No, i was a normal user. That’s why
i was so surprised.
-----Ursprüngliche
Nachricht-----
Von: Kurt Seifried
[mailto:listuser@seifried.org]
Gesendet: Montag, 23. April 2001 10:05
An: Peer-Christoph Mettelem;
suse-security
Betreff: Re: [suse-security]
Recursive Shellscript
Let me guess. you did this as root. Oh my
god, surprise surprise.
Learn about imposing limits via PAM. (hint: www.sysadminmag.com).
Kurt Seifried, seifried@securityportal.com
Securityportal - your focal point for security on the 'net
----- Original Message -----
To: suse-security
Sent: Monday, April 23, 2001
1:48 AM
Subject: [suse-security]
Recursive Shellscript
Hi,
I just wrote a shell script which looks like this:
while true
do
$0
done
I executed it as normal user and then the following
happened: As you can imagine, very many shells were started (i wasn’t able to
count them because the system wasn’t responding any more). And then the system
started killing system processes like X and smbd. I got the following output on
console 10:
Apr 23 09:11:54 AlBundy kernel: VM: killing process
kmail
Apr 23 09:12:52 AlBundy kernel: VM: killing process
smbd
Apr 23 09:13:03 AlBundy kernel: VM: killing process
smbd
Apr 23 09:13:05 AlBundy kernel: VM: killing process
xconsole
Apr 23 09:13:13 AlBundy kernel: VM: killing process X
The system recovered itself by killing X. That worked
because i started the script from a shell in KDE. But if the script would be
started within a telnet session, it could be more dangerous.
I don’t know if this is a security hole, but it might
be.
My system:
SuSE
7.0 (kernel 2.2.18)
Lots
of updates and patches installed
PII
350 MHz
320
MB RAM
Peer-Christoph Mettelem
BezRegMS (NRW, Germany)
Software developer (trainee)
PS.: This is my first mail to the mailing list. Sorry
if it’s OT or something...