On Fri, Mar 18, 2005 at 12:47:51PM -0600, Jim Flanagan wrote:
Sorry, my earlier post did not include the link to the story at securityfocus.com
Are any of the currently supported Suse versions suseptable to this forkbomb attack? I'm not very sure what it is, but I'm sure many of you are. I'm running suse 8.2 pro and 9.1 pro.
Yes it is.
Because we have unlimited ulimits by default.
To fix that: Install the "ulimit" package. Adapt /etc/sysconfig/ulimit to your needs.
From what I can tell this vulnerability is open to local users, not necessarily remote users, but, the potential damage is high (instantaneous system failure) and is a known old attack. -- Jim Flanagan
What I don't understand is that the article mentions that the BSD kernels have been modified for some time (years) for this old attack, but linux has not. I thought linux was more cutting edge and up to date than that. linuxjim@jjfiii.com