[2445] in linux-security and linux-alert archive
Re: Problem with red hat 6.1
daemon@ATHENA.MIT.EDU (Erik Mouw)
Fri Dec 1 15:46:54 2000
Date: Thu, 30 Nov 2000 17:43:42 +0100
From: Erik Mouw <J.A.K.Mouw@ITS.TUDelft.NL>
To: nayakvinod <nayakvinod@hotmail.com>
Cc: linux-alert@redhat.com
Message-ID: <20001130174341.B1018@arthur.ubicom.tudelft.nl>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <OE48jQHtMFaukyCKDkb00003ad1@hotmail.com>; from nayakvinod@hotmail.com on Wed, Nov 29, 2000 at 11:27:00AM +0530
Errors-To: linux-alert-admin@redhat.com
On Wed, Nov 29, 2000 at 11:27:00AM +0530, nayakvinod wrote:
> I found a problem, nay a very serious bug in red hat 6.1(kernel
> 2.2.12).
>
> I login as an ordinary user and did as follows( in fact I wrote a
> faulty shell program and put it in a directory in PATH):
>
> $ mkdir bin
> $ cat >bin/hello
> hello
> ^D
> $ chmod 0755 bin/hello
> $ hello
So what happens:
Hello is started (as a shell script), which on its turn starts hello,
which on its turn starts hello.... ad nauseam. In other words: you
created a shell version of the fork() bomb.
> This system crashed after giving messages like:
>
> syslog: Out of memory
Syslog wants to write to the log file, so it tries to allocate memory
but fails because the fork() bomb allocated all memory.
> init : out of memory
Idem.
> First I suspected that the problem is in kernel2.2.12. But when I
> booted RED hat 6.2 with this kernel and run the same culprit shell
> prog, the process terminated with the messge:
>
> bash: Out of memory!
This is *not* a kernel problem, it's just a poorly configured system.
If you apply proper limits to your system, you won't get bitten.
Example with tcsh:
erik@arthur:~ > limit maxproc 10
erik@arthur:~ > hello
No more processes.
Manual pages to look for: getrlimit, setrlimit.
To quote H. Peter Anvin: Unix gives you enough rope to shoot yourself
in the foot.
Erik
--
J.A.K. (Erik) Mouw, Information and Communication Theory Group, Department
of Electrical Engineering, Faculty of Information Technology and Systems,
Delft University of Technology, PO BOX 5031, 2600 GA Delft, The Netherlands
Phone: +31-15-2783635 Fax: +31-15-2781843 Email: J.A.K.Mouw@its.tudelft.nl
WWW: http://www-ict.its.tudelft.nl/~erik/
_______________________________________________
Linux-alert mailing list
Linux-alert@redhat.com
https://listman.redhat.com/mailman/listinfo/linux-alert
