|
Wanted to describe a problem I am having with Gamin
version 0.1.1 DOS in version
0.1.1 Tested out this version. Installed from gamin-0.1.1.tar.gz
on a Fedora Core 3 x86 box. Test Conditions Had Gamin monitor the application log file. The
log file was being rapidly populated with application debug and error
statements. Used poll() to listen for events, rather than select().
I also blocked on the socket (used an infinite timeout). Results Under these conditions, gamin went wild. ¨ The
following error messages were generated on calls to FAMNextEvent() o
Failed to write bytes to
socket <sock_number> o
Connection refused o
end from FAM server
connection o
Failed to reuse
descriptor < sock_number> on reconnect o
failed to read() from
server connection o
No such file or directory o
Success (???) ¨ The
following error messages were generated from to FAMCancelMonitor() and
FAMMonitorDirectory() o
Broken pipe ¨ Gamin
started generating events on files it was not directed to monitor.
Notably, its own files. Question It was my understanding from reading the
documentation at http://www.gnome.org/~veillard/gamin/security.html
with regards to DOS attacks, that Gamin would detect high frequency events, and
fall back once-per-second event generation on such files. What is the
explanation for the Mark Mason Senior Software Engineer General Dynamics Advanced Information Systems 210-442-4347 |