[PD] denial of service attack

2009-10-16 Thread Claude Heiland-Allen
Greetings, Having failed to sleep I constructed a tiny example patch that might crash your Pd or worse. It's based on the XML Entity Explosion attack, but I was initially inspired by some recent exponential type-checking time discussion on the Haskell mailing lists. Claude --

Re: [PD] denial of service attack

2009-10-16 Thread Andrew Faraday
WHY Date: Fri, 16 Oct 2009 08:06:53 +0100 From: claudiusmaxi...@goto10.org To: pd-list@iem.at Subject: [PD] denial of service attack Greetings, Having failed to sleep I constructed a tiny example patch that might crash your Pd or worse. It's based on the XML Entity

Re: [PD] denial of service attack

2009-10-16 Thread Andy Farnell
: [PD] denial of service attack Greetings, Having failed to sleep I constructed a tiny example patch that might crash your Pd or worse. It's based on the XML Entity Explosion attack, but I was initially inspired by some recent exponential type-checking time discussion

Re: [PD] denial of service attack

2009-10-16 Thread Mathieu Bouchard
On Fri, 16 Oct 2009, Andrew Faraday wrote: WHY Yeah, frankly, it's a lot easier to eat all RAM in other ways. #N canvas 0 0 450 300 10; #X obj 6 27 loadbang; #X obj 6 8 namecanvas z; #X obj 6 46 until; #X msg 6 65 \; z obj 0 0 table foo 1000; #X connect 0 0 2 0; #X connect 2 0 3 0;

Re: [PD] denial of service attack

2009-10-16 Thread András Murányi
On Fri, Oct 16, 2009 at 2:01 PM, Mathieu Bouchard ma...@artengine.cawrote: On Fri, 16 Oct 2009, Andrew Faraday wrote: WHY Yeah, frankly, it's a lot easier to eat all RAM in other ways. #N canvas 0 0 450 300 10; #X obj 6 27 loadbang; #X obj 6 8 namecanvas z; #X obj 6 46 until;

Re: [PD] denial of service attack

2009-10-16 Thread Mathieu Bouchard
On Sat, 17 Oct 2009, András Murányi wrote: OK, you're all welcome to crash my pd but not to run hostile code on my machine. Now, we now that the code posted my Claude can eat up our RAM but can it write to an executable region or do other really nasty things? On the other hand - does a fresh

Re: [PD] denial of service attack

2009-10-16 Thread András Murányi
2009/10/17 Mathieu Bouchard ma...@artengine.ca On Sat, 17 Oct 2009, András Murányi wrote: OK, you're all welcome to crash my pd but not to run hostile code on my machine. Now, we now that the code posted my Claude can eat up our RAM but can it write to an executable region or do other

Re: [PD] denial of service attack

2009-10-16 Thread Mathieu Bouchard
On Sat, 17 Oct 2009, András Murányi wrote: 2009/10/17 Mathieu Bouchard ma...@artengine.ca Just [textfile] and [soundfiler] are enough to overwrite important files. A user's most important data is typically writable, and write-protected files are usually the files that are easy to reinstall from