On 2019/10/04 08:32, Sebastien Marie wrote:
> On Fri, Oct 04, 2019 at 09:24:12AM +0500, dmitry.sensei wrote:
> > Bugged net utility from samba package/
> > ktrace is attached
>
> PLEASE DON'T SEND RAW KTRACE DATA ! (it would be the same for core file too).
>
> in case you don't figure, you send to everyone a trace of all syscalls with
> arguments and return of what the program did, including:
>
> - file description and content for any opened file (hello
> /var/samba/private/secrets.tdb and /etc/samba/smb.conf)
> - all network communication with the program (hello ldap, kerberos and smb
> services)
>
> It means that any secrets in readed file or sent/received on the network should
> be considered compromised.
>
> Just don't do that.
>
> Thanks.
> --
> Sebastien Marie
>
Plus, it's not really useful anyway. A backtrace would be the normal
starting point for a segfault. (In case "gdb" in base doesn't work,
pkg_add gdb and use "egdb" instead).
egdb `which net` net.core
bt full
No comments:
Post a Comment