[OLPC Security] Shutting down fds prior to execvpe in rainbow/inject.py: joyride 247 under Qemu

Marcus Leech mleech at nortel.com
Tue Nov 6 22:12:16 EST 2007


Michael et al:

I just uploaded the EXT3 image for Joyride 247, and it seems to mostly work.

I experimentally put some code just before the execvpe() in inject.py to
close FDs >= 3 and <= 10.  I picked 10 out of the
  air, but I wouldn't expect there to be many open file descriptors at
that point.  Actually, given the semantics of dup(),
  you could use it to probe what the maximum FD number is just before
execvpe(), so the terminating condition could
  be something like <= dup(0).

Anyway everything appears to be sane after the experiment (that is to
say, nothing is any *more* broken after this
  compared to before this).

I note that Clock doesn't work at all (Stays in "Starting..." forever),
and eToys comes up, but bits of it fail with error dialogs, and
  then there's no way to get out of it, or return to the Sugar
desktop--I had to go over to the virtual serial console and kill -1 it.
  Logviewer hangs just like Clock.  So does MaMa Media Creative Center,
and Record.    Hmmm.



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 251 bytes
Desc: OpenPGP digital signature
Url : http://lists.laptop.org/pipermail/security/attachments/20071106/6b5569bf/attachment-0001.pgp 


More information about the Security mailing list