Michal Zalewski wrote: > This is not to say that delivering signals is not the way to exploit > problems like that - conditions that would otherwise lead directly to SEGV > because of access to non-allocated memory, for example. Quite > (un)fortunately, there are only two signals that could be perhaps > delivered to Apache (which, keep in mind, is running as a standalone > daemon) - SIGPIPE and SIGURG - that is, if they are not ignored and if the > handler does something interesting, which I'm not so sure about (but > haven't looked in a while). Seems to me SIGTERM is likely as well, though it may not happen until someone reboots the webserver. SIGCHLD is also a possibility if an external CGI is involved, no? -- Jefferson Ogata : Internetworker, Antibozo <ogataat_private> http://www.antibozo.net/ogata/ whois: jo317/whois.networksolutions.com http://www.antibozo.net/ogata/pgp.asc
This archive was generated by hypermail 2b30 : Fri Jun 21 2002 - 04:09:34 PDT