[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] gmon.out a security issue?

Subject: Re: [cobalt-security] gmon.out a security issue?
From: "Gerald Waugh" <gwaugh@xxxxxxxxxxxxxxxxxxxxxxx>
Date: Tue, 2 Apr 2002 09:29:57 -0500
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

http://www.gnu.org/manual/gprof-2.9.1/html_chapter/gprof_2.html#SEC2
>
> Of course I want to agree with you.  But why would it be two sites owned
> by the same owner, and nowhere else?  I didn't install anything in their
> site, and neither did the machine owner, and they sure shouldn't have
> been able to install anything in C from source.
>
A program can be compiled with profiling enabled. So it does not
actually have to be compiled on the computer to generate gmon.out.
I would expect taht some pkg file contained a binary with profiling enabled,
on purpose or left on by mistake.

take a look at man gprof
and
http://www.gnu.org/manual/gprof-2.9.1/html_chapter/gprof_2.html#SEC2

You might have some files called
a.out and gmon.sum also

I have used it in the past, but only during the debug phase of a binary. I
suspect
that someone left it on.

Follow-Ups:
- Re: [cobalt-security] gmon.out a security issue?
  - From: Jeff Lasman

References:
- [cobalt-security] gmon.out a security issue?
  - From: Jeff Lasman
- Re: [cobalt-security] gmon.out a security issue?
  - From: Gerald Waugh
- Re: [cobalt-security] gmon.out a security issue?
  - From: Jeff Lasman

Prev by Date: [cobalt-security] Blocking Emails
Next by Date: Re: [cobalt-security] Blocking mail from ip/domain name etc.
Previous by thread: Re: [cobalt-security] gmon.out a security issue?
Next by thread: Re: [cobalt-security] gmon.out a security issue?

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index