[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] gmon.out a security issue?
- Subject: Re: [cobalt-security] gmon.out a security issue?
- From: Jeff Lasman <jblists@xxxxxxxxxxxxx>
- Date: Tue, 02 Apr 2002 13:23:01 -0800
- Organization: nobaloney.net
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Gerald Waugh wrote:
> A program can be compiled with profiling enabled. So it does not
> actually have to be compiled on the computer to generate gmon.out.
> I would expect taht some pkg file contained a binary with profiling enabled,
> on purpose or left on by mistake.
Based on what others had said I agree with you. I just find it curious
it was in two sites owned by the same person. Coincidence? Maybe.
> take a look at man gprof
I tried. Didn't understand much <frown>.
> http://www.gnu.org/manual/gprof-2.9.1/html_chapter/gprof_2.html#SEC2
Will do, thanks.
> You might have some files called
> a.out and gmon.sum also
and I'll look for those as well.
> I have used it in the past, but only during the debug phase of a binary. I
> suspect
> that someone left it on.
That sounds quite reasonable.
Jeff
--
Jeff Lasman <jblists@xxxxxxxxxxxxx>
Linux and Cobalt/Sun/RaQ Consulting
nobaloney.net
P. O. Box 52672, Riverside, CA 92517
voice: (909) 778-9980 * fax: (702) 548-9484