Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
i was shocked to read this article about the security loophole of linux.
[MODERATED]
..usually...we dont limit quotas for the users.and also if someone is using this trick on our computer,we will be unable to get to know what the problem is...really great loop hole...have u tried....i am a newbie...and also,anyone can use this trick too....please get a nice solution
Last edited by unSpawn; 08-24-2008 at 05:56 AM.
Reason: Moderator removes link to simple fork bomb example.
This is a well known fork bomb. The very secure thing to do is to limit accounts only to trusted users and perform any action to secure the access to your server (no root login allowed, public/private key access only, and so on...). There are a lot of threads here explaining the measures available to limit risks.
This is a well known fork bomb. The very secure thing to do is to limit accounts only to trusted users and perform any action to secure the access to your server (no root login allowed, public/private key access only, and so on...). There are a lot of threads here explaining the measures available to limit risks.
there are guest accounts in many of our systems..right?
there are guest accounts in many of our systems..right?
Not unless you created some guest accounts. Guest accounts need strict settings on quotas, and must never have a login shell. If you mean 'guest account' as in an account for someone visiting your office, you should trust them as much as you trust your own employees - which should be not at all (the good old UNIX way).
One solution to your answer would be to put a limit on the number of processes any user can run on any given system. The user can manage to decrease this themselves using 'ulimit', but I am pretty sure there is a global setting. If this process limit is set to something smaller than the process capacity of the entire system you should be able to go into the system and use a few tricks to kill off all of the fork bombs...
such as rendering all of them zombies and killing them one by one... Where's Milla?
If you have the PAM limits module, you can set the max number of processes allowed per user. Moreover you can apply a kernel patch which allows the logging of the user who has started a fork bomb, among other things: it is named grsecurity or something similar.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
linux too insecure????
