I can reliably enduce libsafe to kill sawfish. Opening the "Configure
Update Agent" item from the Gnome "Programs->System" menu and entering the
root passwd gives the following in /var/log/secure:
Oct 7 00:48:02 tenshu libsafe.so: version 1.3
Oct 7 00:48:02 tenshu libsafe.so: detected an attempt to write
across stack boundary.
Oct 7 00:48:02 tenshu libsafe.so: terminating /usr/bin/sawfish
Oct 7 00:48:02 tenshu libsafe.so: overflow caused by memcpy()
This is using the versions of libsafe and sawfish supplied as part of
RedHat 7.0 (my system was 6.1 with more recent versions of librep, rep-gtk
and sawfish, upgraded to RH7 using the RedHat installer)
I have just built and installed an RPM of sawfish-0.31 from the official site
and the segfault is no longer present.
Looks like RH needs to issue an update of this package.
Forwarded upstream to the sawfish maintainer. We aren't going to upgrade to a
newer version of sawfish at this time because the version in 7 was feature
frozen and stabilized, and newer versions add features and destabilize things
again. So we would need a fix backported to the version we shipped. If I
understand correctly this is not a security bug, please correct me if it is.
(i.e. it's just a matter of Sawfish being a bit broken writing in inappropriate
parts of the stack.)
sawfish-0.36 is in rawhide, all is well.