Hi,
I just wrote a shell script which
looks like this:
while true
do
$0
done
I executed it as normal user and
then the following happened: As you can imagine, very many shells were started
(i wasn’t able to count them because the system wasn’t responding any more). And
then the system started killing system processes like X and smbd. I got the
following output on console 10:
Apr 23
09:11:54 AlBundy kernel: VM: killing process kmail
Apr 23
09:12:52 AlBundy kernel: VM: killing process smbd
Apr 23
09:13:03 AlBundy kernel: VM: killing process smbd
Apr 23
09:13:05 AlBundy kernel: VM: killing process xconsole
Apr 23
09:13:13 AlBundy kernel: VM: killing process X
The system recovered itself by
killing X. That worked because i started the script from a shell in KDE. But if
the script would be started within a telnet session, it could be more
dangerous.
I don’t know if this is a security
hole, but it might be.
My system:
SuSE
7.0 (kernel 2.2.18)
Lots
of updates and patches installed
PII
350 MHz
320
MB RAM
Peer-Christoph Mettelem
BezRegMS (NRW, Germany)
Software developer (trainee)
PS.: This is my first mail to the mailing
list. Sorry if it’s OT or something...