osdchat 0.1.8 review

osdchat is a simple messaging utility that allows you to remotely send messages directly to the screen as an on-screen display (OSD).

License: GPL (GNU General Public License) File size: 29K Developer: Mike Smelov

0

osdchat is a simple messaging utility that allows you to remotely send messages directly to the screen as an on-screen display (OSD).

This may be used a lightweight messaging service in a local area network to message busy admins or communicate with friends who like to watch fullscreen movies or otherwise cannot see what's going on in the background.

There is a wide assortment of options to customize the look, feel, and location of the incoming messages.

I suppose it also shares some similarity with the ancient UNIX utility write, except that tty has been replaced with X. osdchat has been tested only under Linux, specifically Gentoo 1.4 and Slackware 9.0/1, but should work on any full distribution meeting the dependencies.

Installlation:

tar zxvf osdchat-[version].tar.gz
cd osdchat-[version]

Edit the Makefile as needed to change the install paths.

make check (md5sum check to make sure files are intact)
make
make install (need to be root, or have proper capabilities)

Copy sample osdchatd.conf configuration file to /etc or rename to .osdchatd and place it in your home directory. Change settings as desired.

The sample config file is equivalent to the built-in defaults, so a config file is not needed to just test the package.

Requirements:
XOSD
Readline

What's New in This Release:
client pipe fix (stupid hack for now)
remove mistakes: app level length transmits, blocked io problems, typo in sample config.
tested with xosd 2.2.5

Security:
avoid dangling clients that have not completed connection startup.
fix miscellaneous blocking issues - preventing DOS.
make listening socket non-blocking to prevent a DOS vulnerability caused by blocking if an RST is sent between a select and accept call.
use passwd file info instead of environment variables to get user information.
fix segfault by verifying the 0th argument, in case the daemon is exec'ed by another program.
safer creation of log file. If log file already exists as a FIFO (and is not being read from), blocking will occur.
safer creation of pid file. Tries to account for the file system changing underneath you. Append uid to pid file name so that stale pid files do not lock out other users.
fixed buffer overflow caused by repeating valid options in config file. Only first option takes effect.
more paranoid call return checks