A long time ago (around Thu, Jun 13, 2002 at 01:52:03PM +0800) in a galaxy far, far away, someone named Federico Sevilla III said: > On Thu, 13 Jun 2002 at 13:02, Orlando Andico wrote: > > I just tested it with Galeon (latest version, for Mozilla 1.0). And > > nope, Galeon doesn't cause my system to crash. However I swapped heavily > > for a few seconds (as in ubos lahat ng memory and swap space). But it > > recovered after a while. Kernel 2.4.17 I think. > > I stupidly tested this early this morning, too, and f*cked things up. > Here's a copy of a report I sent to BugTraq and LKML. > > I just got a reply from Alan Cox. He told me to set rlimits on the xfs > server, and to enable non-overcommit, which is available in the -ac > series. Unfortunately XFS (not the X Font Server but the SGI XFS team) > doesn't follow the -ac series but the main marcelo line so I'll have to > wait for this to get in there. :( > > Would anyone know where I can read up on rlimits? >
Not sure, but the following changes have been committed in CVS a few hours ago which somehow remedies(?)/solves the problem: *fixes in gtk CVS *fixes in XFree 4.x CVS *fixes in Mozilla 1.1a CVS More probable than not the non-overcommit code would be included in 2.4.19 which might be released real soon, unless something else happens. I did try the exploit, and it indeed crashed my box. I've compiled SYSRQ in the kernel (2.4.18-xfs), but this didn't help much. -- -->paolo Paolo Alexis Falcone [EMAIL PROTECTED] GnuPG KeyID 0xEADFF6F4 Tel# (632)6429577 Fax# (632)6429561 Mobile# +639174379283 ___________________________________________________________________ "I think ideology sucks. This world would be a much better place if people had less ideology, and a whole lot more "I do this because it's FUN and because others might find it useful, not because I got religion."" --> Linus Torvalds _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
