good evening,
i stumbled over some funny issue when trying windirstat (like KDirStat) with wine.
after running that tool for a while my system rebooted. i could reproduce this with every run.
after some deep investigation (i thought i had stability issues with my system and spent more than an hour on this) i found out, that the reboot is being triggered by iTCO_wdt ( /dev/watchdog )
this is how to reproduce:
- be root
- cat /dev/watchdog or dd if=/dev/watchdog of=/dev/zero bs=1 count=1 or .....
- wait one minute........
*reboot*!
i have heard 2 opinions for now (contacted the author and also discussed on wine-devel ) that this should be expected behaviour.
being sysadmin quite a while, i cannot believe that (accidentally) reading a device file (being root or not - what does that matter) triggers a system reboot.
ok - when i`m root , i shouldn`t do stupid things and be careful, but i thought reading/crawling trough a filesystem (r/o, btw.) with some tool which is built to do exactly this wasn`t so stupid - even from within wine.
think of an admin writing a quick&dirty script for intrusion detection (find / -exec md5sum {} \; >/tmp/need-no-tripwire) and forgetting to exclude /dev, /sys or /proc appropriately......
think of someone exporting "/" via samba (readonly) and then navigating trough the /dev directory....
stupid?
i don`t think so.....i have seen worse things...... :)
should someone get punished by an accidental system reboot and should he need to spend his time on this to investigate why this happens?
i`d wish there would be some fence around this or iTCO_wdt /dev/watchdog not being active after a default desktop installation.
i`d be interested if i`m the only one who thinks this is strange/dangerous behaviour.
regards
roland
_____________________________________________________________________
Der WEB.DE SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen!
http://smartsurfer.web.de/?mc=100071&distributionid=000000000066
[email protected] wrote:
> good evening,
>
> i stumbled over some funny issue when trying windirstat (like KDirStat) with wine.
>
> after running that tool for a while my system rebooted. i could reproduce this with every run.
>
> after some deep investigation (i thought i had stability issues with my system and spent more than an hour on this) i found out, that the reboot is being triggered by iTCO_wdt ( /dev/watchdog )
>
> this is how to reproduce:
>
> - be root
> - cat /dev/watchdog or dd if=/dev/watchdog of=/dev/zero bs=1 count=1 or .....
> - wait one minute........
>
> *reboot*!
>
> i have heard 2 opinions for now (contacted the author and also discussed on wine-devel ) that this should be expected behaviour.
Yes, it is. It's a watchdog device, it's meant to reboot the machine if
whatever task is poking the watchdog dies.
> being sysadmin quite a while, i cannot believe that (accidentally) reading a device file (being root or not - what does that matter) triggers a system reboot.
>
> ok - when i`m root , i shouldn`t do stupid things and be careful, but i thought reading/crawling trough a filesystem (r/o, btw.) with some tool which is built to do exactly this wasn`t so stupid - even from within wine.
I would say that running a Windows tool that opens up and reads random
files, on the /dev directory tree, as root, probably does qualify as
"stupid". I'd say running pretty much anything through Wine as root is
not a good idea, a Windows app could hose the system without even
meaning to through exactly such things.
>
> think of an admin writing a quick&dirty script for intrusion detection (find / -exec md5sum {} \; >/tmp/need-no-tripwire) and forgetting to exclude /dev, /sys or /proc appropriately......
> think of someone exporting "/" via samba (readonly) and then navigating trough the /dev directory....
>
> stupid?
> i don`t think so.....i have seen worse things...... :)
>
> should someone get punished by an accidental system reboot and should he need to spend his time on this to investigate why this happens?
>
> i`d wish there would be some fence around this or iTCO_wdt /dev/watchdog not being active after a default desktop installation.
There is.. it's called "root privileges".
>
> i`d be interested if i`m the only one who thinks this is strange/dangerous behaviour.
>
> regards
> roland
--
Robert Hancock Saskatoon, SK, Canada
To email, remove "nospam" from [email protected]
Home Page: http://www.roberthancock.com/
On Wed, Nov 21, 2007 at 12:06:57AM +0100, [email protected] wrote:
> - be root
That's your first mistake.
> - cat /dev/watchdog or dd if=/dev/watchdog of=/dev/zero bs=1 count=1 or .....
> - wait one minute........
>
> *reboot*!
And that's the defined behavior of /dev/watchdog, yes. Many years too
late to change it.
> i have heard 2 opinions for now (contacted the author and also discussed on wine-devel ) that this should be expected behaviour.
>
> being sysadmin quite a while, i cannot believe that (accidentally) reading a device file (being root or not - what does that matter) triggers a system reboot.
If /dev/watchdog can be opened by non-root, that's an installation
error.
--
Mathematics is the supreme nostalgia of our time.
>There is.. it's called "root privileges".
yes, true.
but - regardless of being a windows app or not - what if you want to take a look on your system as a whole, especially when using some tool which graphically shows how and where your diskspace is being used? if i let this run from ordinary useraccount it would get lot`s of "permission denied" and then it`s only telling half of the truth.....
>I'd say running pretty much anything through Wine as root is
> not a good idea, a Windows app could hose the system without even
> meaning to through exactly such things.
yes, true indeed. but maybe wine has an option to sandbox the windows app to do only r/o access. if that feature doesn`t exist, (set r/o flag to dosdevices) maybe it would be an useful addon.
but that`s OT here....
> -----Urspr?ngliche Nachricht-----
> Von: "Robert Hancock" <[email protected]>
> Gesendet: 21.11.07 00:35:23
> An: [email protected]
> CC: [email protected]
> Betreff: Re: System reboot triggered by just reading a device file....!?
>
> [email protected] wrote:
> > good evening,
> >
> > i stumbled over some funny issue when trying windirstat (like KDirStat) with wine.
> >
> > after running that tool for a while my system rebooted. i could reproduce this with every run.
> >
> > after some deep investigation (i thought i had stability issues with my system and spent more than an hour on this) i found out, that the reboot is being triggered by iTCO_wdt ( /dev/watchdog )
> >
> > this is how to reproduce:
> >
> > - be root
> > - cat /dev/watchdog or dd if=/dev/watchdog of=/dev/zero bs=1 count=1 or .....
> > - wait one minute........
> >
> > *reboot*!
> >
> > i have heard 2 opinions for now (contacted the author and also discussed on wine-devel ) that this should be expected behaviour.
>
> Yes, it is. It's a watchdog device, it's meant to reboot the machine if
> whatever task is poking the watchdog dies.
>
> > being sysadmin quite a while, i cannot believe that (accidentally) reading a device file (being root or not - what does that matter) triggers a system reboot.
> >
> > ok - when i`m root , i shouldn`t do stupid things and be careful, but i thought reading/crawling trough a filesystem (r/o, btw.) with some tool which is built to do exactly this wasn`t so stupid - even from within wine.
>
> I would say that running a Windows tool that opens up and reads random
> files, on the /dev directory tree, as root, probably does qualify as
> "stupid". I'd say running pretty much anything through Wine as root is
> not a good idea, a Windows app could hose the system without even
> meaning to through exactly such things.
>
> >
> > think of an admin writing a quick&dirty script for intrusion detection (find / -exec md5sum {} \; >/tmp/need-no-tripwire) and forgetting to exclude /dev, /sys or /proc appropriately......
> > think of someone exporting "/" via samba (readonly) and then navigating trough the /dev directory....
> >
> > stupid?
> > i don`t think so.....i have seen worse things...... :)
> >
> > should someone get punished by an accidental system reboot and should he need to spend his time on this to investigate why this happens?
> >
> > i`d wish there would be some fence around this or iTCO_wdt /dev/watchdog not being active after a default desktop installation.
>
> There is.. it's called "root privileges".
>
> >
> > i`d be interested if i`m the only one who thinks this is strange/dangerous behaviour.
> >
> > regards
> > roland
>
>
> --
> Robert Hancock Saskatoon, SK, Canada
> To email, remove "nospam" from [email protected]
> Home Page: http://www.roberthancock.com/
>
>
__________________________________________________________________________
Erweitern Sie FreeMail zu einem noch leistungsst?rkeren E-Mail-Postfach!
Mehr Infos unter http://produkte.web.de/club/?mc=021131
On Wed, November 21, 2007 00:01, [email protected] wrote:
>>There is.. it's called "root privileges".
> yes, true.
>
> but - regardless of being a windows app or not - what if you want to take a look on your system as a whole,
> especially when using some tool which graphically shows how and where your diskspace is being used? if i
> let this run from ordinary useraccount it would get lot`s of "permission denied" and then it`s only telling
> half of the truth.....
Such a tool shouldn't need to open any files, whether they're device files or not. Do you expect it to open
/dev/zero etc. too and read from an infinitely sized "file"?
>> > i`d wish there would be some fence around this or iTCO_wdt /dev/watchdog not being active after a
>> default desktop installation.
Delete it?
--
Simon Arlott
since i have gotten more or less similar answers from here, i have talked to some more people privately.
the result is interesting:
if the person i talked to was some sysadmin or related to that (i.e. some person running servers), his opinion was very similar to mine.
if the person was a developer, he didn`t really understand why i have a problem with that. "be careful if you are root" was what i got.
one of the admins gave a good statement, which i liked very much and want to share:
"even if you are root: it`s unix philosophy, that reading is harmless!"
i never thought about that, but i think that`s exactly the point and that`s why i`m feeling uncomfortable with that.
anyway - it cost me some time to find a bug which was none and the only mistake i did was using a tool for which i was sure did nothing more than reading. so why should i care that i was root ?
need to change my own philosophy now, because i learned that reading isn`t harmless. ;)
regards
roland
> -----Urspr?ngliche Nachricht-----
> Von: "Simon Arlott" <[email protected]>
> Gesendet: 21.11.07 13:30:05
> An: [email protected]
> CC: "Robert Hancock" <[email protected]>, [email protected]
> Betreff: Re: System reboot triggered by just reading a device file....!?
>
> On Wed, November 21, 2007 00:01, [email protected] wrote:
> >>There is.. it's called "root privileges".
> > yes, true.
> >
> > but - regardless of being a windows app or not - what if you want to take a look on your system as a whole,
> > especially when using some tool which graphically shows how and where your diskspace is being used? if i
> > let this run from ordinary useraccount it would get lot`s of "permission denied" and then it`s only telling
> > half of the truth.....
>
> Such a tool shouldn't need to open any files, whether they're device files or not. Do you expect it to open
> /dev/zero etc. too and read from an infinitely sized "file"?
>
> >> > i`d wish there would be some fence around this or iTCO_wdt /dev/watchdog not being active after a
> >> default desktop installation.
>
> Delete it?
>
> --
> Simon Arlott
>
______________________________________________________________________________
Jetzt neu! Im riesigen WEB.DE Club SmartDrive Dateien freigeben und mit
Freunden teilen! http://www.freemail.web.de/club/smartdrive_ttc.htm/?mc=021134
[email protected] schrieb:
> [was: reading /dev/watchdog triggers reboot as intended]
> need to change my own philosophy now, because i learned that reading isn`t harmless. ;)
If you want to protect you from your curiosity (or from reading anything),
you could just disable the watchdog in the kernel.
See: Device Drivers -> Character devices -> Watchdog Timer Support -> ...
Regards,
--
Clemens Koller
__________________________________
R&D Imaging Devices
Anagramm GmbH
Rupert-Mayer-Stra?e 45/1
Linhof Werksgel?nde
D-81379 M?nchen
Tel.089-741518-50
Fax 089-741518-19
http://www.anagramm-technology.com
Hi Clemens,
thanks, but i know i could do this.
this thread is not meant to protect myself from this curiousity but it is meant to protect others.
it`s a trap.
i stepped into that.
now i know that trap, so i can easily sidestep.
but most people using linux don`t know about the watchdog, so i don`t think they will know about this trap.
you can`t make that become common knowledge.
and we can`t expect that they will find out _what`s_ the trap at all, if they step into.
having this behaviour documented is like putting a sign "don`t step into this" at the back of the trap
so why shouldn`t we help them avoiding it ?
it maybe very seldom that someone steps into this.
but it may happen and then someone will have trouble and spend time on this.
i think every admin can tell you about weird random reboots of his systems which he cannot explain what was the reason for it.
this maybe some of those reasons and this one could be avoided.
i`m thinking of something simple like echo "now you`re armed" > /dev/watchdog
regards
roland
> -----Urspr?ngliche Nachricht-----
> Von: "Clemens Koller" <[email protected]>
> Gesendet: 22.11.07 21:43:15
> An: [email protected]
> CC: Simon Arlott <[email protected]>, Robert Hancock <[email protected]>, [email protected]
> Betreff: Re: System reboot triggered by just reading a device file....!?
>
> [email protected] schrieb:
>
> > [was: reading /dev/watchdog triggers reboot as intended]
> > need to change my own philosophy now, because i learned that reading isn`t harmless. ;)
>
> If you want to protect you from your curiosity (or from reading anything),
> you could just disable the watchdog in the kernel.
> See: Device Drivers -> Character devices -> Watchdog Timer Support -> ...
>
> Regards,
> --
> Clemens Koller
> __________________________________
> R&D Imaging Devices
> Anagramm GmbH
> Rupert-Mayer-Stra?e 45/1
> Linhof Werksgel?nde
> D-81379 M?nchen
> Tel.089-741518-50
> Fax 089-741518-19
> http://www.anagramm-technology.com
>
______________________________________________________________________________
Jetzt neu! Im riesigen WEB.DE Club SmartDrive Dateien freigeben und mit
Freunden teilen! http://www.freemail.web.de/club/smartdrive_ttc.htm/?mc=021134
Hi, Roland!
Please don't top-post.
[email protected] schrieb:
> > [was: it would be easy to disable the kernel watchdog]
> thanks, but i know i could do this.
Good. I was also curious and just checked again. The watchdog subsystem
is by default _disabled_ in the kernel configuration. If you use some
distro's kernel, where they turned it on, complain to them!
If you turned it on yourself, you are really on your own...
the Kconfig help there is IMO sufficient and very clear and,
"If unsure, say N". Hmm... sorry?!
> this thread is not meant to protect myself from this curiousity but it is meant
> to protect others. it`s a trap.
I guess I understand your position. But I don't see no way to improve
the kernel in that point.
Complain to the guys who enabled the watchdog / setup this trap for
any reason.
> i stepped into that.
> now i know that trap, so i can easily sidestep.
> it maybe very seldom that someone steps into this.
> but it may happen and then someone will have trouble and spend time on this.
> i think every admin can tell you about weird random reboots of his systems
> which he cannot explain what was the reason for it.
That's one possible way of "learning by doing suicide (tm);"
> this maybe some of those reasons and this one could be avoided.
> i`m thinking of something simple like echo "now you`re armed" > /dev/watchdog
Read some details about watchdogs to get more background and why the
watchdog is triggered so easily and why it's good this way.
i.e: http://www.ganssle.com/watchdogs.pdf
Regards,
--
Clemens Koller
__________________________________
R&D Imaging Devices
Anagramm GmbH
Rupert-Mayer-Stra?e 45/1
Linhof Werksgel?nde
D-81379 M?nchen
Tel.089-741518-50
Fax 089-741518-19
http://www.anagramm-technology.com
Hi Clemens,
>
> Hi, Roland!
>
> Please don't top-post.
sorry!
> > > [was: it would be easy to disable the kernel watchdog]
> > thanks, but i know i could do this.
>
> Good. I was also curious and just checked again. The watchdog subsystem
> is by default _disabled_ in the kernel configuration. If you use some
> distro's kernel, where they turned it on, complain to them!
> If you turned it on yourself, you are really on your own...
> the Kconfig help there is IMO sufficient and very clear and,
> "If unsure, say N". Hmm... sorry?!
whoops - sorry for that. i should have checked that, but i think i just didn`t expect some distro vendor to change that default.
sure i will complain to suse now. stopping getting on your nerves here, now.
> > this thread is not meant to protect myself from this curiousity but it is meant
> > to protect others. it`s a trap.
>
> I guess I understand your position. But I don't see no way to improve
> the kernel in that point.
> Complain to the guys who enabled the watchdog / setup this trap for
> any reason.
sure. you`re completely right.
> > i stepped into that.
> > now i know that trap, so i can easily sidestep.
> > it maybe very seldom that someone steps into this.
> > but it may happen and then someone will have trouble and spend time on this.
> > i think every admin can tell you about weird random reboots of his systems
> > which he cannot explain what was the reason for it.
>
> That's one possible way of "learning by doing suicide (tm);"
:)
> > this maybe some of those reasons and this one could be avoided.
> > i`m thinking of something simple like echo "now you`re armed" > /dev/watchdog
>
> Read some details about watchdogs to get more background and why the
> watchdog is triggered so easily and why it's good this way.
> i.e: http://www.ganssle.com/watchdogs.pdf
thanks for your help and for that very useful link. that`s the very best stuff i every read about watchdogs!
regards
Roland
__________________________________________________________________________
Erweitern Sie FreeMail zu einem noch leistungsst?rkeren E-Mail-Postfach!
Mehr Infos unter http://produkte.web.de/club/?mc=021131