No, i was a normal user. That’s why i was so surprised.

 

-----Ursprüngliche Nachricht-----
Von: Kurt Seifried [mailto:listuser@seifried.org]
Gesendet: Montag, 23. April 2001 10:05
An: Peer-Christoph Mettelem; suse-security
Betreff: Re: [suse-security] Recursive Shellscript

 

Let me guess. you did this as root. Oh my god, surprise surprise.

 

Learn about imposing limits via PAM. (hint: www.sysadminmag.com).

 

Kurt Seifried, seifried@securityportal.com
Securityportal - your focal point for security on the 'net

 


 

----- Original Message -----

From: Peer-Christoph Mettelem

To: suse-security

Sent: Monday, April 23, 2001 1:48 AM

Subject: [suse-security] Recursive Shellscript

 

Hi,

 

I just wrote a shell script which looks like this:

while true

do

           $0

done

 

I executed it as normal user and then the following happened: As you can imagine, very many shells were started (i wasn’t able to count them because the system wasn’t responding any more). And then the system started killing system processes like X and smbd. I got the following output on console 10:

Apr 23 09:11:54 AlBundy kernel: VM: killing process kmail

Apr 23 09:12:52 AlBundy kernel: VM: killing process smbd

Apr 23 09:13:03 AlBundy kernel: VM: killing process smbd

Apr 23 09:13:05 AlBundy kernel: VM: killing process xconsole

Apr 23 09:13:13 AlBundy kernel: VM: killing process X

 

The system recovered itself by killing X. That worked because i started the script from a shell in KDE. But if the script would be started within a telnet session, it could be more dangerous.

 

I don’t know if this is a security hole, but it might be.

 

My system:

           SuSE 7.0 (kernel 2.2.18)

           Lots of updates and patches installed

           PII 350 MHz

           320 MB RAM

 

Peer-Christoph Mettelem

BezRegMS (NRW, Germany)

Software developer (trainee)

 

PS.: This is my first mail to the mailing list. Sorry if it’s OT or something...