fork bomb in SLES9

ddaas · 06-27-2007, 12:22 PM

Hi,
On my SLES9 server I ran a fork bomb:

#!/bin/bash
$0 && $0

The system freezes in a few seconds although I modified ulimit for max process, max open files etc.

Any idea how can I avoid this destructive problem on suse linux enterprize server 9?

it seems that ulimit doesn't work.

I tried this on many other distribution (FC, Slack etc) and ulimit solve the problem but not in SLES9?

Any ideas?

Thanks

unSpawn · 06-28-2007, 01:08 PM

What's the difference between systems wrt kernel versions and ulimits?

ddaas · 06-29-2007, 12:19 AM

Hi,
I am very sorry but I don't really know what wrt is ...

win32sux · 06-29-2007, 01:24 AM

Quote:

Originally Posted by ddaas

Hi,
I am very sorry but I don't really know what wrt is ...

It's a short way of saying with respect to.

unSpawn · 06-29-2007, 11:34 AM

Soz for the TLA's :-]

rg.viza · 07-05-2007, 02:45 PM

Quote:

Originally Posted by ddaas

Hi,
On my SLES9 server I ran a fork bomb:

#!/bin/bash
$0 && $0

The system freezes in a few seconds although I modified ulimit for max process, max open files etc.

Any idea how can I avoid this destructive problem on suse linux enterprize server 9?

it seems that ulimit doesn't work.

I tried this on many other distribution (FC, Slack etc) and ulimit solve the problem but not in SLES9?

Any ideas?

Thanks

Are you running this fork bomb as root or another user? I could understand it if it worked in a root shell.

However if it works in any user shell, it's a serious vulnerability. Root should be able to destroy the system... Some would consider root being able to do it a vulnerability. I say if someone gets root on your box, you are done for anyway ; ) Running this script is nothing compared to rm -rf /

I'd report it to Novell. If Novell does nothing with it within a few months, post it on bugtraq.

-Viz

ddaas · 07-06-2007, 12:29 AM

Hi there,
I run it as a normal user not root.
I've tested it on 4 or 5 systems with the same result.

No one there has SLES9 to try it out?

SLES9 is there for a long time and I dont't think that something like this could pass unnoticed.

SLES9 runs the default installation kernel (2.6.5.x).

Many thanks.