On Oct 13, 3:05 pm, "Timothy Clemans" <[EMAIL PROTECTED]> wrote:
Hi Timothy, > I had never heard of "fork bomb" until now. According to Wikipedia, > it's somewhat preventable by implementing a limit of the number of > processes per user. just read "man ulimit" :) > I like the fact that Knoboo makes it easy to run the actual Sage > processes on a completely different machine or at least in a virtual > machine. At some point Knoboo might have a system for dealing with > down kernel servers where one can still access and download notebooks. Nope, once you fork bomb and you do not have a root shell open to the box it is game over in the vast majority of cases. Any external access usually requires a fork of some sort and since someone just fork bombed the box it is a gonner. > Would the entire Sage Notebook be ran in a VMWare image or the > individual Sage per sage unix user processes inside their own? So like > sage0 would have a virtual machine, sage1 would have its own, etc. Yep, that is pretty much the way to go together with some more tweaks to the setup. The main issue is that a skilled attacker (not likely the person who fork bombed the box) can break out or DOS pretty much any setup, so one has to assume that people interested in using the Sage notebook are neither idiots or assholes. Back in the day I also did penetration testing and in the end if you give someone a local shell account (which is pretty much any notebook account) you have to trust the person to some extent. Given a shell account it is only a question of time even for someone semi-skilled to execute an exploit found on the net before one can patch the box. I guess in the end the people relying on the public notebook server are the screwed ones here because even once the server is back up it will be much more locked down. Cheers, Michael <SNIP> --~--~---------~--~----~------------~-------~--~----~ To post to this group, send email to sage-devel@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/sage-devel URLs: http://www.sagemath.org -~----------~----~----~----~------~----~------~--~---
