On Thu, 13 Jun 2002 at 17:52, Paolo Alexis Falcone wrote: > Not sure, but the following changes have been committed in CVS a few > hours ago which somehow remedies(?)/solves the problem: > > *fixes in gtk CVS > *fixes in XFree 4.x CVS > *fixes in Mozilla 1.1a CVS
Yup. I read somewhere that this issue was addressed really quickly by the Mozilla team in CVS. I wonder when the next public release will be made. > More probable than not the non-overcommit code would be included in > 2.4.19 which might be released real soon, unless something else happens. I hope the non-overcommit code will make it to 2.4.19. I hear the -ac tree has a lot of stability fixes for the kernel right now. I wonder how many of them will make it into the mainline kernel. Like you I'm excited about 2.4.19. I'm seeing a lot of XFS (the filesystem not the font server) TAKEs that sound good, both for stability as well as performance. I love this. :) > I did try the exploit, and it indeed crashed my box. I've compiled SYSRQ > in the kernel (2.4.18-xfs), but this didn't help much. I'm speculating that with SysRq I would have at least been able to flush the buffers, sync the disks, and maybe even unmount the filesystems. All this in contrast to my hard reset with a ballpen (the reset button of the server isn't readilly accessible). Thanks to my reports to LKML and BugTraq I got a lot of replies recommending various "catches" like running xfs-daemon as non-root with a specific ulimit set. I also got a lot of validations as far as the points I made about how the kernel doesn't seem to cope very well with out-of-whack processes like xfs-daemon. Let's hope that some thing gets done to make the Linux kernel more able to police criminal processes. ;) In the meantime I removed the font server and delegated font-serving to each workstation. Not the most optimal but at least DoS effects get localized to a per-workstation basis. --> Jijo -- Federico Sevilla III : <http://jijo.free.net.ph/> Network Administrator : The Leather Collection, Inc. GnuPG Key ID : 0x93B746BE _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
