![](/i/fill.gif) |
![](/i/fill.gif) |
|
![](/i/fill.gif) |
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
Ken wrote:
>
> If any of those infamous POV-Ray Bulgarian hackers hear about this we
> are all doomed !!!
No need to be Bulgarian! ;-) Right now, I'm writing the First
Ever POV-Ray-Virus [tm]!
Markus
Post a reply to this message
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
Ron Parker wrote:
> Seriously, folks, consider this:
>
> #fopen FILE "c:\\autoexec.bat" append
what's "autoexec.bat"?
SCNR
Markus
> The point is, if you don't trust the source of a file, don't run it. Getting
> an unknown POV script over the Internet is just as dangerous as getting C
> source code or Perl source code or source code in any other programming
> language, because that's what it is.
But POV-Ray is a _Renderer_, not a general purpose programming language.
Ok, it has a full-blown C-like syntax and all, but is this _really_
needed?
How about some restrictions on the available file I/O, such as allowing
only to read from and write to file in some kind of "sandbox", i.e.
_one_
special directory (and the sub dirs) that is assigned specifically for
that purpose. POV-Ray itself would then decide if it does it or not.
Markus
--
Ich nicht eine Sekunde!!!" H. Heinol in Val Thorens
Post a reply to this message
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
"Jon A. Cruz" wrote:
>
> And on Windows NT it's worse. I just got a new NT box placed in my office.
> After booting into NT, and without even attempting to log-in, just booting, it
> went crazy. After coming up with the NT log-in thingie, it then went into over
> 5-10 minutes of just constant disk thrashing. And that was with me not doing
> anything.
Rip out that 16MB module and replace it by 256 MB. You'll be surprised.
Markus
Post a reply to this message
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
On Tue, 26 Oct 1999 15:03:19 +0200, Markus Becker wrote:
>Ron Parker wrote:
>> Seriously, folks, consider this:
>>
>> #fopen FILE "c:\\autoexec.bat" append
>
>what's "autoexec.bat"?
For that matter, what's "c:\\"?
Of course we could modify it to
#fopen FILE "~/.login" append
and have it write "cd ~\nrm -rf * >/dev/null\n" instead.
>How about some restrictions on the available file I/O, such as allowing
>only to read from and write to file in some kind of "sandbox", i.e.
>_one_
>special directory (and the sub dirs) that is assigned specifically for
>that purpose. POV-Ray itself would then decide if it does it or not.
That would solve one of the problems. The other problem that remains is
the shellout stuff, but those are relatively easy to check manually or
disable entirely.
Another way of looking at it is to not allow directory path separators
in filenames. Allow opens for read to find files anywhere an include
file would be found, and force opens for write to write to the directory
where the output file will be written. Of course, with the plethora of
different directory separators, this will be a daunting task, but I think
it's probably necessary.
Besides, we'll have to do something with the file i/o stuff to support
network rendering anyway.
Post a reply to this message
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
Ron Parker wrote:
>
> On Tue, 26 Oct 1999 15:03:19 +0200, Markus Becker wrote:
> >Ron Parker wrote:
> >> Seriously, folks, consider this:
> >>
> >> #fopen FILE "c:\\autoexec.bat" append
> >
> >what's "autoexec.bat"?
>
> For that matter, what's "c:\\"?
>
> Of course we could modify it to
>
> #fopen FILE "~/.login" append
>
> and have it write "cd ~\nrm -rf * >/dev/null\n" instead.
>
I don't think a virus has to be cross-platform to do damage.
Post a reply to this message
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
Ron Parker <ron### [at] povray org> wrote:
: Another way of looking at it is to not allow directory path separators
: in filenames.
This would assume that directory separator is either "\" or "/".
It may be enough, but...
It might search for "povray.ini" in the currect directory and add some
nasty stuff there...
--
main(i,_){for(_?--i,main(i+2,"FhhQHFIJD|FQTITFN]zRFHhhTBFHhhTBFysdB"[i]
):5;i&&_>1;printf("%s",_-70?_&1?"[]":" ":(_=0,"\n")),_/=2);} /*- Warp -*/
Post a reply to this message
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
On 26 Oct 1999 10:06:09 -0400, Nieminen Juha wrote:
>Ron Parker <ron### [at] povray org> wrote:
>: Another way of looking at it is to not allow directory path separators
>: in filenames.
>
> This would assume that directory separator is either "\" or "/".
Not necessarily. It would have to be done on an OS-by-OS basis.
For example, VMS uses square brackets around directory names,
and I think the Mac uses colons. Fortunately, config.h already
defines what a filename separator is for the OS in question.
> It might search for "povray.ini" in the currect directory and add some
>nasty stuff there...
True. Or some other ini file it can be sure is there - its own,
for example, in an attempt to bypass whatever visual auditing
someone might have done looking for shellouts. In that case, the
fix is to set an output directory that isn't in your INI path (but
is in your include path, because otherwise a lot of neat effects
wouldn't be possible.)
Post a reply to this message
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
Markus Becker wrote:
> "Jon A. Cruz" wrote:
> >
> > And on Windows NT it's worse. I just got a new NT box placed in my office.
> > After booting into NT, and without even attempting to log-in, just booting, it
> > went crazy. After coming up with the NT log-in thingie, it then went into over
> > 5-10 minutes of just constant disk thrashing. And that was with me not doing
> > anything.
>
> Rip out that 16MB module and replace it by 256 MB. You'll be surprised.
>
> Markus
Strange. It does have 256 MB.
;-)
NT!! woo hoo!! Yeah!!!
NOT!
--
"My new computer's got the clocks, it rocks
But it was obsolete before I opened the box" - W.A.Y.
Post a reply to this message
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
> > > And on Windows NT it's worse. I just got a new NT box placed in my
office.
> > > After booting into NT, and without even attempting to log-in, just
booting, it
> > > went crazy. After coming up with the NT log-in thingie, it then went
into over
> > > 5-10 minutes of just constant disk thrashing. And that was with me not
doing
> > > anything.
quake 2 used to do this to my brother (about 30 secs after starting a dm),
ditched his poopy segate hd, and all is now well !
Rick
Post a reply to this message
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
"Jon A. Cruz" wrote:
>
>
> Strange. It does have 256 MB.
> ;-)
>
> NT!! woo hoo!! Yeah!!!
>
> NOT!
>
Perhaps it was creating / updating the swap file. I have 256 megs
minimum of permanent swap on Win98, and when I restart after a crash, a
few minutes of disk thrashing is quaranteed (I have 128 megs of RAM)
Margus
Post a reply to this message
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |
| ![](/i/fill.gif) |
|
![](/i/fill.gif) |
|
![](/i/fill.gif) |
| ![](/i/fill.gif) |