Hi, On Mon, 14 Feb 2000, Michael Balzer wrote:
last evening, john used cpu ressources i needed myself, so i tried to kill him, assuming he would listen to my wishes ;-). well, he didn't, but instead started to fork himself over and over again, exiting the father as soon as the child became functional.
i consider this a normal hacker/cracker programming technic in order to avoid being killable by just one pid. but i don't consider this a normal behaviour for any program meant to be used for normal system management by an authorized admin.
maybe i'm wrong (didn't check the sources), but if so, this is still a serious bug.
It's not a bug - it seems like john spawns multiple tasks/threads to parallelize the search. If you want to kill multiple processes at once, try "killall". E.g., in your case you could have used "killall john", to regain control of your box. Alternatively you can try to determine the father process that forks the child processes - if you kill this one, it's childs should be terminated too.
SECOND. i had to shutdown to stop john from eating up all ressources. now after reboot, most applications (i.e. "ls", "su", "xterm", "xtelnet", "xlogin" ...) refuse to work from a normal user account. "xterm" for example establishes the connection with the X server and then crashes with a bus error. "ls" and "su" immediately crash with a bus error.
but all of these work perfectly when running as root, so i guess the security checking scripts damaged some file access rights because they have been stopped before their normal termination.
This sounds odd. Unfortunately I have no idea, what John might have done wrong there, so I cannot give you a hint on that one :( Sorry. Bye, LenZ -- ------------------------------------------------------------------ Lenz Grimmer SuSE GmbH mailto:grimmer@suse.de Schanzaeckerstr. 10 http://www.suse.de/~grimmer 90443 Nuernberg, Germany