Re: Is this a hacking attempt?
On Tue, 20 Jan 2015 17:52:05 +0100
Vincent Deffontaines <email@example.com> wrote:
> Le 2015-01-20 12:40, Marko Randjelovic a écrit :
> > I was running Wheezy Iceweasel with vanilla 3.14 kernel with grsec. I
> > tried to play video on YouTube with gnash plugin but Iceweasel
> > crashed
> > with alike messages
> > execution attempt in ...
> > Terminating task /usr/lib/iceweasel/iceweasel
> > Full log can be found on http://paste.lisp.org/+343V
> My understanding from the grsec logs you pasted is that gnash tried to
> allocate more memory than your RLIMIT-MEMLOCK limit (65536), and this is
> the reason why gnash crashed.
> I wouldn't hint this is sufficient to conclude in hacking. Flash is
> known well enough for eating a lot of memory at times.
> I would suggest either to try playing "similar" flash from trusted
> sources (good luck finding them though, maybe @adobe.com - One might
> also believe youtube.com is a trusted source ) and see if the plugin
> crashes on them too ; or maybe to raise limit progressively to see where
> it is accepted.
I tried to raise limit some time ago, but I was unsuccessful. Do you
know how to do it?
> As a side note, youtube supports HTML5, and if your browser had no
> flash support at all but HTML5 support, then you, your grsec kernel, and
> all kittens in the world could just be delighted and still have youtube
> content played fine.
Fortunately, this works, but there are sites where doesn't.
One should not be afraid of humans.
Well, I am not afraid of humans, but of what is inhuman in them.
Ivo Andric, "Signs near the travel-road"