Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: Several internet programs at same time

  1. #1

    Default Several internet programs at same time

    I have always have this big uneasiness...

    If one has Firefox -or any other web browser- with opened login sessions (say, in gmail, yahoo, twitter, or any forum), an IRC client, and an opened terminal session as the root user, *all* running at same time, how risky/exploitable is one becoming?
    I have never had way of telling "yes" or "no", nor being able to find answers in other forums, so I always have to be careful to run *just and only one* application of the kind at the same time. Needless to say this sometimes becomes a bit unefficient.

    But since I'd like to try Emacs for text editing and trying its own inbuilt IRC client, but I use command line *very* often either as standard user and root user...

    Anyway, thanks again.

  2. #2
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    11,254
    Blog Entries
    2

    Default Re: Several internet programs at same time

    So,
    In the first place a little bit of fundamental 32bit/64bit architecture is necessary...
    You should know that although there is a physical memory map, the OS presents a pristine virtual memory space to every running application. That means that although you always will have multiple apps and services running on your machine, every application will think it's running all by its lonely self with all the memory in the world all for its own use. No application will generally see any other application unless there is a specific reason for that to happen.

    And then, the OS will manage and co-ordinate each and every one of these virtual memory spaces, mapping actual use to the physical memory map.

    So, each application can't really see what is happening elsewhere on your machine.

    Although this is the way things generally work, for the most part everything is designed to maximize performance with less priority on security to make sure everything is responsive. If for some reason you want to impose a higher level of security, you can run your apps in cgroups (eg Docker or LXC) or virtualized machines.

    Bottom line is that...
    If you for instance run multiple web browsers, what you do in each web browser should generally be isolated from what is done in another web browser because they won't likely share any application code, and can be considered securely isolated against general, higher level intrusion. But, if you want a more certain level of isolation, then you need to do something else, like Docker or LXC (or various other possible options).

    Note when running multiple instances of certain apps like console apps (Emacs of course is one) that systemd will share some common code between multiple instances of the same app. So, there are a few special considerations like this.

    HTH,
    TSU
    Beginner Wiki Quickstart - https://en.opensuse.org/User:Tsu2/Quickstart_Wiki
    Solved a problem recently? Create a wiki page for future personal reference!
    Learn something new?
    Attended a computing event?
    Post and Share!

  3. #3
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    25,114

    Default Re: Several internet programs at same time

    Quote Originally Posted by F_style View Post
    I have always have this big uneasiness...

    If one has Firefox -or any other web browser- with opened login sessions (say, in gmail, yahoo, twitter, or any forum), an IRC client, and an opened terminal session as the root user, *all* running at same time, how risky/exploitable is one becoming?
    I have never had way of telling "yes" or "no", nor being able to find answers in other forums, so I always have to be careful to run *just and only one* application of the kind at the same time. Needless to say this sometimes becomes a bit unefficient.

    But since I'd like to try Emacs for text editing and trying its own inbuilt IRC client, but I use command line *very* often either as standard user and root user...

    Anyway, thanks again.
    For a start, as long as you do not run any of those other programs as root, but only have a terminal windows running as root, you are pretty save. In any case, you would use that root terminal session only for a short time I assume.
    Henk van Velden

  4. #4

    Default Re: Several internet programs at same time

    Quote Originally Posted by tsu2 View Post
    You should know that although there is a physical memory map, the OS presents a pristine virtual memory space to every running application. That means that although you always will have multiple apps and services running on your machine, every application will think it's running all by its lonely self with all the memory in the world all for its own use. No application will generally see any other application unless there is a specific reason for that to happen.
    By chance, do you mean the Swap partition in general Linux, and those strange hidden temp files in Windows?


    Quote Originally Posted by hcvv View Post
    For a start, as long as you do not run any of those other programs as root, but only have a terminal windows running as root, you are pretty save. In any case, you would use that root terminal session only for a short time I assume.
    Yes, generally I procure to use root sessions in general (terminal, yast...) for a short time, although IIRC time gets longer whenever doing update or installation tasks. But for these cases it's anyway suggested to close applications, right? But, hypothetically, can there be consequences if for some reason time as root got longer?

    Also, wouldn't tsu2's argument slightly contradict what you said?
    "When running multiple instances of certain apps like console apps systemd will share some common code between multiple instances of the same app."

    Thanks again.

  5. #5
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    25,114

    Default Re: Several internet programs at same time

    Quote Originally Posted by F_style View Post
    Yes, generally I procure to use root sessions in general (terminal, yast...) for a short time, although IIRC time gets longer whenever doing update or installation tasks. But for these cases it's anyway suggested to close applications, right? But, hypothetically, can there be consequences if for some reason time as root got longer?

    Also, wouldn't tsu2's argument slightly contradict what you said?
    "When running multiple instances of certain apps like console apps systemd will share some common code between multiple instances of the same app."

    Thanks again.
    When the same program is loaded several times in memory (several processes), if used by the same user or another, the code pages will be shared (and they will be read-only). Data pages will be separate of course and be protected from each other.
    The protection of code pages against each other (overflow of their boundaries) is as old as real multi-process operating systems and can be taken for granted I assume (when not, you better try to run a single process, not network connected system for yourself in a dark room with all doors locked).

    While it is general not a bad idea to to organize an "update window" during which your users are encouraged (or maybe even forced) to log out during system maintenance, the impact from updates depends on what is updated.
    In general an update involves replacing of files by the same files of the newer version. In Unix/Linux, removal of the old file means that it's entry in the directory is deleted, but the inode and the data blocks are only freed after the last process using the file closes the file. In the meantime the new file is created and a new entry in the directory is made. This means that a running process will continue using the old file, while a new process of the same program will be started from the new file. They can happy run alongside each other.
    But with more complicated programs that open and close files during running, it is then possible that a combination of files from before and after the update is used (think of the old executable using a newer central configuration file, or an old kernel loading a newer module). In general the changes are not that big that it matters, but it is the main reason to "advice" a reboot after a kernel update. And the same "advice" to restart some programs, or the desktop (desktops are of course a good example of a bunch of programs/files working together) depending on what is updated.

    BTW, I do not understand what "systemd" has to with it in the text you quote above. I guess this is a typo and that "kernel" is meant instead.
    Henk van Velden

  6. #6

    Default Re: Several internet programs at same time

    Took a while to understand all the details; thanks very much.

    When mentioning "systemd" I was just quoting mr tsu2, but I'm a bit surprised by your comment: systemd is really the "global process manager" of the entire OS, isn't it? So it would be related as well...

    So in the end, does all of this mean "as long as you do not run any of those other programs as root, and only have one terminal window running as root, there's virtually no risk"? Firefox opened sessions, IRC, or even root session in one *separated* terminal window cannot really overlap?
    Can there be consequences if for some reason time root terminal session lasts longer?

  7. #7
    Join Date
    Jun 2008
    Location
    Auckland, NZ
    Posts
    20,371
    Blog Entries
    1

    Default Re: Several internet programs at same time

    Quote Originally Posted by F_style View Post
    So in the end, does all of this mean "as long as you do not run any of those other programs as root, and only have one terminal window running as root, there's virtually no risk"? Firefox opened sessions, IRC, or even root session in one *separated* terminal window cannot really overlap?
    Can there be consequences if for some reason time root terminal session lasts longer?
    This is more about best practice than absolutes. It's through the possible existence of a kernel vulnerability or similar that a hacker might gain control of a PC running a root process. Though the chances are small (provided you keep your system fully-updated) there are always risks of a system being compromised. An informative article on the subject

    https://hackmag.com/security/reach-the-root/

  8. #8
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    11,254
    Blog Entries
    2

    Default Re: Several internet programs at same time

    In a SysVinit system, when you run multiple instances of an app, each instance is run in its own virtual memory map without sharing any application resources with any other instance.

    One of the efficiency improvements in systemd is for multiple instances of the same application to share a common core functionality, then assign a different virtual memory map for anything unique to the instance.

    But, that only applies to running multiple instances of the <same> app.
    If you're running different apps, there are no shared resources.

    I don't think you are grasping the idea of virtual memory usage in computing, the Wikipedia entries that follow describe basics. The additional concept I don't notice covered is that the virtual memory available to any process is completely uncluttered with competing processes, the process can function as though it is the only one running, completely unaware of anything else that is running

    https://en.wikipedia.org/wiki/Virtual_memory
    https://en.wikipedia.org/wiki/Virtual_address_space

    TSU
    Beginner Wiki Quickstart - https://en.opensuse.org/User:Tsu2/Quickstart_Wiki
    Solved a problem recently? Create a wiki page for future personal reference!
    Learn something new?
    Attended a computing event?
    Post and Share!

  9. #9

    Default Re: Several internet programs at same time

    So even if I had 2 terminal windows at same time, one using irssi or emacs and the other one using a root session, I would still not be very at risk since only the terminal *program* "source code" is being shared, yet not the particular data of the activities being done in each terminal instance?

    @deano_ferrari:
    I probably misunderstood, just as always... does the article slightly look like a "didactic exercise" for self autoexploting?

  10. #10
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    25,114

    Default Re: Several internet programs at same time

    Try to get some basic understanding of "processes". What they are, what they consist of and how they are managed by the kernel.
    Henk van Velden

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •