[Seaside] [BUG][TEST] Seaside Security Issue
Lukas Renggli
renggli at student.unibe.ch
Wed Oct 1 21:43:40 CEST 2003
Hi Avi,
we discovered a security issue with Seaside, that makes it possible to
crash any Squeak-VM from the web.
Using the web-application in ssi.mcz it is possible to crash the Unix,
the Carbon and the Windows VM. Clicking on the button in this
application will start a longer-lasting task, in this example it is
just delay of several seconds. The longer the task the easier to
reproduce the problem, but it is also possible with much shorter
delays. As web-browser you *have to use Internet Explorer*, as this is
the only browser we know that is sending multiple requests when
submitting the same form several times. To crash Squeak, simply click a
lot onto that button in short intervals (do not wait until the page
refreshes) and the VM will suddenly disappear ...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: SSI-lr.1.mcz
Type: application/octet-stream
Size: 1054 bytes
Desc: not available
Url : http://lists.squeakfoundation.org/pipermail/seaside/attachments/20031001/848d2cfe/SSI-lr.1.obj
-------------- next part --------------
If you'd like to see what happens inside the image, open a Process
Browser and turn the auto-update on. You will see that the requests are
scheduled and WAProcessMonitor is waiting the other requests to finish.
After a certain time-out WAProcessMonitor tries to terminate the
request currently running. Probably several instances try to do that at
the same time and the image crashes ... Well, this is not really a good
explanation, this is just what we found out.
Cheers,
Lukas
--
Lukas Renggli
http://renggli.freezope.org
More information about the Seaside
mailing list