Bugtraq mailing list archives

Re: xfs + gdm allow DoS of console

From: mkp () LINUXCARE COM (Martin K. Petersen)
Date: Thu, 15 Jun 2000 23:57:47 +0200

"Mike" == Mike Leonhard <mike () THEYTALK COM> writes:


Mike> gdm apparently ignores the --nodaemon option specified to it in
Mike> inittab.

GDM will not detach from the controlling process if it is started by
init.  Ever.  No matter whether -nodaemon is specified or not.  If it
did, you'd end up with a whole forest of competing gdm processes.

Furthermore, I'd hardly call this a DoS attack.  You must be root to
nuke xfs (unless xfs is buggy).  And if you are root, you can shoot
yourself in the foot in at least a gazillion other ways.

That being said, I totally agree that GDM should handle this error
condition more gracefully.  And it has indeed been fixed.

Most of the daemon code has been rewritten over the past months, and
the next release features internal respawn control among other things.

Mike> If the X server fails to load for whatever reason, gdm will
Mike> immediately reload it.  This causes the console to become
Mike> unusable - caught in a loop with the screen flashing every 2
Mike> seconds as the X server tries to load.  On a machine with no
Mike> network login capability the only way out of this situation is
Mike> to reboot the system by pressing CTRL-ALT-DEL on the keyboard.
Mike> If gdm would exit when the X server quits, then init would
Mike> reload it in a safe manner - stopping for 5 min if gdm is
Mike> reloaded, I believe it is, 10 times in one minute.

GDM does more than managing a single display, so that would be a most
unfortunate behavior.

Mike> RedHat's updated gdm rpm as of last week did not resolve this
Mike> issue.  I wonder if it was a good idea to move the 'fixed' font
Mike> into xfs.  I have had good experiences with xfstt, but I have
Mike> always had my normal X fonts loaded directly from disk.

I agree.

xfs is inherently needed for many X terminals, however.

--
Martin K. Petersen, Principal Linux Consultant, Linuxcare, Inc.
mkp () linuxcare com, http://www.linuxcare.com/
Linuxcare. Support for the revolution.

Current thread:

xfs + gdm allow DoS of console Mike Leonhard (Jun 13)
- <Possible follow-ups>
- Re: xfs + gdm allow DoS of console Martin K. Petersen (Jun 15)