[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] gmon.out a security issue?
- Subject: Re: [cobalt-security] gmon.out a security issue?
- From: "Gerald Waugh" <gwaugh@xxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 2 Apr 2002 09:29:57 -0500
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
http://www.gnu.org/manual/gprof-2.9.1/html_chapter/gprof_2.html#SEC2
>
> Of course I want to agree with you. But why would it be two sites owned
> by the same owner, and nowhere else? I didn't install anything in their
> site, and neither did the machine owner, and they sure shouldn't have
> been able to install anything in C from source.
>
A program can be compiled with profiling enabled. So it does not
actually have to be compiled on the computer to generate gmon.out.
I would expect taht some pkg file contained a binary with profiling enabled,
on purpose or left on by mistake.
take a look at man gprof
and
http://www.gnu.org/manual/gprof-2.9.1/html_chapter/gprof_2.html#SEC2
You might have some files called
a.out and gmon.sum also
I have used it in the past, but only during the debug phase of a binary. I
suspect
that someone left it on.