is it really. I have use it for my LFS. How can it be that. not nice anyone use it. can you send me the early version of it. Thank you very much
2011/10/9 Andrew Benton <b3n...@gmail.com> > Hello, > > I originally sent this to LFS support by mistake; I shouldn't send > emails late at night ;) > > I've wrote to LFS support before about fork bombs. Last July I learned > how to prevent them by limiting the number of processes a user can have > with /etc/limits. Recently I've been working on installing linux-PAM > (for ssh, it gives me more options to use PAM. I want to open ssh to > the internet so I'm hardening things up a bit, pam_faildelay.so is a > wonderful thing). > > I first had a suspicion something was wrong when I saw this in > /var/log/auth.log on one of our computers: > > Oct 8 13:16:26 router su[546]: Invalid limit string: ' U128' > > As part of my testing I tried a fork bomb and was horrified to discover > that nothing I did with PAM could prevent the fork bomb from locking up > the system. Then I tried it on a system that didn't have PAM (it still > had just shadow) and the result was the same, the fork bomb made the > system unresponsive. I can't remember what version of shadow I was > using last July but I can't make shadow-4.1.4.3 limit the number of > processes and protect against a fork bomb. > > I've just rebuilt a system with shadow-4.0.18.1 and when I run a fork > bomb the shell fills up with "Resource temporarily unavailable" (ie, > shadow-4.0.18.1 has done it's job and limited the number of processes), > the system stays responsive, I can log out and shut down cleanly. > Basically, shadow-4.0.18.1 works. The current version (shadow-4.1.4.3) > is broken. With or without PAM it cannot limit the number of processes. > Can anyone make shadow-4.1.4.3 limit the number of processes? > > It seems to me that any system with shadow-4.1.4.3 is vulnerable to a > fork bomb. We should go back to 4.0.18.1, which works. > > Andy > -- > http://linuxfromscratch.org/mailman/listinfo/lfs-dev > FAQ: http://www.linuxfromscratch.org/faq/ > Unsubscribe: See the above information page >
-- http://linuxfromscratch.org/mailman/listinfo/lfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
