Which is why I took the extra step to chattr +i the whole filesystem (less log directories), remove any unused libs, bins, and install grsec patch.
I guess it doesn't really matter what I do. The server is secure if it segfaults on launch! --- On Wed, 8/26/09, Ferenc Kovacs <i...@tyrael.hu> wrote: > From: Ferenc Kovacs <i...@tyrael.hu> > Subject: Re: [hlds_linux] Counter-Strike: Source Update Available > To: "Half-Life dedicated Linux server mailing list" > <hlds_linux@list.valvesoftware.com> > Date: Wednesday, August 26, 2009, 4:02 AM > http://kerneltrap.org/Linux/Abusing_chroot > > Tyrael > > On Wed, Aug 26, 2009 at 8:19 AM, Tom Sensel<tsenseles...@yahoo.com> > wrote: > > > > I'm having segfaults as well on Cent 5.3 and RHEL 5. > > > > First you guys leave exploits in the servers that you > were already warned about. 80,000 some odd servers > vulnerable to remote overflows that would give shell/command > access. It took someone releasing the exploits to the public > to get you to fix them. Took you 3 days to fix them. Then > ontop of this, you don't even test the binaries before > shipping them out? Top notch work, well done. Did you guys > outsource to india? what the hell is the deal? > > > > I've started running all my hlds servers in chroots > after this. But I feel really bad for those windows guys > that don't have anyway to setup a chroot environment. > > > > Console initialized. > > ./srcds_run: line 344: 21518 Segmentation fault > $HL_CMD > > Add "-debug" to the ./srcds_run command line to > generate a debug.log to help with solving this problem > > Wed Aug 26 20:14:25 PHT 2009: Server restart in 10 > seconds > > > > ./srcds_run -game cstrike -ip 125.5.114.147 -port > 27015 -tickrate 100 +map de_dust2 +maxplayers 64 -debug > > Auto detecting CPU > > Using SSE2 Optimised binary. > > Enabling debug mode > > Server will auto-restart if there is a crash. > > > > Console initialized. > > ./srcds_run: line 344: 21600 Segmentation fault > (core dumped) $HL_CMD > > cat: hlds.21586.pid: No such file or directory > > email debug.log to li...@valvesoftware.com > > Wed Aug 26 20:19:19 PHT 2009: Server restart in 10 > seconds > > Wed Aug 26 20:19:22 PHT 2009: Server Quit > > > > cat debug.log > > CRASH: Wed Aug 26 20:19:19 PHT 2009 > > Start Line: ./srcds_i686 -game cstrike -ip > 125.5.114.147 -port 27015 -tickrate 100 +map de_dust2 > +maxplayers 64 -debug > > End of Source crash report > > > > gdb --core=core.21600 > > (no debugging symbols found) > > Core was generated by `./srcds_i686 -game cstrike -ip > 125.5.114.147 -port 27015 -tickrate 100 +map de_'. > > Program terminated with signal 11, Segmentation > fault. > > [New process 21600] > > #0 0x00000000 in ?? () > > > > > > > > > > > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view > the list archives, please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the > list archives, please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
