[16696] in bugtraq
Re: tmpwatch: local DoS : fork()bomb as root
daemon@ATHENA.MIT.EDU (Lukasz Trabinski)
Mon Sep 11 02:53:38 2000
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=ISO-8859-2
Message-ID: <Pine.LNX.4.21.0009091757340.3431-100000@lt.wsisiz.edu.pl>
Date: Sat, 9 Sep 2000 18:12:53 +0200
Reply-To: Lukasz Trabinski <lukasz@LT.WSISIZ.EDU.PL>
From: Lukasz Trabinski <lukasz@LT.WSISIZ.EDU.PL>
X-To: zenith parsec <zenith_parsec@THE-ASTRONAUT.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <20000909105828.20274.qmail@fiver.freemessage.com>
Content-Transfer-Encoding: 8bit
On Sat, 9 Sep 2000, zenith parsec wrote:
>
> Make a directory 6000 deep in /tmp
[...]
> slocate also segfaults on that directory.
>
> $ ./a
> to delete all the ./A/A/A/A/..... directories you own.
Generally, you can set quota limit for inode-softlimit and inode-hardlimit
(you should set it for /tmp filesystem, when you have users on your
machine).
For example:
inodes in use: 1, limits (soft =512 , hard = 1024),
Then user can not create more than 1024 files or directories, Of course
you can set more restrictive limits. :-)
--
*[ Łukasz Tr±biński ]*
SysAdmin @wsisiz.edu.pl
