codeblog code is freedom — patching my itch

7/23/2010

Achievement Unlocked

Filed under: Blogging,Debian,General,Ubuntu — kees @ 5:45 am

I think it would be fun to add an achievement system to the Ubuntu Desktop, like is done on Steam and XBox.

The tricky part is tracking various events and finding amusing correlations. For example, if your screen-saver kicks in 40 times in a single 24 hour period, you could earn the “Alternating Current” achievement, indicating that you’re being repeatedly interrupted all day long:

achievement unlocked: alternating current

There are all kind of things to track and correlate. Miles moved with the mouse, clicks taken, keys pressed, files opened, applications installed, buddies added, IMs received, sent, etc. There are all kinds of achievements that could be designed that could be used to help people discover how to use Ubuntu, or for just plain humor. “Achievement Unlocked: Application Deficit Disorder” when you uninstall 100 applications you installed in the prior week.

I’ve been told this might all be very easy to implement with the Gnome Activity Journal (Zeitgeist), but I haven’t had a chance to investigate further.

UPDATE: I can easily imagine this being tracked in CouchDB, synced between systems via UbuntuOne, and could be linked to any other remote APIs that people could dream up, including Launchpad, Forums, REVU, Identi.ca, etc.

© 2010, Kees Cook. This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 License.
Creative Commons License

7/3/2010

gdb turns off ASLR

Filed under: Blogging,Debian,Ubuntu,Ubuntu-Server — kees @ 10:05 am

Starting with GDB version 7, first appearing in Ubuntu with Karmic (Ubuntu 9.10), ASLR is turned off (via the ADDR_NO_RANDOMIZE personality flag) for the debugged process. If you want a more realistic view of how a process will appear in memory, you must “set disable-randomization off” in gdb:

$ gdb /usr/bin/something
...
(gdb) show disable-randomization
Disabling randomization of debuggee's virtual address space is on.
(gdb) start
...
(gdb) ^Z
$ cat /proc/$(pidof /usr/bin/something)/personality
00040000
$ grep 0040000 /usr/include/linux/personality.h
    ADDR_NO_RANDOMIZE =     0x0040000,  /* disable randomization of VA space */
$ fg
(gdb) set disable-randomization off
(gdb) show disable-randomization
Disabling randomization of debuggee's virtual address space is off.
(gdb) start
...
(gdb) ^Z
$ cat /proc/$(pidof /usr/bin/something)/personality
00000000

© 2010, Kees Cook. This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 License.
Creative Commons License

7/1/2010

reporting all execs

Filed under: Blogging,Debian,Ubuntu,Ubuntu-Server — kees @ 2:24 pm

I recently learned about the process event connector, and went looking for an example program that could report all the exec()s that happen on my system to help with debugging things like AC plug/unplug scripts, etc.

After cleaning it up and adding some features to do a simple best-effort cmdline reporting, I’ve now got a tool that will report every program run on a system:

$ sudo ./cn_proc 
sending proc connector: PROC_CN_MCAST_LISTEN... sent
Reading process events from proc connector.
Hit Ctrl-C to exit
event: exec 17514 17514: ls -AF --color=auto (unconfined)
event: exec 17516 17516: date +%H:%M (unconfined)
event: exec 17518 17518: whoami (unconfined)

Change the values show_event, show_seq, show_cpu, show_security_context to set the reporting defaults. Or, if someone is feeling bored, it would rock to add getopt support instead.

It seems strange to me that only CAP_NET_ADMIN is needed to get access to this information.

© 2010, Kees Cook. This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 License.
Creative Commons License

Powered by WordPress