On 10/22/07, Martin Tournoij <[EMAIL PROTECTED]> wrote:
> On Sun 21 Oct 2007 12:10, Danielisz Laszlo wrote:
> > Please do not try to execute this: :() { :&:; } ;: on your BSD machine.
> > I ask all who already tried it how to defend from this?
>
> Wow,, my machine just crashed :-/
> Does in this work on other OS's as well (ie. GNU/Linux)? Or just
> (Free?)BSD? I really don't feel like crashing another machine right
> now...
>
> Only works in sh, not in csh.
>
> Anyway, this seems to be security/stability issue, maybe a PR is in
> order?
>
> Regards,
> Martin TournoijI'm not a sh or bash syntax expert, but isn't this a standard "fork bomb" type command? If so, it should be possible to mitigate it with sensible login tunings set in login.conf (in this particular case, I think "maxprocesses" is the one to focus on). Executing this command on my workstation does not result in any (noticeable) bad side effects under sh or bash login shells - just notifications of "Cannot fork: Resource temporarily unavailable" as the max process limit is hit. _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
