[2094] in bugtraq
Re: Goings on with Web clients
daemon@ATHENA.MIT.EDU (Zygo Blaxell)
Thu Aug 10 11:20:04 1995
Date: Wed, 9 Aug 1995 23:21:57 -0400
Reply-To: Bugtraq List <BUGTRAQ@CRIMELAB.COM>
From: Zygo Blaxell <zblaxell@miranda.uwaterloo.ca>
X-To: BUGTRAQ@CRIMELAB.COM
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@CRIMELAB.COM>
In-Reply-To: <m0seRmu-00013hC@iiit.swan.ac.uk> from "System Administrator" at
Aug 4, 95 07:48:04 pm
Quoted from System Administrator:
> The following handy little piece shows a minor problem with netscape and
> most other browsers.. they aren't cautious about special files -eg
>
> <A href="file:/dev/mouse">Click here to break your mouse</A>
All the more reason to make sure that it's mode 600, owner root, and
'rm -f' svgalib and friends (for non-Linux types, svgalib is a graphics
library that requires extended access privileges to directly manipulate
video hardware on PCs. Advantages are avoidance of X overhead and
the speed & freedom of direct frame-buffer access. Common svgalib-
based programs also need access to remap the keyboard, take control of
virtual console switching away from the in-kernel VT220 emulator,
and lots of other features I remove from my kernel source code before
compiling it).
> and of course /dev/zero ... fortunately it seems on most systems netscape
> core dumps or is using mmap and thus maps forever(almost) then I would
> presume if you had the patience 8) dumps neatly.
/proc/kcore, kmesg and others are fun things to load into your browser
as well, not to mention your own stdin...
--
Zygo Blaxell, former sysadmin and current software/hardware guru for the
University of Waterloo Computer Science Club; current sysadmin for miranda.
uwaterloo.ca and ezmail.com. 10th place team, ACM Intl Finals Programming
Contest 1994. Will administer Unix (esp. Linux, maybe Solaris) for food.
