At Mon, 23 Apr 2001 02:04:45 -0600 , "Kurt Seifried"
Let me guess. you did this as root. Oh my god, surprise surprise.
<seifried-mode> let me guess. you haven't read the original posting ("I executed it as normal user [...]"). </seifried-mode> ;-) to me, this behaviour (which i did not try to reproduce and therfor i'm not sure it really is like described) is a security-problem. it means, any normal user can __very__ easily stop any machine he or she wants to. the limits kurt talks about should be activated by default. --emmerich
Learn about imposing limits via PAM. (hint: www.sysadminmag.com).=20
Kurt Seifried, seifried@securityportal.com Securityportal - your focal point for security on the 'net
----- Original Message -----=20 From: Peer-Christoph Mettelem=20 To: suse-security=20 Sent: Monday, April 23, 2001 1:48 AM Subject: [suse-security] Recursive Shellscript
Hi,
=20
I just wrote a shell script which looks like this:
while true
do
$0
done
=20
I executed it as normal user and then the following happened: As you = can imagine, very many shells were started (i wasn't able to count them = because the system wasn't responding any more). And then the system = started killing system processes like X and smbd. I got the following = output on console 10:
Apr 23 09:11:54 AlBundy kernel: VM: killing process kmail
Apr 23 09:12:52 AlBundy kernel: VM: killing process smbd
Apr 23 09:13:03 AlBundy kernel: VM: killing process smbd
Apr 23 09:13:05 AlBundy kernel: VM: killing process xconsole
Apr 23 09:13:13 AlBundy kernel: VM: killing process X
=20
The system recovered itself by killing X. That worked because i = started the script from a shell in KDE. But if the script would be = started within a telnet session, it could be more dangerous.
=20
I don't know if this is a security hole, but it might be.
=20
My system:
SuSE 7.0 (kernel 2.2.18)
Lots of updates and patches installed
PII 350 MHz
320 MB RAM
=20
Peer-Christoph Mettelem
BezRegMS (NRW, Germany)
Software developer (trainee)
=20
PS.: This is my first mail to the mailing list. Sorry if it's OT or = something...