LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices



Reply
 
Search this Thread
Old 08-22-2008, 06:47 AM   #1
jakesjohn
LQ Newbie
 
Registered: Aug 2008
Posts: 5

Rep: Reputation: 0
Smile linux too insecure????


i was shocked to read this article about the security loophole of linux.

[MODERATED]
..usually...we dont limit quotas for the users.and also if someone is using this trick on our computer,we will be unable to get to know what the problem is...really great loop hole...have u tried....i am a newbie...and also,anyone can use this trick too....please get a nice solution

Last edited by unSpawn; 08-24-2008 at 06:56 AM. Reason: Moderator removes link to simple fork bomb example.
 
Old 08-22-2008, 06:56 AM   #2
colucix
Moderator
 
Registered: Sep 2003
Location: Bologna
Distribution: CentOS 6.5 OpenSuSE 12.3
Posts: 10,509

Rep: Reputation: 1957Reputation: 1957Reputation: 1957Reputation: 1957Reputation: 1957Reputation: 1957Reputation: 1957Reputation: 1957Reputation: 1957Reputation: 1957Reputation: 1957
This is a well known fork bomb. The very secure thing to do is to limit accounts only to trusted users and perform any action to secure the access to your server (no root login allowed, public/private key access only, and so on...). There are a lot of threads here explaining the measures available to limit risks.
 
Old 08-22-2008, 07:03 AM   #3
jakesjohn
LQ Newbie
 
Registered: Aug 2008
Posts: 5

Original Poster
Rep: Reputation: 0
Smile

Quote:
Originally Posted by colucix View Post
This is a well known fork bomb. The very secure thing to do is to limit accounts only to trusted users and perform any action to secure the access to your server (no root login allowed, public/private key access only, and so on...). There are a lot of threads here explaining the measures available to limit risks.
there are guest accounts in many of our systems..right?
 
Old 08-22-2008, 08:02 AM   #4
unixfool
Member
 
Registered: May 2005
Location: Northern VA
Distribution: Slackware, Ubuntu, FreeBSD, OpenBSD, OS X
Posts: 781
Blog Entries: 8

Rep: Reputation: 157Reputation: 157
Quote:
Originally Posted by jakesjohn View Post
there are guest accounts in many of our systems..right?
Nope. That's the OTHER OS...
 
Old 08-22-2008, 08:06 AM   #5
pinniped
Senior Member
 
Registered: May 2008
Location: planet earth
Distribution: Debian
Posts: 1,732

Rep: Reputation: 50
Quote:
Originally Posted by jakesjohn View Post
there are guest accounts in many of our systems..right?
Not unless you created some guest accounts. Guest accounts need strict settings on quotas, and must never have a login shell. If you mean 'guest account' as in an account for someone visiting your office, you should trust them as much as you trust your own employees - which should be not at all (the good old UNIX way).
 
Old 08-22-2008, 08:08 AM   #6
student04
Member
 
Registered: Jan 2004
Location: Georgia
Distribution: OS X, CentOS
Posts: 669

Rep: Reputation: 34
One solution to your answer would be to put a limit on the number of processes any user can run on any given system. The user can manage to decrease this themselves using 'ulimit', but I am pretty sure there is a global setting. If this process limit is set to something smaller than the process capacity of the entire system you should be able to go into the system and use a few tricks to kill off all of the fork bombs...

such as rendering all of them zombies and killing them one by one... Where's Milla?
 
Old 08-22-2008, 08:49 AM   #7
colucix
Moderator
 
Registered: Sep 2003
Location: Bologna
Distribution: CentOS 6.5 OpenSuSE 12.3
Posts: 10,509

Rep: Reputation: 1957Reputation: 1957Reputation: 1957Reputation: 1957Reputation: 1957Reputation: 1957Reputation: 1957Reputation: 1957Reputation: 1957Reputation: 1957Reputation: 1957
If you have the PAM limits module, you can set the max number of processes allowed per user. Moreover you can apply a kernel patch which allows the logging of the user who has started a fork bomb, among other things: it is named grsecurity or something similar.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Why is system() insecure? reverse Linux - Security 5 12-03-2007 07:47 PM
NFS insecure? Micro420 Linux - Security 8 12-15-2006 02:56 AM
Does linux have anything insecure like Windows C$ or Admin$ share? Whitehat General 3 12-05-2003 09:34 AM
Telnet is insecure but ... Q*Bert Linux - Security 2 03-29-2003 02:21 PM
Netscape6.2 insecure? LabRad Linux - General 2 04-15-2002 01:42 PM


All times are GMT -5. The time now is 08:31 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration