GDM 2.4.1.6 (stable)
GDM 2.4.2.101 (unstable)
WHACKYWHACKYWHACKYWHACK
(If you have no clue what gdm is, skip a few paragraphs down
first)
It is time again, yes you guessed it, for a security
announcement. After some auditing of code I found 3 issues with it,
one of them being fairly serious. Here are the descriptions and CVE
numbers
CAN-2003-0547 which allows any user to read any root readable
text file on the system by making a symlink from
~/.xsession-errors. This affects all GNOME2 versions.
CAN-2003-0548, a crash when chosen host expires. DoS only for
XDMCP (XDMCP should however be confined to a ‘trusted’ network
anyway). This affects all versions from 2.0beta2 forward
really.
CAN-2003-0549, a crash if authorization key name is shorter then
18 bytes (that is, not MIT-MAGIC-COOKIE-1) DoS only for XDMCP
(XDMCP should however be confined to a ‘trusted’ network anyway).
This affects all versions that had XDMCP. Some distributors shipped
a patch at some point which managed to fix this though.
Mostly people would be affected by the first one as XDMCP should
be off by default and if it is on, you should really confine it to
a ‘trusted’ network as you can always pretty much DoS an XDMCP
server because of the way XDMCP works.
On the slightly silly news front, the cookie generation in the
devel version is now utterly overengineered. The plus side of that
is that you should really get really REALLY random cookies even on
systems with no /dev/random and friends and no /proc. Also it now
doesn’t waste all your kernel entropy just for generating a 16 byte
cookie.
In addition to auditing code for security problems, and making
sure that all random bits are really random, I’ve also done some
optimizations, mainly in the graphical greeter. This cuts down on
the memory usage by quite a bit, saving about 6megs for me on the
circles theme, plus some optimization of CPU usage and disk access.
Some utterly useless soptimization was also done making the code a
few nanoseconds faster. The manual has also been updated, including
some XDM bashing (as if you didn’t already know that it so
obviously sucks:)
No new longjmp usage, however the following statistic should be
of similar interest:
devgnome@pipina:/gnome/head/cvs/gdm2% grep goto **/*.c | wc
-l
79
devgnome@pipina:/gnome/head/cvs/gdm2%
And now for the standard part of the release announcement:
GDM is the GNOME Display Manager, it is the little proggie that
runs in the background, runs your X sessions, presents you with a
login box and then tells you to piss off because you forgot your
password. It does pretty much everything that you would want to use
xdm for, but doesn’t involve as much crack. It doesn’t use any code
from xdm, and has a more paranoid and safer design overall. It also
includes many features over xdm, the biggest one of which is that
it is more user friendly, even if your X setup is failing. The goal
is that users should never, ever have to use the command line to
customize or troubleshoot gdm. It of course supports xdmcp, and in
fact extends xdmcp a little bit in places where I thought xdm was
lacking (but is still compatible with xdm’s xdmcp).
News:
Highlights of 2.4.1.6 (see further for 2.4.2.100 and 2.4.2.101
stuff):
Security issues were not part of original release notes and are
not present in the NEWS file in the 2.4.1.6 tarball just in case
you are wandering. This is because 2.4.1.6 and 2.4.2.100 came out
more then a week ago and the issues weren’t public yet.
- Backport the errorgui from HEAD, easier then fixing the bugs.
This is the ~/.xsession-errors security fix mentioned above. - Actually insure /tmp/.ICE-unix (#118878)
- Fix some crashes in main daemon. This is the XDMCP crashes
mentioned above. - Fix the language checking code to not mess up when LC_ALL and
LC_MESSAGES are not the same
Highlights of 2.4.2.101:
- Memory profiling of the graphical greeter by not keeping around
info (pixmaps) which we won’t need. On the circles theme this saves
about 6megs on the circles theme. Also cache pixmaps in the
graphical greeter which reduces the disk rattling we need to do to
start up. Plus a bit of just performance profiling should reduce
CPU usage of the graphical greeter quite a bit too. - Update the manual, especially the theme section
- The UserAuthDir now works in a much saner way. If the directory
is not tilde expanded, then we treat it just like /tmp and use
random filenames. - Prevent a minor DoS attack (apps being coerced to fill up the
home dir) by intercepting the output from the session and only
writing to the ~/.xsession-errors file a maximum of 80*2500
bytes. - The user lists in the face browsers and the gdmsetup are now
capped at a higher number, but we also cap the time that is spent
gathering the info at 5 seconds. - Deal with hypothetical main daemon crashes semi decently in the
slave. - Try /dev/fd if /proc/self/fd isn’t there for checking which FDs
are open, should make this work on more platforms (in particular
FreeBSD) - Run fbconsole on startup if found, this is a solaris thing to
prevent console output to corrupt your display (Brian Cameron) - Use the 66 code from session to indicate failure that need not
display the .xsession-errors file - Actually read the “active” state for text items
- Break all pam messages (not just the error) at 50 columns. This
is kind of a hack, we need to support proper linebreaking in the
theme. - Respect negative coordinates with “-0” in the theme
- Display help from the setup program if not running from within
gdm itself - The standard config file now has most keys commented out so
that the internal defaults are used and so that we can change those
defaults in the future without the user having to update the config
file. - Improvements in the cookie generation. Doesn’t use up all the
system entropy but just uses the 16 bytes it actually needs (since
we just need a 16 byte cookie). Plus improve randomness on systems
without /dev/random and friends. - Correctly handle out of diskspace on auth handling and on the
PID file thing. - Fix the runlevel reading
- Fix possible crash on auth purge
- Fix possible chooser crash
- Fix lots of minor bugs
- Some soptimization to save a nanosecond or two
- Translation updates (Wang Jian, Funda Wang, Christian Rose,
Jordi Mallach, Danilo Segan, Artur Flinta, Miloslav Trmac, Duarte
Loreto, Kostas Papadimas, Ales Nyakhaychyk, Laurent Dhima,
Christophe Merlet, Evandro Fernandes Giovanini, Metin Amiroff,
Pauli Virtanen, Dafydd Harries)
2.4.2.100 SECURITY ADDENDUM:
Was not part of the original release notes to give distributors a
chance to update.
- SECURITY: Fixed CAN-2003-0547 which allows any user to read any
root readable text file on the system by making a symlink from
~/.xsession-errors - SECURITY: Fixed CAN-2003-0548, a crash when chosen host
expires. DoS only for XDMCP (XDMCP should however be confined to a
‘trusted’ network anyway) - SECURITY: Fixed CAN-2003-0549, a crash if authorization key
name is shorter then 18 bytes (that is, not MIT-MAGIC-COOKIE-1) DoS
only for XDMCP (XDMCP should however be confined to a ‘trusted’
network anyway)
2.4.2.100 stuff:
- Fix #118878 by actually ensuring /tmp/.ICE-unix
- More doc updates
- Fix up rlimit use and handle cases where we ourself hit SIGXCPU
and SIGXFSZ. Also handle SIGABRT cleanly in the main daemon. - The error gui uses the same theme as the greeters
- The pam config files don’t include the /lib/security prefix as
apparently it’s more kosher to let pam find the modules itself - Fix some crashes in main daemon, fix debug output in
places - A whole pile of minor XDMCP updates
- Fix solaris build (Brian Cameron)
- Limit users in face browsers above 100 not 50
- Remove any mentions of SessionMaxFile as it isn’t used
anymore - Some typos fixed (Jordi Mallach)
- Translation updates (Jordi Mallach, Artur Flinta, Christian
Rose, Miloslav Trmac, Kostas Papadimas, Duarte Loreto, Ole Laursen,
Danilo Segan, Christian Neumair)
Note: GDM2 was originally written by Martin K. Petersen
<<A HREF=”mailto:[email protected]”>[email protected]>, and has for
a while now been maintained by the Queen of England. She is usually
not responsive to bug reports or feature requests. You can try to
send them to me however.
Note2: If installing from the tarball do note that make install
overwrites most of the setup files, all except gdm.conf. It will
however save backups with the .orig extension first.
Note3: Note3 has been depracated …
Downloading:
Webpage: http://www.jirka.org/gdm.html
http://ftp.gnome.org/pub/GNOME/sources/gdm/2.4/
Sorry no RPMS. There is a spec file included in the tarball and
it may or may
not work (it should, and it did some time ago but I haven’t tried
it lately).
Have fun,
(or as in the immortal words of Chema: “Have sex,”)
George
PS: I think we’re saving electricity in this incredibly hot
summer as we don’t have to heat the fish water. Though it’s a few
degrees higher then should be, but I still sometimes feel like I
want to just jump in there to cool down. You’d think that living
close to the coast in San Diego you never need AC. That’s another
thing we’re saving money on. Because if we had AC we’d be using it.
Then again we’re running all the fans we have full time, so perhaps
we’re not saving that much. I’m contemplating crawling into the
freezer to cool down, but I’m so sweaty, I fear all the sweat would
freeze and I wouldn’t be able to move and get out. Plus the freezer
smells like bloodworms that we have there for the fish.
—
George <<A HREF=”mailto:[email protected]”>[email protected]>
Zivot je kratkej a posranej, jako zebricek do kurniku.
- Neznamy
gtkmm 2.2.6
gtkmm 2.2
gtkmm provides a C++ interface to GTK+. gtkmm 2.2 wraps GTK+ 2.2
http://www.gtkmm.org
Like GTK+ 2.2, gtkmm 2.2 contains only API addition, without API
or ABI breakage, compared to gtkmm 2.0
Changes
2.2.6:
- gcc 2.96: Fix build, by not #ifdefing out some template
specialization declarations needed by gcc 3. (Frank Naumann) - MS Visual C++ .Net 2003 support – See the MSVC_Net2003
directory. (Frank Nauman, jburris) - Gdk::Display: Fix refcount problem with open() and
open_default_libgtk_only(). (Murray Cumming) - Documentation:
- Book:
- Show correct example source code for Box instead of
Alignment. - Memory Management: Mention set_manage() instead of old
set_dynamic function.
- Show correct example source code for Box instead of
- Reference documentation:
- Improved documentation for intermediate containers, property
methods and proxies, (Murray Cumming) - TreeView::append_column(): Explain what types are supported by
default, and what happens if you use a different type. (Martin
Schulze)
- Improved documentation for intermediate containers, property
- Book:
Download
http://www.gtkmm.org/download.shtml
You will need libsigc++ 1.2, available here: https://sourceforge.net/project/showfiles.php?group_id=1970
Development
There is ongoing discussion on the mailing list: http://www.gtkmm.org/mailinglist.shtml
and in the #c++ channel on irc.gnome.org/
—
Murray Cumming
[email protected]
www.murrayc.com
Straw 0.19.1
Application
Straw 0.19.1
Description
A GNOME 2 desktop news aggregator, using the RSS syndication
format
Fixes
- Added the missing images
- Fixed one bug with weird characters in host names
Download
http://savannah.nongnu.org/files/?group=straw