Security In Slackware??
|
i've tried this in shell as normal user (from slashdot)
:(){ :&:;};: and my slackware go slow and slow and slow and finally hang!!!!! |
You could set the limit in /etc/login.defs at ULIMIT value, something like 524288
(as it is in 512-byte units, 524288/512 = 1024 processes) |
I don't get it? I could not find any thing at that site? I'm guessing it has something to do with a user using up all the mem and cpu time of the system?
What is such a big deal of a user being able to slow down a machine? All they would have to do is keep opening up process that they have permission to, or open really big files that they have permission to and eat all the memory. It's called the user using the system. They can't gain any elevated privilages by doing this. If the Admin doesn't like this which he will find out very quickly he just takes about the users account. How is that different that any other OS in the world. Seems kinda like a desperate person trying to find something? |
This is rather a bug in awstats.pl that executes code from values in url
(awstats.pl is a tool for web admin / ISP to do statistics for web usage) This should have been fixed in newer version |
so is there a way to protect ourselves against this?
|
Don't worry about it if you're a desktop user. It's only relevent if you give other people local or remote access to your box and you suspect they may try malicious activities. Don't get your panties in a knot over it.
|
I was wondering about this - I'm still playing around in Arch - used the same obfuscated thing above first and then forkbomb.sh - brought Arch to a hard lock almost instantly and had to reset twice. Then I changed the ulimit because I'm quite capable of forkbombing myself if I get stupid with scripting. But as far as a security thing, as someone else said, I can launch a DOS on myself by pulling the cord from the wall and all the ulimits in the world won't fix that. BFD.
*makes note to fix Slack later* |
Quote:
I believe this would limit the shell, and therefore effectively void the situation. But, I would like to know how to fix this at kernel level. Anyone? Thanks. p.s. It is just for learning, no effective threat to my system, as I am the only user. :) |
I've tried quite a few limits and nothing so far has prevented a fork bombing. Although its not a massive problem, its annoying when your box locks.
Edit: I'd be happy if someone found a fix that didn't require using pam. |
Check this one out:
http://gentoo-wiki.com/SECURITY_Limit_User_Processes |
You could set the limit for bash and sh (for other shell I don't know) in /etc/profile
like Code:
... With 1024 value, this code Code:
:(){ :&:;};: |
i've ran the forkbomb.sh example on my slackware box as a non-root user and it slowed the box to a crawl then made it hang to the point where nothing could be done (not even by root) except hit the power button...
Code:
#!/bin/bash so anyways, i tried setting the ULIMIT in /etc/login.defs but i still get forkbombed... this is what ULIMIT looks like by default in my /etc/login.defs on my slackware 10.x box: Code:
#ULIMIT 2097152 so i changed it to: Code:
ULIMIT 131072 i have 256 megs of ram and 600 megs of swap... i read in the article that debian wasn't affected, what is the default configuration that debian uses??? can we replicate it on slackware??? why didn't the change i made to /etc/login.defs prevent the forkbombing?? |
|
Win32sux, did you try:
ulimit -u 256 before execute your forkbomb.sh script ? |
All times are GMT -5. The time now is 07:21 PM. |