GNOME Bugzilla – Bug 108063
Deny-Of-Service-Attack: "FAMOpen failed, FAMErrno=0"
Last modified: 2004-12-22 21:47:04 UTC
If gnome-vfs is compiled with FAM support but the file monitor isn't launched on startup, something really nasty can happen: Your log files will reach titanic dimensions within short time. Main content of those files: "FAMOpen failed, FAMErrno=0". This behaviour is disastrious in two ways: 1) Breaking FAM causes gnome-vfs clients like Nautilus to start a marvilious deny of service attack, flooding the user's hard disk with meaningless messages within short time. 2) As meantioned already: The message is meaningless - causing the user to tap in the dark, when trying to resolve the problem. Attached you'll find a patch addressing both problems: The new error message contains some words about what's going wrong and message generation is throttled. I believe it's ok to throttle this message, since the message doesn't address a specific, but a system error. Maybe there are other places like this in gnome-vfs or GNOME. Didn't check yet. If there are such places, it could make sense to put the throttling code into a core library function.
Created attachment 14917 [details] [review] A patch for this issue
This message is already commented out in CVS, I got bored of seeing it. Anyway, I think this g_print was only going to the console, not to a log file, am I wrong ?
It does go to .xsession-errors if you use gnome-session.
Yeah. Saw your fix. "#ifdef DEBUG" -- Ok, kills the message. But since the error message indicates a serious configuration problem: gnome-vfs compiled with FAM support but FAM itself not running, it could make sense to display the error message. Just more meaning full, just less frequent (just my thoughts). Yes, the message is redirected to stdout. But: Two GDM based setups I've seen (Redhat and Gentoo) redirect all stdout messages generated by applications launched from the session manager to a log file in the user's home directory. Gentoo calls that file ".gnomerc-error". For Redhat it __could__ be ".xsession-errors" --- would have to check, don't run Redhat anymore. Since for those files there is no log management (rotation, compression ["last message repeated x times"]) frequent calls to print causing the mentioned deny-of-service attack: Since my FAM was misconfigured I've got a ".gnomerc-error" of 3 Gigabyte within a week --- without any other notification. Just wondered why my home partion was full...
Ok, thanks for the info, I didn't know this info could end up in a log message :) Wrt to the error message, I don't think it's critical to run a gnome-vfs compiled against fam without having fam launched (ie I don't think you'll get crashes or slowdowns), and if people complain about file notification not working, it's easy to diagnose without looking at that file. Moreover, I'd say it is the distro reponsibility to make sure fam is running when a fam-enabled gnome-vfs is used
If you really want to mention this problem in the logs, maybe only issuing a warning once would be enough (ie just use some static local variable)
Created attachment 14929 [details] [review] A less bloated version of the patch
Created a less bloated version of the patch, as you suggested.
I'm still unsure it's really useful to have that error. Convince me :) I also think the error message should mention that fam is used to detect file modifications (don't know if this is clear enough as it is worded now)
Its just a stupid spew. It should never have made it into the code in the first place.