#editorial | Logs for 2019-05-25
« return
[02:48:32] <Bytram> =g CVE-2019-0708
[02:48:34] <upstart> https://portal.msrc.microsoft.com - CVE-2019-0708
[03:06:40] <Bytram> http://feedproxy.google.com
[03:06:42] <upstart> ^ 03A big asteroid with its own moon is passing by. Here's how to spot it ( https://www.cnet.com )
[03:06:42] <exec> └─ 13A big asteroid with its own moon is passing by. Here's how to spot it - CNET
[03:13:24] <Bytram> ~time oakland, ca
[03:13:26] <exec> location not found - UTC timestamp: Saturday, 25 May 2019, 3:13 am
[03:13:37] <Bytram> ~time san francisco
[03:13:39] <exec> location not found - UTC timestamp: Saturday, 25 May 2019, 3:13 am
[03:13:52] <Bytram> ~time seattle
[03:13:54] <exec> location not found - UTC timestamp: Saturday, 25 May 2019, 3:13 am
[03:14:02] <Bytram> ~time miami
[03:14:04] <exec> location not found - UTC timestamp: Saturday, 25 May 2019, 3:14 am
[03:14:12] <Bytram> well!
[03:17:26] <Bytram> =submit Slated for 23:05 UTC. https://www.cnet.com
[03:17:28] <upstart> Submitting "A big asteroid with its own moon is passing by. Here's how to spot it"...
[03:17:28] <exec> └─ 13A big asteroid with its own moon is passing by. Here's how to spot it - CNET
[03:17:50] <upstart> ✓ Sub-ccess! "A Big Asteroid With its Own Moon is Passing By. Here's How to Spot It" -> https://soylentnews.org
[03:19:17] <Bytram> break time
[08:13:23] -!- janrinok [janrinok!~janrinok@Soylent/Staff/Editor/janrinok] has joined #editorial
[08:13:23] -!- mode/#editorial [+v janrinok] by Hephaestus
[09:32:43] -!- Sirfinkus has quit [Quit: Textual IRC Client: www.textualapp.com]
[11:42:05] <Bytram> http://feedproxy.google.com
[11:42:06] <upstart> ^ 03Georgia Supreme Court Rules that State Has No Obligation to Protect Personal Information ( https://www.securityweek.com )
[11:42:08] <exec> └─ 13Georgia Supreme Court Rules that State Has No Obligation to Protect Personal Information | SecurityWeek.Com
[11:46:41] <Bytram> =submit This seems so wrong on so many counts I am at a loss for [printable] words. https://www.securityweek.com
[11:46:43] <upstart> Submitting "Georgia Supreme Court Rules that State Has No Obligation to Protect Personal Information"...
[11:46:44] <exec> └─ 13Georgia Supreme Court Rules that State Has No Obligation to Protect Personal Information | SecurityWeek.Com
[11:47:05] <upstart> ✓ Sub-ccess! "Georgia Supreme Court Rules That State Has No Obligation to Protect Personal Information" -> https://soylentnews.org
[12:32:01] <Bytram> time to head to work; have a great day everyone!
[13:08:26] <janrinok> Bytram, I've paused your SIGILL story. I've tried it on 3 different distros and cannot get any of them to hang up as reported. Tried it on Ubuntu, Debian and Fedora. It might be a specific build problem, or we could be being trolled into another initd/systemd argument. I ran the script provided as is, and then inside another loop 25 times with a pause between each run, issuing 10 x SIGILL during each run.
[13:14:22] <janrinok> The website is run by dyne.org, which appears at first look to be a supporter of Devuan. There are only a few comments to the report and they appear to be light-hearted mocking. No-one else has reported being able to reproduce it.
[13:16:27] <janrinok> The bug report also states "But I share it here to provide another reason to use a Systemd-free distribution like Devuan. I also share it as an example of the robustness of the SysVInit init process!"
[13:23:19] <janrinok> I think we might be being trolled into another systemd/sysvInit argument based on a single occurrence of something that cannot be reproduced elsewhere.
[13:23:37] <janrinok> I'll leave it for you to decide whether to re-release it.
[15:16:02] <janrinok> I'm currently installing a virtualBox image of software as close to that specified in the submission. I will run the tests on it once it is installed.
[15:34:33] <chromas> Better systemd vs emacs than nazis vs commies though :)
[15:38:02] <chromas> I get:
[15:38:02] <chromas> Broadcast message from systemd-journald@foldy (Sat 2019-05-25 08:37:14 PDT):
[15:38:02] <chromas> systemd[1]: Caught <ILL>, dumped core as pid 18953.
[15:38:02] <chromas> Broadcast message from systemd-journald@foldy (Sat 2019-05-25 08:37:14 PDT):
[15:38:02] <chromas> systemd[1]: Freezing execution.
[15:40:52] <chromas> Seems to kill systemd (systemctl throws timeouts) but everything else still works
[15:42:04] <chromas> I'm no 242 though, and I'm sure I'm at least 138 releases behind
[16:42:00] <janrinok> I get the coredump also, which is what it is supposed to do, and then continues as normal.
[16:42:33] <janrinok> netinst is just coming to an end - and I had my dinner for an hour or so :)
[16:52:39] <janrinok> Up-to-date install of systemd running under Debian 9.9.0, the latest version of systemd is 232 repeat 232, 242 has not been released for Debian 9.9 as far as I can see.
[16:53:43] <janrinok> Run as normal user the script does nothing except trigger "Operation not permitted". This is exactly as expected. This is not a normal user problem.
[16:57:30] <janrinok> Run as root. The system continues to operate as expected, systemd keeps on going (or restarts itself). The problem does not reproduce on a new install.
[16:57:53] <janrinok> Running long loop (25 x 10 kill -ILL)
[16:59:58] <janrinok> Long loop run as root now finished - no problems seen. Computer is fully responsive, systemd is still running.. The problem does not reproduce.
[17:05:17] <chromas> My pid1's still going, but systemctl times out. Also sudo takes a while, not sure if it's trying to use dbus or something
[17:05:47] <chromas> butt still, having root already means it's not much of an exploit
[17:05:56] <chromas> or exploitable
[17:15:29] <chromas> Looks like it's an old issue, too https://github.com
[17:15:32] <exec> └─ 13PID 1 should not stop working on SIGILL/SIGABRT/etc unless the signal came from the kernel or PID 1 itself · Issue #7680 · systemd/systemd · GitHub
[17:15:37] <upstart> ^ 03PID 1 should not stop working on SIGILL/SIGABRT/etc unless the signal came from the kernel or PID 1 itself · Issue #7680 · systemd/systemd
[17:27:41] <janrinok> It was certainly around in 2014
[18:04:41] -!- Sirfinkus [Sirfinkus!~SirFinkus@u-32-30-676-744.hsd5.wa.comcast.net] has joined #editorial
[18:49:38] <janrinok> gtg - probably back on Sunday
[18:49:42] -!- janrinok has quit [Quit: Leaving]