No, i was a normal user. Thats why i was so surprised. -----Urspr|ngliche Nachricht----- Von: Kurt Seifried [mailto:listuser@seifried.org] Gesendet: Montag, 23. April 2001 10:05 An: Peer-Christoph Mettelem; suse-security Betreff: Re: [suse-security] Recursive Shellscript Let me guess. you did this as root. Oh my god, surprise surprise. Learn about imposing limits via PAM. (hint: www.sysadminmag.com http://www.sysadminmag.com ). Kurt Seifried, seifried@securityportal.com mailto:seifried@securityportal.com Securityportal - your focal point for security on the 'net ----- Original Message ----- From: Peer-Christoph Mettelem mailto:Peer-Christoph.Mettelem@bezreg-muenster.nrw.de To: suse-security mailto:suse-security@suse.com Sent: Monday, April 23, 2001 1:48 AM Subject: [suse-security] Recursive Shellscript Hi, I just wrote a shell script which looks like this: while true do $0 done I executed it as normal user and then the following happened: As you can imagine, very many shells were started (i wasnt able to count them because the system wasnt responding any more). And then the system started killing system processes like X and smbd. I got the following output on console 10: Apr 23 09:11:54 AlBundy kernel: VM: killing process kmail Apr 23 09:12:52 AlBundy kernel: VM: killing process smbd Apr 23 09:13:03 AlBundy kernel: VM: killing process smbd Apr 23 09:13:05 AlBundy kernel: VM: killing process xconsole Apr 23 09:13:13 AlBundy kernel: VM: killing process X The system recovered itself by killing X. That worked because i started the script from a shell in KDE. But if the script would be started within a telnet session, it could be more dangerous. I dont know if this is a security hole, but it might be. My system: SuSE 7.0 (kernel 2.2.18) Lots of updates and patches installed PII 350 MHz 320 MB RAM Peer-Christoph Mettelem BezRegMS (NRW, Germany) Software developer (trainee) PS.: This is my first mail to the mailing list. Sorry if its OT or something...