According to the great words of David Hamilton: > Noticed my server seg faulting this morning. My custom.hpk was > ~600k. Deleted the file. Server starts, and does not seg fault.
Has it ever occured to anybody that a segfault caused by custom.hpk could be a very dangerous thing? If I know what to put in my spray to cause a segfault, I could perhaps build a spray that will also get the server to execute arbitrary code. Those of you with frequent segfaults caused by custom.hpk might consider looking to see if you have rootkits installed, or anything else indicating you've been owned. The server should *never* segfault, especially not as a result of user provided data. The fact that Valve has basically ignored this is yet another indication that they cannot be trusted as a vendor. -Mad -- http://www.madslab.com "A proof is a proof. What kind of a proof? It's a proof. A proof is a proof. And when you have a good proof, it's because it's proven." � Prime Minister Jean Chr�tien _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
