linkra@fh-furtwangen.de, WWW: http://rainer.w3.to/ Student of Communication Engineering/Computer Networking, University of Applied Sciences,Furtwangen,Germany,http://www.ce.is.fh-furtwangen.de/
Hi, your problem certainly is a security-question. But IMHO you put the cart before the horse. It's a feature not a bug here. For security reasons you should block JavaScript, ActiveX and alike on every internet traffic browsers. If you look around security lists they will tell you many breaches you are opening with allowing the execution of active contents. To be honest: The security-hole is mainly with the user allowing JavaScript or ActiveX, not with the browser calling chmod. The question of finding sw-products with features that produce security-holes is a different one - and not to be discussed here. -------------- ------------------- 9th EICAR Annual Conference in Brussels, Belgium, EU. March 4th-7th, 2000. http://www.eicar.dk/ eicar-online: http://www.eicar.org/ -------------- ------------------- Hans von Sommerfeld, Freelance IT-Consultant snoopy@redbaron.bir.uunet.de Tel.: +49 30 65470891 Fax:+49 30 65470892
today i found that netscape calls "chown".
not chown, but chmod.
Send bug reports concerning non-open-source programs to the authors. We can't fix bugs w/o source code.
that's what i did. send it to netscape.
but that's not only a bug. it's a security-hole too isn't it?
I still wonder where the problem is with that. While it may be a nasty habit to do a system("chmod...") instead of chmod(2), I don't see a security-related problem unless the PATH is messed up. And since I'm certain that users don't run netscape as root (*g*), the chown shouldn't do any harm, too. Roman. -- _ _ | Roman Drahtmüller "Freedom means that you can choose | CC University of Freiburg what you want to learn at a given | email: draht@uni-freiburg.de time." A. Becker, 1999 | - - People often find it easier to be a result of the past than a cause of the future.
Quoting Oliver Leue (artus-ol@gmx.net) on Tue, Jan 18, 2000 at 09:09:56PM +0100:
On 18-Jan-00 Thomas Biege wrote:
Hi,
today i found that netscape calls "chown".
not chown, but chmod.
Send bug reports concerning non-open-source programs to the authors. We can't fix bugs w/o source code.
that's what i did. send it to netscape.
Looking through /usr/X11R6/bin/netscape I found something like chmod -f -R go-rxw $HN & where $HN is $HOME/.netscape The chmod seems to be ok, I wonder why it went into Zombie state.... That script is a SuSE Script :-( afx -- SuSE Muenchen GmbH Phone: +49-89-42769-0 Stahlgruberring 28 Fax: +49-89-42017701 D-81829 Muenchen, Germany May the Source be with you!
On Wed, 19 Jan 2000, Andreas Siegert wrote:
Looking through /usr/X11R6/bin/netscape I found something like chmod -f -R go-rxw $HN & where $HN is $HOME/.netscape
The chmod seems to be ok, I wonder why it went into Zombie state....
Aha, the scripts ends by doing 'exec' on netscape -- so if chmod does not
finish until exec, the shell is replaced by the netscape process.. and the
netscape process is not aware of its illegimate child. Once the child
processes finishes and dies, it will thus wander around in a zombie state
:)
One way of fixing it is to add "wait" before running exec. Or don't
run the chmod in the background -- but that will make startup slower, if
you have a lot of files in .netscape (like a big disk cache).
--
==============================================================================
Erwin Andreasen Herlev, Denmark
Hi Andreas,
Looking through /usr/X11R6/bin/netscape I found something like chmod -f -R go-rxw $HN & where $HN is $HOME/.netscape
The chmod seems to be ok, I wonder why it went into Zombie state....
That script is a SuSE Script :-(
afx
This is fairly easy: chmod -f -R go-rxw $HN & # # Start # dd if=$p of=/dev/null bs=8k conv=sync > /dev/null 2>&1 preloader $p exec $p ${1+"$@"} chmod is backgrounded. The shell forks, the child exec()s chmod. In the meanwhile, the parent shell execs the netscape binary, which has no reason to await a child. In particular, it is unlikely that netscape starts up fast enough to be able to install the signal handler before the child returns. Regards, Roman. -- _ _ | Roman Drahtmüller "Freedom means that you can choose | CC University of Freiburg what you want to learn at a given | email: draht@uni-freiburg.de time." A. Becker, 1999 | - - People often find it easier to be a result of the past than a cause of the future.
Quoting Roman Drahtmueller (draht@uni-freiburg.de) on Wed, Jan 19, 2000 at 10:12:06AM +0100:
Hi Andreas,
Looking through /usr/X11R6/bin/netscape I found something like chmod -f -R go-rxw $HN & where $HN is $HOME/.netscape
The chmod seems to be ok, I wonder why it went into Zombie state....
That script is a SuSE Script :-(
afx
This is fairly easy:
chmod -f -R go-rxw $HN & # # Start # dd if=$p of=/dev/null bs=8k conv=sync > /dev/null 2>&1 preloader $p exec $p ${1+"$@"}
chmod is backgrounded. The shell forks, the child exec()s chmod. In the meanwhile, the parent shell execs the netscape binary, which has no reason to await a child. In particular, it is unlikely that netscape starts up fast enough to be able to install the signal handler before the child returns.
But then I should have a hanging chmod as well, but I have never seen it... afx -- SuSE Muenchen GmbH Phone: +49-89-42769-0 Stahlgruberring 28 Fax: +49-89-42017701 D-81829 Muenchen, Germany May the Source be with you!
Hi again,
But then I should have a hanging chmod as well, but I have never seen it...
afx
Your machine is fast enough and your $HOME/.netscape small enough so that the child returns before the parent exec()s. The whole thing is not really an issue, because the only thing we see here is a simple zombie (which will be caught by init as soon as netscape dies). There is no memory consumption, no CPU hogging, just this simple entry in the process table, nothing more. And it only happens once. It could use a fix for cosmetic reasons, but that's about it... Btw, get rid of the Zombie by killing netscape's pid with signal CHLD. kill -CHLD `pidof netscape` Roman. -- _ _ | Roman Drahtmüller "Freedom means that you can choose | CC University of Freiburg what you want to learn at a given | email: draht@uni-freiburg.de time." A. Becker, 1999 | - - People often find it easier to be a result of the past than a cause of the future.
hi...
ok, guys. i don't wanna made panic. i just thought that's not correct. with
your help i understand now what happens and i read the script.
but there's something else with this script. i know, that's nothing for this
group but i just wanna write it.
i see that there suse set the variable for the plugins and for netscape itself.
but this doesn't work, like i wrote weeks ago to feedback.
netscape find not the plugins until i set the variable into /etc/profile. none
of the installed plugins.
just because we talking about this script and some of you really knows much
more about writing script than i.
so, thanks for your help.
----------------------------------
E-Mail: Oliver Leue
On 18 Jan 00, at 18:56, Thomas Biege wrote:
Send bug reports concerning non-open-source programs to the authors. We can't fix bugs w/o source code.
Bye, Thomas
Man, that is kind of attitude! To me the message looks like a *possible* security breach. Possibly caused by one of the participants (Netscape, KDE, X11 and SuSE). mike
participants (9)
-
Andreas Siegert
-
Erwin S. Andreasen
-
Hans v. Sommerfeld
-
Marc
-
Oliver Leue
-
Rainer Link
-
Roman Drahtmueller
-
Thomas Biege
-
Thomas Michael Wanka