Operating Systems > Linux and UNIX

Linux Kernel Security. forkbomb havoc

<< < (6/8) > >>

KernelPanic:
You can also hard limit NPROC in /etc/security/limits.conf

Kintaro:
Yea, someone has to break into my system to forkbomb it in the first place, I don't think that will happen though.

muzzy:

--- Quote from: KernelPanic ---You can also hard limit NPROC in /etc/security/limits.conf
--- End quote ---


AFAIK that's read in by PAM, so you're still screwed and vulnerable in same way you're vulnerable in the /etc/profile case.

KernelPanic:

--- Quote from: muzzy ---AFAIK that's read in by PAM, so you're still screwed and vulnerable in same way you're vulnerable in the /etc/profile case.
--- End quote ---


Correct, but i'm still wondering how you suppose this can be comprimised if the limits are imposed before the user even logs in?

muzzy:

--- Quote from: KernelPanic ---Correct, but i'm still wondering how you suppose this can be comprimised if the limits are imposed before the user even logs in?
--- End quote ---


Through any process that launches stuff on its own, for the user. These include webserver and cgi scripts, cron, and any other daemons that are spawned by init and not by a login shell.

Also, user could be a bitch and spawn multiple connections inside the box to get a new clean login process, although the attack would not be as straightforward as it was anymore.

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version