Roman, I'm rather uneasy about the suggested workround because if you use that ulimit command it has no effect on the reported limit. e.g. $ ulimit -v 2147483647 $ ulimit -v unlimited After some experiments I found that 4194303 works and 4194304 does not. This corresponds to 4 GB which should be big enough for my purposes. Of course, it may be that the limit is being set correctly and reported wrongly but you can understand my concern. I have verified that if root sets its shell ulimit to 4194303 and restarts sshd then the new limit applies to new ssh sessions, which is good. I'm using SuSE 8.2. Bob On Tue, 2 Dec 2003, Roman Drahtmueller wrote:

...

Hi Edwin,

This is my take and not offical. However, a posting at Slashdot indicates that both SuSE and Redhat are working on it. http://developers.slashdot.org/developers/03/12/01/2133249.shtml?tid=106&tid=185&tid=90 The "newest kernels" apparently have already solved the problem, so I expect that there will soon be a SuSE patch.

Exactly. The SUSE LINUX 9.0 kernel that is offered as "optional" in YOU fixes the problem. All other SUSE Linux releases will see update packages soon. Olaf Kirch is currently handling it.

The kernel is a very critical component of the system. As such, it needs extensive testing - otherwise, we are confronted with some hundred thousand to millions of systems that can't boot any more. Please allow us to use some time for this testing effort.

An easy workaround against the brk() issue: Set the address space limit to another value than nothing, even a very high value.

Add the line

ulimit -v 2147483647

as the second lines of /etc/init.d/rc and /etc/profile, execute the command itself in your shell and then restart all daemons that allow logins (xdm, sshd, inetd/xinetd, ...). Alternatively, simply reboot after adding the lines. (Courtesy of Solar Designer)

...

Friendly greetings. Gar

Thanks for summarizing.

Roman. -- - - | Roman Drahtmüller // Nail here | SUSE Linux AG - Security Phone: // for a new | Nürnberg, Germany +49-911-740530 // monitor! --> [x] | - -

-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here

============================================================== Bob Vickers R.Vickers@cs.rhul.ac.uk Dept of Computer Science, Royal Holloway, University of London WWW: http://www.cs.rhul.ac.uk/home/bobv Phone: +44 1784 443691

Roman,

I'm rather uneasy about the suggested workround because if you use that ulimit command it has no effect on the reported limit. e.g.

$ ulimit -v 2147483647 $ ulimit -v unlimited

After some experiments I found that 4194303 works and 4194304 does not. This corresponds to 4 GB which should be big enough for my purposes.

I was stupid, the ulimit is given in kBytes in bash. :-( Sorry. 2097151 should be ok. That's 2GB-1kB.

Of course, it may be that the limit is being set correctly and reported wrongly but you can understand my concern.

I have verified that if root sets its shell ulimit to 4194303 and restarts sshd then the new limit applies to new ssh sessions, which is good.

I'm using SuSE 8.2.

Should be independent of what SUSE you use...

Bob

Thanks, Roman. -- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here