--- Mad Scientist <[EMAIL PROTECTED]> wrote: > According to the great words of David Hamilton: > > Noticed my server seg faulting this morning. My custom.hpk was > > ~600k. Deleted the file. Server starts, and does not seg fault. > > Has it ever occured to anybody that a segfault caused by custom.hpk > could be a very dangerous thing? If I know what to put in my spray to > cause a segfault, I could perhaps build a spray that will also get > the > server to execute arbitrary code. Those of you with frequent > segfaults > caused by custom.hpk might consider looking to see if you have > rootkits > installed, or anything else indicating you've been owned. The server > should *never* segfault, especially not as a result of user provided > data. The fact that Valve has basically ignored this is yet another > indication that they cannot be trusted as a vendor. > > -Mad >
let me offer some clarification, at least for my situation. The seg fault only occurs on startup if the file is present. it does not seg fualt itself into crashing while the server is running. I have autoupdate disabled to avoid this as well. So, yeah, I have to manually bounce hlds on Wednesday nights, but that is ok. I have added a line to my start script to remove the existing custom.hpk. this fix should work until Valve fixes this issue (assuming it is not a security problem). As for investigating for rootkits, I have to plead ignorance. My self-taught Linux lesson hasn't reached that chapter yet. How would I go about this? _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
