| View previous topic :: View next topic |
| Author |
Message |
thomasjb
Apprentice
Joined: 26 May 2002
Posts: 176
Location: Beijing
|
 Posted: Wed Jul 10, 2002 8:07 am Post subject: t1lib - xpdf - acroread |
 |
|
i just performed an "emerge -u world" and everything seems to have gone fine. one isue puzzled me though, when doing an "emerge -u acroread" t1lib and xpdf were going to get emerged as well. i checked and i definately do not have either of the two on my system. did they become dependencies of acroread? they sure weren't when i originally emerged acroread.
would somebody be able to shed some light on this? thanks!
regards,
thomas. |
|
| Back to top |
|
 |
kybber
Apprentice
Joined: 25 Jun 2002
Posts: 228
Location: Trondheim, Norway
|
|
| Back to top |
|
|
thomasjb
Apprentice
Joined: 26 May 2002
Posts: 176
Location: Beijing
|
| Posted: Thu Jul 11, 2002 1:34 am Post subject: |
|
|
thanks a lot. appreciate the info.
regards,
thomas. |
|
| Back to top |
|
|
arkane
l33t
Joined: 30 Apr 2002
Posts: 918
Location: Phoenix, AZ
|
| Posted: Thu Jul 11, 2002 3:23 am Post subject: |
|
|
OH no....
question, what type of vulnerability can this open up?
I mean.. I know it follows symlinks, leaves a /tmp file open and such, but can someone only do something to your system if they are on your system through shell access?
I'm wondering about this because I'm chasing down issues on my system that are really *WIERD*, like /dev/null having permissions changed on it, and several apps acting odd. I vaguely remember clicking on a PDF file that mozilla opened and it was blank. I didn't think anything of it....
I know it's a far shot but...? Is this possible? (sounds very far shot'ish) |
|
| Back to top |
|
|
Naan Yaar
Bodhisattva
Joined: 27 Jun 2002
Posts: 1549
|
| Posted: Thu Jul 11, 2002 3:44 am Post subject: |
|
|
From the description, it would seem that one would need shell access to your system. Re: blank pdf - I would imagine that it is not really a symptom since pdf does not contain macros and the like. Actually, the acroread plugin seemed to hang weirdly as a plugin in mozilla on my box.
| arkane wrote: | OH no....
question, what type of vulnerability can this open up?
I mean.. I know it follows symlinks, leaves a /tmp file open and such, but can someone only do something to your system if they are on your system through shell access?
I'm wondering about this because I'm chasing down issues on my system that are really *WIERD*, like /dev/null having permissions changed on it, and several apps acting odd. I vaguely remember clicking on a PDF file that mozilla opened and it was blank. I didn't think anything of it....
I know it's a far shot but...? Is this possible? (sounds very far shot'ish) |
|
|
| Back to top |
|
|
rac
Bodhisattva
Joined: 30 May 2002
Posts: 6553
Location: Japanifornia
|
| Posted: Thu Jul 11, 2002 6:36 am Post subject: |
|
|
| Naan Yaar wrote: | | Actually, the acroread plugin seemed to hang weirdly as a plugin in mozilla on my box. |
...looking like the window needs a redraw? I have this also, and chalked it up to binary incompatibility between acroread and my GCC 3.1-compiled mozilla.
_________________
For every higher wall, there is a taller ladder |
|
| Back to top |
|
|
Naan Yaar
Bodhisattva
Joined: 27 Jun 2002
Posts: 1549
|
| Posted: Thu Jul 11, 2002 12:04 pm Post subject: |
|
|
Yes, it looks like the screen does not redraw. I actually use gcc 2.95.3. I just removed the plugin from the plugins directory and used it as an external reader! I am not sure whether having the window embedded is worth the hassle anyway 
| rac wrote: | | Naan Yaar wrote: | | Actually, the acroread plugin seemed to hang weirdly as a plugin in mozilla on my box. |
...looking like the window needs a redraw? I have this also, and chalked it up to binary incompatibility between acroread and my GCC 3.1-compiled mozilla. |
|
|
| Back to top |
|
|
arkane
l33t
Joined: 30 Apr 2002
Posts: 918
Location: Phoenix, AZ
|
| Posted: Thu Jul 11, 2002 8:52 pm Post subject: |
|
|
I've never had this issue on my machine here compiled with gcc2.95.
Well, except for that one blank pdf, but it wasn't having issues with a redraw, it was just empty.
| rac wrote: | | Naan Yaar wrote: | | Actually, the acroread plugin seemed to hang weirdly as a plugin in mozilla on my box. |
...looking like the window needs a redraw? I have this also, and chalked it up to binary incompatibility between acroread and my GCC 3.1-compiled mozilla. |
|
|
| Back to top |
|
|
arkane
l33t
Joined: 30 Apr 2002
Posts: 918
Location: Phoenix, AZ
|
| Posted: Thu Jul 11, 2002 8:55 pm Post subject: |
|
|
I think I pulled my "I've been hacked" gun out too soon.
I did an emerge -e system && emerge -e world last night and now everything is working fine.... doesn't look like it was that.
Your right, it doesn't have macros or anything else that could make it remotely expoitable now that I think about it. I guess I was just being overly paranoid, per usual.
(call it the whole "John Nash" syndrome lol)
| Naan Yaar wrote: | From the description, it would seem that one would need shell access to your system. Re: blank pdf - I would imagine that it is not really a symptom since pdf does not contain macros and the like. Actually, the acroread plugin seemed to hang weirdly as a plugin in mozilla on my box.
|
|
|
| Back to top |
|
|
|
Other Things Gentoo
