[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: general protection: 4f00



For more details squid not run as root
#>ps -uax | grep squid
but squid use a lot of memory
and 3 days before crash i found the following in /var/log/messages.
I hope it will help in our investigation.

Aug 16 16:35:57 proxy squid[296]: WARNING: Exceeded 'cache_mem' size (16392K >
16384K)
Aug 16 16:35:57 proxy squid[296]: Perhaps you should increase cache_mem?
Aug 16 16:35:57 proxy squid[296]: storeGetMemSpace stats:
Aug 16 16:35:57 proxy squid[296]:        1 objects locked in memory
Aug 16 16:35:57 proxy squid[296]:        0 LRU candidates
Aug 16 16:35:57 proxy squid[296]:        0 were purged
Aug 16 16:35:57 proxy squid[296]:        0 were released

nobody     938  1.6 31.7 41424 40680  ?  S   10:43   7:56 squid -sY
Evgeny Stambulchik wrote:

> Shlomi Fish <shlomif@vipe.technion.ac.il> wrote:
> >  On Thu, 20 Aug 1998, Evgeny Stambulchik wrote:
> >
> >  > Shlomi Fish <shlomif@vipe.technion.ac.il> wrote:
> >  >
> >  > >  On Thu, 20 Aug 1998, Constantin Eizner wrote:
> >  > >
> >  > >  > >From time ti time I get the following message and computer stop
> >  > >  > responding.
> >  > >
> >  > >  This is one of two things:
> >  > >  1. a buffer overflow or something like that in squid, that had a deadly
> >  > >  effect.
> >  >
> >  > Are we talking about Windows or a real OS?! How can a buggy program make a
> >  > bug-free kernel (running on a stable hardware) crash?!
> >  >
> >
> >  If the program is ran as root it can crash the system in a thousand
> >  different ways. (e.g: "rm -fr /").
>
> Well, of course; there is no protection against a man with a hammer as well. But
> you wrote "a buffer overflow or something like that in squid"; I don't think you
> really believe that the binary of the squid was trojan in this case.
>
> >  Besides, every OS can have fatal buffer
> >  overflows, including Linux. At least on an i386.
>
> Which should be treated as a bug in the OS.
>
> >  Maybe VMS or MVS or other real-time or mainframe OSes do something to
> >  ensure this thing cannot happen. I'm not sure that Pentium processors
> >  offer enough functionality to prevent this, or that Linux is designed with
> >  this in mind.
> >
> >  And then again: who said the Linux kernel (or the i386 hardware for that
> >  matter) is bug-free.
>
> Nobody did. Neither did I intend to state this. All what I wanted to say was: if
> an application makes an OS crash, than there is a bug in the OS (which doesn't
> mean the application is bug-free).
>
> Regards,
>
> Evgeny
>
> --
>    ____________________________________________________________
>   / Evgeny Stambulchik  <fnevgeny@plasma-gate.weizmann.ac.il>  \
>  /  Plasma Laboratory, Weizmann Institute of Science, Israel \  \
>  |  Phone : (972)8-934-3610  == | == FAX   : (972)8-934-3491 |  |
>  |  URL   :    http://plasma-gate.weizmann.ac.il/~fnevgeny/  |  |
>  |  Finger for PGP key >=====================================+  |
>  |______________________________________________________________|



--
------------------------------------------------------------------------------
Computer Center of Haifa University Mount Carmel, Haifa 31905, Israel
------------------------------------------------------------------------------
Constantin Eizner                      |    Tel. 972-4-8249299
Network Engineer                       |    Fax. 972-8249177
Unix System Administrator              |    E-mail eizner@research.haifa.ac.il
______________________________________________________________________________
There was a time when religion ruled the world. It is known as the Dark Ages.