 |
|
|
|
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Warp wrote:
>
> Francois Dispot <woz### [at] club-internet fr> wrote:
> If it's a basic unix system, there shouldn't be any danger.
> I have run out of memory several times (even when running povray) and
> nothing special has happened. The program just ended with an "out of memory".
Wow, Solaris seems to be a lucky OS...
If you start a hard-core swapping session, and several processes request
memory at the same time, you cannot guess which one will get the "out of
memory" problem first. When this happens, I usually lose my rc5 proxy
server and other relatively useless things like ntpd, nothing lethal.
> In Unix you can also limit the amount of memory a user can allocate.
This is exactly what I wrote (ulimit)
> "The derivative of sin(2x) is cos(2x)" - Matt Giwer
;-))
--
__ __ __ __ _
| | / \ / / |_ / |/
\/\/ \__/ /_ /_ |__ \_ |\
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
Simon Lemieux wrote:
> So I think that scanning for "*fopen*" should do it? Right?
What about if fopen was part of a string
- eg text{ ttf "arial.ttf" "I have put fopen in this file as a text primitive
& now you can't render it" pigment{rgb 1}}
--
Bye
Pabs
Post a reply to this message
|
|
| |
| |
|
|
From: Simon Lemieux
Subject: Re: Hackers... (Howto "not being hacked with povray")
Date: 18 Nov 2000 17:15:32
Message: <3A170DA2.3F30936D@yahoo.com>
|
|
|
| |
| |
|
|
> What about if fopen was part of a string
> - eg text{ ttf "arial.ttf" "I have put fopen in this file as a text primitive
> & now you can't render it" pigment{rgb 1}}
Oh come on!... I guess that would be your problem! ;)
--
+-------------------------+----------------------------------+
| Simon Lemieux | Website : http://www.666Mhz.net |
| Email : Sin### [at] 666Mhznet | POV-Ray, OpenGL, C++ and more... |
+-------------------------+----------------------------------+
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On 16 Nov 2000 16:20:50 -0500, Ron Parker wrote:
>On Thu, 16 Nov 2000 17:15:39 -0500, Simon Lemieux wrote:
>
>>What if I'm not on linux but on Windows? what about MacOS? what about the newer
>>MacOS X?
>
>MacOS X is of course BSD-based, so should support things like permissions and
>chroot. The other two aren't server operating systems, and running server
>processes on them is just asking for trouble.
Well Windows NT and 2000 are promoted as and used as server OSs
(although personally I think that any OS which needs a graphics card
isn't a real server OS), and they have a good permission system. Of
course the default permissions are totally wrong for a server (at least
for NT4, W2k looks a bit better), so if you want to run a server on them
you should know what you are doing.
hp
--
| | | hjp### [at] wsracat | -- Lutz Donnerhacke in dasr.
__/ | http://www.hjp.at/ |
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
| |
|
|
On 17 Nov 2000 10:15:03 -0500, Warp wrote:
>Francois Dispot <woz### [at] club-internetfr> wrote:
>: Warp and Ron gave good ideas.
>
> I really hope that the guy who tried to hack that povray-site mentioned
>in p.general did not get his ideas from that thread. I would feel quite
>guilty if he/she did... :(
Don't feel guilty. Security by obscurity never works for long, and if
you hadn't said it somebody else would have, or it would just have taken
a little bit longer until somebody had tried it. At least that thread
gave Steve the chance to fix the holes. That he didn't until he was hit,
is unfortunate, but that happens to the best of us.
> In Unix you can also limit the amount of memory a user can allocate.
Not really. You can limit the amount of memory a single process can
allocate and the number of processes for each user. Unfortunately most
users need many small processes and few large ones, so the product of
both values is generally too large to be useful.
hp
--
| | | hjp### [at] wsracat | -- Lutz Donnerhacke in dasr.
__/ | http://www.hjp.at/ |
Post a reply to this message
|
|
| |
| |
|
|
From: Warp
Subject: Re: Hackers... (Howto "not being hacked with povray")
Date: 20 Nov 2000 05:38:13
Message: <3a18ff15@news.povray.org>
|
|
|
| |
| |
|
|
Pabs <pab### [at] hotmailcom> wrote:
: What about if fopen was part of a string
It could also be a part of an identifier name.
#declare numberofopencylinders = 10;
--
main(i,_){for(_?--i,main(i+2,"FhhQHFIJD|FQTITFN]zRFHhhTBFHhhTBFysdB"[i]
):_;i&&_>1;printf("%s",_-70?_&1?"[]":" ":(_=0,"\n")),_/=2);} /*- Warp -*/
Post a reply to this message
|
|
| |
| |
|
|
From: Warp
Subject: Re: Hackers... (Howto "not being hacked with povray")
Date: 20 Nov 2000 05:41:11
Message: <3a18ffc7@news.povray.org>
|
|
|
| |
| |
|
|
Francois Dispot <woz### [at] club-internetfr> wrote:
: Wow, Solaris seems to be a lucky OS...
The only Unix OS I have heard that crashes when it runs out of memory
is Linux.
--
main(i,_){for(_?--i,main(i+2,"FhhQHFIJD|FQTITFN]zRFHhhTBFHhhTBFysdB"[i]
):_;i&&_>1;printf("%s",_-70?_&1?"[]":" ":(_=0,"\n")),_/=2);} /*- Warp -*/
Post a reply to this message
|
|
| |
| |
|
|
From: Simon Lemieux
Subject: Re: Hackers... (Howto "not being hacked with povray")
Date: 21 Nov 2000 20:21:09
Message: <3A1B1FB9.C05443BE@yahoo.com>
|
|
|
| |
| |
|
|
> It could also be a part of an identifier name.
>
> #declare numberofopencylinders = 10;
As I said to simplify the programmation, that would not be allowed...
you should rather write numberOfOpenCylinders (if "*fOpen*" is allowed) or
nOpenCylinder... etc...
I hope you all understand it would be rather stupid to code something that would
understand if it's not the function fopen, while I haven't code half the main
program! ;)
--
+-------------------------+----------------------------------+
| Simon Lemieux | Website : http://www.666Mhz.net |
| Email : Sin### [at] 666Mhznet | POV-Ray, OpenGL, C++ and more... |
+-------------------------+----------------------------------+
Post a reply to this message
|
|
| |
| |
|
|
From: Simon Lemieux
Subject: Re: Hackers... (Howto "not being hacked with povray")
Date: 21 Nov 2000 20:25:20
Message: <3A1B20B4.1499B658@yahoo.com>
|
|
|
| |
| |
|
|
> The only Unix OS I have heard that crashes when it runs out of memory
> is Linux.
I guess it depends on a few things, because I have RedHat 6.1 installed and I
tested it very much to make it crash and the only way I found was to play with
my 3dfx acceleration and even then I'm not sure if the computer is crashed or if
it's only the video that is...
When I start a 3dfx program, at the beginning it prints "unprotecting memory",
holds for ~1 second and start... if I kill the program when it's unprotecting
the video memory, the video freezes...
And that's the only crash I found... there are some bugs that can hang the
computer for some time such as when the memory is getting very low... etc... but
nothing serious...
--
+-------------------------+----------------------------------+
| Simon Lemieux | Website : http://www.666Mhz.net |
| Email : Sin### [at] 666Mhznet | POV-Ray, OpenGL, C++ and more... |
+-------------------------+----------------------------------+
Post a reply to this message
|
|
| |
| |
|
|
From: Warp
Subject: Re: Hackers... (Howto "not being hacked with povray")
Date: 22 Nov 2000 09:14:14
Message: <3a1bd4b6@news.povray.org>
|
|
|
| |
| |
|
|
I think that the most secure way of finding a true fopen is (using
regular expressions):
(^|[^0-9A-Za-z])fopen($|[^0-9A-Za-z])
I think that there's a shortcut in perl for [^0-9A-Za-z] but I don't
remember which it was.
--
main(i,_){for(_?--i,main(i+2,"FhhQHFIJD|FQTITFN]zRFHhhTBFHhhTBFysdB"[i]
):_;i&&_>1;printf("%s",_-70?_&1?"[]":" ":(_=0,"\n")),_/=2);} /*- Warp -*/
Post a reply to this message
|
|
| |
| |
|
|
|
|
| |
