• MIS spawns Zombie Process on Linux

    From roovis@21:4/165 to g00r00 on Tue Feb 18 14:52:32 2020
    On launch/restart of MIS, I get the following behavior:

    First connect (Telnet OR SSH), I get a zombie process (guessing MIS/Mystic fails somewhere along the line) ... Telnet seems to restart and it gets the connection through anyway. SSH just fails and a second attempt must be made.

    I am running Ubuntu Server 18.04. If I recall correctly, I was getting
    similar behavior under Windows 10.

    -roovis

    --- Mystic BBS v1.12 A44 2020/02/04 (Linux/64)
    * Origin: w0pr.win (21:4/165)
  • From Embalmed@21:4/166 to roovis on Tue Feb 18 13:04:30 2020
    First connect (Telnet OR SSH), I get a zombie process (guessing
    MIS/Mystic fails somewhere along the line) ... Telnet seems to restart
    and it gets the connection through anyway. SSH just fails and a second attempt must be made.

    I am running Ubuntu Server 18.04. If I recall correctly, I was getting similar behavior under Windows 10.

    I am also running Ubuntu 18.04. I don't notice any connection failures upon restarting mis, but I do notice there is a defunct mystic process for every user who logs in.

    This also reminds me, is there any way to hide the username and password parameters that mis passes on to mystic?
    As it stands any user who can ps on a linux machine can see all the logged in users passwords.

    |07E|10m|07b|10a|07l|10m|07e|10d |12-----------------------------------------------------
    |09Black Lodge Research BBS |11blacklodgeresearch.org:4022
    |11fsx|08Net: |0721:4/166 |11sci|08Net: |0777:1/133

    --- Mystic BBS v1.12 A44 2020/02/04 (Linux/64)
    * Origin: Black Lodge Research BBS (21:4/166)
  • From roovis@21:4/165 to Embalmed on Tue Feb 18 15:10:48 2020
    This also reminds me, is there any way to hide the username and password parameters that mis passes on to mystic?
    As it stands any user who can ps on a linux machine can see all the
    logged in users passwords.

    I don't have any other users on my machine for precisely this reason. User names and passwords on command lines are a no-no when speaking from a
    security standpoint. The proper way would be for MIS to drop a file with the login/password information and point Mystic at that file (which can only be read by Mystic).

    Maybe g00r00 will look into doing that?

    -roovis

    --- Mystic BBS v1.12 A44 2020/02/04 (Linux/64)
    * Origin: w0pr.win (21:4/165)
  • From g00r00@21:1/108 to Embalmed on Tue Feb 18 17:45:00 2020
    I am also running Ubuntu 18.04. I don't notice any connection failures upon restarting mis, but I do notice there is a defunct mystic process
    for every user who logs in.

    I don't seem to be able to reproduce an issue here. There are processes created when the node is active but they are removed when the user logs out.

    I just tried it on my BBS to be sure and "ps -e | grep mystic" shows no processes when no one is logged in. If you can confirm this is not the case for you let me know.

    This also reminds me, is there any way to hide the username and password parameters that mis passes on to mystic?

    Its supposed to be a hash. What its doing now is temporary until the new PBKDB2 password system was implemented (which was last alpha). Thanks for the reminder I completely forgot about that and I haven't read my TODO list top to bottom lately to see the note.

    --- Mystic BBS v1.12 A45 2020/02/17 (Windows/64)
    * Origin: Sector 7 (21:1/108)