Mailinglist Archive: opensuse-security (394 mails)

< Previous Next >
RE: [suse-security] ulimit -v workaround for the do_brk() bug does not work
  • From: GarUlbricht7@xxxxxxxxxxxx
  • Date: Wed, 03 Dec 2003 17:22:36 -0500
  • Message-id: <35AF5BCC.5DFAC7C6.16F823AE@xxxxxxxxxxxx>
Erik Hensema <erik@xxxxxxxxxxx> wrote:
> Hi,
> Maybe this has been discussed earlier today on this list,
> but I've just joined it.
> I was told that doing a 'limit -v 2097151' would work around
> the do_brk() bug. Unfortunately it does not :-(
> The sample exploit posted on bugtraq manages to reboot
> my SuSE 8.2 machine (standard kernel) despite the ulimit.
> Erik Hensema (erik@xxxxxxxxxxx)

Hi Erik,

Roman in hiw original post suggested two other things
needed to be done to install this work around:

Add the line

ulimit -v 2097151

as the second lines of /etc/init.d/rc and /etc/profile,

and then execute the command itself in your shell

and then restart all daemons that allow logins
(xdm, sshd, inetd/xinetd, ...).

Alternatively, simply reboot after adding the lines to above files:
Roman said this workaround is Courtesy of Solar Designer.

(Note: The reboot is in lieu of restarting
all daemons and not the editing of /etc/init.d/rc and /etc/profile.)

Further Note: the above limit -v # was changed to reflect
Roaman's second post.)

It would be best to Read, the entire thread
"RE: [suse-security] Bugs on Kernel 2.4" at:

Redhat has already put up their patch rpm,

I suspect SuSe's will be up soon, making this work around moot.

Hope this helps,

In the Beginning was the Command Line
---Neal Stephenson


McAfee VirusScan Online from the Netscape Network.
Comprehensive protection for your entire computer. Get your free trial today!

Get AOL Instant Messenger 5.1 free of charge. Download Now!

< Previous Next >
Follow Ups