I thought you might find this helpful. (I brought this issue up with the Slackware folks once, and they told me basically this.)
http://wiki.craz1.homelinux.com/index.php/Linux:Security:Forkbomb I was also told that the ability to spawn such rampant forks/processes is controlled by default in Debian. Is this the case? Here is an LQ thread where I brought it up: http://www.linuxquestions.org/questions/linux-security-4/how-can-i-prevent-forkbombs-338560/ I would like to see something done about this, with Ubuntu as popular as it is, even as a server in some cases. Is there a way that in the future, one could simply download a package or click a box or something and have a limit set, like the links suggest? That would make things just "that much" more convenient for system administrators (and might help them/us to remember to set these limits, too...). Thanks. -Dane On Fri, 2007-11-16 at 23:04 -0800, Martin Olsson wrote: > Sorry about that, I checked the "has security impact" checkbox and that > marked it as private by default. This is a very well known problem > though so keeping secret certainly does not make sense. I have manually > removed the "private" flag now. > > The content of the bug report was as follows: > --------------------------------------------- > > Repro steps: > > 1. Install gutsy gibbon (or probably any ubuntu) > 2. Start a gnome terminal > 3. Run this command: > > :(){ :|:& };: > > 4. Ubuntu starts to work furiously, after less than a second terminal > gets flooded with "low resources" message, and within a few seconds the > whole machine breaks down complete to the point where no a single pixel > is updated and the mouse cannot be moved at all. It's not possible to > escape to a ALT-Fn console terminal and CTRL-ALT-DEL does not work. > > Okay, so this is not as bad as winnuke.exe because it's not remote but I > just did it on my shared hosting co and their server went down. And I > mean seriously, there should be a way for a user to abort stuff that > hogs resources this type of complete breakdown is NEVER acceptible. I > had to power of the machine and my file system got royally screwed (long > fsck etc). > > Some of you might say this is like the oldest trick in the book, yada > yada yada... > > > Martin > > > > Alan Cox wrote: > > On Fri, 16 Nov 2007 21:51:27 -0800 > > Martin Olsson <[EMAIL PROTECTED]> wrote: > > > >> Dear kernel hackers, > >> > >> This is a message from below 0x7FFFFFFF. Please look at this bug (it's > >> not a new concept but still): > >> https://bugs.launchpad.net/ubuntu/+bug/163185 > > > > It seems to want people to register to view it. I guess Ubuntu should fix > > launchpad then we can see the bug report > > > > Alan > > - > > -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
