linux too insecure????
 

i was shocked to read this article about the security loophole of linux.

[MODERATED]
..usually...we dont limit quotas for the users.and also if someone is using this trick on our computer,we will be unable to get to know what the problem is...really great loop hole...have u tried....i am a newbie...and also,anyone can use this trick too....please get a nice solution

This is a well known fork bomb. The very secure thing to do is to limit accounts only to trusted users and perform any action to secure the access to your server (no root login allowed, public/private key access only, and so on...). There are a lot of threads here explaining the measures available to limit risks.

there are guest accounts in many of our systems..right?

Nope. That's the OTHER OS...

Not unless you created some guest accounts. Guest accounts need strict settings on quotas, and must never have a login shell. If you mean 'guest account' as in an account for someone visiting your office, you should trust them as much as you trust your own employees - which should be not at all (the good old UNIX way).

One solution to your answer would be to put a limit on the number of processes any user can run on any given system. The user can manage to decrease this themselves using 'ulimit', but I am pretty sure there is a global setting. If this process limit is set to something smaller than the process capacity of the entire system you should be able to go into the system and use a few tricks to kill off all of the fork bombs...

such as rendering all of them zombies and killing them one by one... Where's Milla? ;)

If you have the PAM limits module, you can set the max number of processes allowed per user. Moreover you can apply a kernel patch which allows the logging of the user who has started a fork bomb, among other things: it is named grsecurity or something similar.