edoli who, kai users

m65 at vivodinet.gr m65 at vivodinet.gr
Thu Mar 9 22:42:16 EET 2006


Giorgos Keramidas wrote:
> On 2006-03-09 21:45, "m65 at vivodinet.gr" <m65 at vivodinet.gr> wrote:
> 
>>To provlima einai oti amfivalo gia tin asfaleia tou fedora pou exo kai
>>si apla den voithas....
> 
> 
> Ki egw apla amfiballw oti ksereis ti einai asfaleia.  Alla den exeis pei
> kati pou na deixnei oti kanw lathos ws twra, opote ti shmasia exei?
> 
Loipon...epidi den xero ti simeni asfaleia, eheis dikio, giati spoudasa 
oikonomika, kai epidi parolafta matheno kai gia afta ta 
themata...asfaleias, alla kai gia alla polla, sou paratheto to IRC 
dialogo pou eixa, kati pou poli tha katalaveis poso dramatika, ma poli 
dramatika eitan axristes oles oi paremvaseis sou...kai to mono pou 
itheles na apodixis itan oti apla den exeis na kaneis kati sovaro...

To proto, einai ligo aplo alla dixni oti kai o anthropos pou trexei 
gentoo paraxeneftike, pistevo...o defteros dialogos exei to zoumi pou se 
vgazi apo tin aporia....Read and...silence...


* Du sprichst jetzt in #KDE
m6s hello people
Opio 'sup
m6s can anyone explain me something about kded?
Opio if anyone besides me is awake and we know .....
Opio  then yes.
m6s I noticed after months of running kde, that I had 2 logons
m6s what I mean...
m6s 1. boot pc, 2.enter X 3. start a terminal from kde
m6s i run who or users command
m6s and I see three (!!!) logins!!!!
m6s one for X
m6s one as pts/0
m6s one as pts/1 which IS the current terminal
Opio That is probably odd ..... uptime here is 22 days
m6s the problem is that with ps, there IS NOWHERE the pts/0 process
Opio (been logged into KDE 99% of that time ) .....
Opio Only have one user on who or users ....
m6s BUT
m6s when I run lsof, I saw that kded
m6s had a m6s user account opened for pts/0
Opio Not sure why you're seeing that; can only tell you that I'm only 
seeing one user here.
m6s so ... what's going on? what's the login for my X even if I hadn't 
kde? and what happenes with kded? SHouldn't I have only 2 logins? One 
the X and the terminal from the kde afterwards?
m6s [m6s at localhost ~]$ who
m6s m6s      :0           Mar  9 19:04
m6s m6s      pts/0        Mar  9 19:04
m6s m6s      pts/1        Mar  9 19:21
Opio I claim (based on looking at who and user on my system) that you 
should only have one login.
m6s the first two ones, are in the same time opened!
Opio gvaughan at morpheus ~ $ who
Opio gvaughan tty1         Feb 16 14:08
m6s do you run KDE?
Opio What kernel are you running ?
Opio Yeah, running it right now .....
m6s 2.6.14
Opio Yeah, running 2.6.15 here ......
Opio How do you start X?  With a daemon, or startx?
the process of fedora core 3
Opio running gentoo here ....
m6s running gentoo ha?
m6s lucky one :-)

KAI TO DEFTERO:


* Du sprichst jetzt in #fedora
* Das Thema für #fedora ist: Welcome to #fedora - The friendly Fedora 24 
Hour help desk. Enjoy ur stay! :)
* Das Thema für #fedora wurde gesetzt durch passwd-!passwd at gawd.biz um 
Sat Feb 25 11:43:41 2006
m6s anyone?
znx m6s: whats the matter?
* exploit_ hat die Verbindung getrennt (Remote host closed the connection)
m6s 1.booting my fedora
m6s 2.enter in the kde
m6s 3.open a terminal
m6s 4.run who, or run users
znx ok
m6s what do you see?
znx i see 5 me's
m6s hmmm
m6s well close the 5 yous
znx er ?
m6s simple
m6s when I get in
m6s and I have nothing more open than the terminal inside my kde
m6s I see, 3 users
znx ok.. thats fine
m6s loged in with the who or users command
m6s ?!?!?!?!??!fine?!??!?!?!?
znx sure..
znx type: w
znx what does the WHAT say?
m6s kded
m6s kdeinit
znx there you go
znx kded = 1 .. kdeinit = 2 .. term = 3
m6s it says, :0 startkde
m6s pts/0 kded[kdeinit]
m6s pts/1 w
znx :0 = x
znx type: w
znx what does the WHAT say?
m6s kded
m6s kdeinit
znx there you go
znx kded = 1 .. kdeinit = 2 .. term = 3
m6s it says, :0 startkde
m6s pts/0 kded[kdeinit]
m6s pts/1 w
znx :0 = x
znx so its .. kded = 1  .. startkde = 2  term = 3   then
m6s yes I see that....
m6s but...
m6s since when kded opens an account
m6s is this normal, in the blueprints of kde?
znx it obviously needs a login shell to run
m6s "obviously", or "honestly"
m6s :-)
m6s ?
znx er.. what?
m6s well
m6s opio in the #kde
m6s run the 'w'
m6s command
m6s and sees only one user
m6s for startkde
m6s he has gentoo
znx sure
znx im still not seeing the complaint..
m6s again sure?
znx you are not wanting kded to run a login shell?
m6s I never asked to run this kde shell
m6s well I asked one terminal, when I clicked it
* exploit_ (rage at cyberpunks.gr) hat #fedora betreten
* diekthx gibt Op-Status an exploit_
m6s this terminal of kded came right from the boot up process
m6s USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT
m6s m6s      :0       -                19:04   ?xdm?   5:40   0.02s 
/bin/sh /usr/bin/startkde
m6s m6s      pts/0    -                19:04    2:58m  0.00s  3.04s kded 
[kdeinit]
m6s m6s      pts/1    -                19:21    0.00s  0.07s  0.00s w
m6s 19:04
znx does opio use xdm?
m6s he just run startx
* exploit_ hat die Verbindung getrennt (Remote host closed the connection)
znx so it could be something in xdm that does it?
m6s perhaps
m6s is it normal now that? 19:04 during the process of boot, two created 
users, one from kded just like that
znx could be running it as its the default login for xdm session?
m6s is n't the user xdm ? as in the first line of the who command mentioned?
m6s I got confused now a little, it's not normal that I have two users 
m6s, 19:04 created, one from kded without asking that on this exactly 
time, right??? The third it is only the terminal I asked to run.
znx sure its normal..
znx why isnt it normal?
znx all it means is that kded has been started in a login shell
* exploit_ (rage at cyberpunks.gr) hat #fedora betreten
* diekthx gibt Op-Status an exploit_
znx fact is i see you just creating an issue for nothing..
znx who cares if it runs in a login shell or not?
znx it doesnt alter anything ..
* exploit_ hat die Verbindung getrennt (Remote host closed the connection)
m6s well
znx well nothing.. you need kded to be running..
m6s it is a matter since I know that anything runs in linux as services 
only in their own environment
m6s xdm, users, root, cdr
znx yes?
m6s etc etc etc
m6s so after a huge pile of logs from some IPs which they try to make a 
brutal access
m6s I checked once this little command and gave me 3 users instead of 
really 2, which I expected and I don;'t know why
m6s at least not since now
znx if you think that they have exploited you by replacing kded .. think 
again
znx if you are going to replace a daemon.. then you would replace 
something like cron.. or append something to xinetd
znx something where it can control time
m6s if someone could do some hacking I don't know if they could compile 
the kded itself, they could use javascript of kde which is everywhere
znx and what if you arent logged in?
m6s or in parts of kded that are responcible for something ( i do not 
know off course about kded, if i was, I would be programming it, right? ;-)
znx no kde is a terrible choice in attack vector
znx also what if you run gnome.. not kde
m6s I didn;t see that with gnome
* znx sighs
* exploit_ (rage at cyberpunks.gr) hat #fedora betreten
* decrypt gibt Op-Status an exploit_
znx m6s: you arent exploited
znx kded is just running in a login shell.. thats all
znx look into the startkde script.. see what it says when it starts kdeinit
znx i guess it will say what it is doing there..
m6s thanx for the tip!!!
m6s why did you say it is terrible to hack kde?
m6s kded especially?
znx its way to system dependant
znx you would need to expect kde to be installed
m6s as a user kde seems to me as an octapode
znx whereas you KNOW a system will have the likes of cron
* exploit_ hat die Verbindung getrennt (Remote host closed the connection)



More information about the Linux-greek-users mailing list