SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I don't get it? I could not find any thing at that site? I'm guessing it has something to do with a user using up all the mem and cpu time of the system?
What is such a big deal of a user being able to slow down a machine? All they would have to do is keep opening up process that they have permission to, or open really big files that they have permission to and eat all the memory. It's called the user using the system. They can't gain any elevated privilages by doing this. If the Admin doesn't like this which he will find out very quickly he just takes about the users account. How is that different that any other OS in the world. Seems kinda like a desperate person trying to find something?
This is rather a bug in awstats.pl that executes code from values in url
(awstats.pl is a tool for web admin / ISP to do statistics for web usage)
This should have been fixed in newer version
Don't worry about it if you're a desktop user. It's only relevent if you give other people local or remote access to your box and you suspect they may try malicious activities. Don't get your panties in a knot over it.
I was wondering about this - I'm still playing around in Arch - used the same obfuscated thing above first and then forkbomb.sh - brought Arch to a hard lock almost instantly and had to reset twice. Then I changed the ulimit because I'm quite capable of forkbombing myself if I get stupid with scripting. But as far as a security thing, as someone else said, I can launch a DOS on myself by pulling the cord from the wall and all the ulimits in the world won't fix that. BFD.
Originally posted by keefaz You could set the limit in /etc/login.defs at ULIMIT value, something like 524288
(as it is in 512-byte units, 524288/512 = 1024 processes)
The article mentioned that it is both shell AND kernel is set to unlimited process which causes problem.
I believe this would limit the shell, and therefore effectively void the situation.
But, I would like to know how to fix this at kernel level. Anyone?
Thanks.
p.s. It is just for learning, no effective threat to my system, as I am the only user.
Last edited by carboncopy; 03-20-2005 at 01:48 AM.
i've ran the forkbomb.sh example on my slackware box as a non-root user and it slowed the box to a crawl then made it hang to the point where nothing could be done (not even by root) except hit the power button...
Code:
#!/bin/bash
while true; do
./forkbomb.sh &
done
i had "top" running in a terminal when i executed forkbomb.sh and for a couple seconds i was able to see the swap usage skyrocket before "top" segfaulted and then everything else locked-up...
so anyways, i tried setting the ULIMIT in /etc/login.defs but i still get forkbombed...
this is what ULIMIT looks like by default in my /etc/login.defs on my slackware 10.x box:
Code:
#ULIMIT 2097152
when giving the "ulimit" command as a non-root user it would output "unlimited"...
so i changed it to:
Code:
ULIMIT 131072
when i logged back in "ulimit" would output "65536"... i executed forkbomb.sh and again my box almost completely locked-up after a couple seconds...
i have 256 megs of ram and 600 megs of swap...
i read in the article that debian wasn't affected, what is the default configuration that debian uses??? can we replicate it on slackware???
why didn't the change i made to /etc/login.defs prevent the forkbombing??
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.