[7571] in bugtraq
Re: Solaris 2.5.1/2.6 fingerd bug
daemon@ATHENA.MIT.EDU (Casper Dik)
Fri Aug 7 18:35:59 1998
Date: Fri, 7 Aug 1998 21:52:27 +0200
Reply-To: Casper Dik <casper@HOLLAND.SUN.COM>
From: Casper Dik <casper@HOLLAND.SUN.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: Your message of "Thu, 06 Aug 1998 12:49:18 EDT."
<Pine.LNX.3.96.980806124430.25251A-100000@beast.toad.net>
>> Fiji (jfay) wrote:
>> > try finger @host@host@host....145 times.... This should run the # of
>> > processes in excess of 1500 and shoot the system load up to at least 13.5.
>> >
>> > You can also do a finger @hosta@hostb where hostb is a machine running
>> > 2.5.1 or 2.6. Now this has not been confirmed on Solaris (x86). The bug id
>> > is 4161606 but yet there is no patch available as of today.
>>
>> Yep, same thing happens for x86 running 2.6.
>>
>> ~james
>
>For what it's worth, the two 2.5.1 machines I currently run don't have
>this problem. Both were installed using 2.5.1 HW:4/97 media and then
>subsequently brought up to Generic_103640-21 via the current (ie. a few
>weeks ago) 2.5.1_Recommended kit. The machines are a sparc 2 and 10.
There's actually a quite simple workaround (BTW, one finger can't
create 1500 processes; there's a buffer of 512 characters and you
get at most 512 /(1+lenghtofhostname)*2 processes.)
The quick fix is to set the number of processes per user to a acceptable
value by editing /etc/system:
set maxuprc = 50
This will limit the number of processes per user (not including root, but
including nobody) to a small value. For certain setups, you can pick
a larger system.
If you dont' want to reboot, it's bit harder, but try:
adb -wk
v+0x1c/W<num>
Casper
