Operating Systems > Linux and UNIX
Linux Kernel Security. forkbomb havoc
muzzy:
Oh my, oh my! So, it's ok for linux box to suck after install and then it's admin's job to set it up properly, but same doesn't apply for windows?
muzzy:
Also, /etc/profile is only executed for login shells. So, this doesn't solve the problem. :)
WMD:
Everything starts at a login shell. My desktop comes from the shell that I typed "startx" from.
If it doesn't, then just where WOULD you have that command?
muzzy:
hint: What starts the login shell? And what started that process? What other processes are started in similar fashion?
There's a lot of choices for exploitation. :)
Calum:
muzzy, your accusation of double standards isn't actually aimed at any comment in particular that i could find. who are you accusing of making this comparison?
i would say the vendor is responsible for the shortcomings of their product. so: microsoft is responsible for the shortcomings of mswindows, mandrakesoft are responsible for the shortcomings of mandrake linux and so on. slackware, debian and so on are organisations, so their output is not "product" as such, but, yes, they are still responsible for their output, although of course with their stuff their licences more or less say "use at your own risk". the fact people continue to use slack and debian shows how good a job they're doing of living up to their commercial counterparts. linux is not to blame, the vendor of a specific system where a problem exists is to blame, to the extent that they make certain claims that their software will work, in the EULA and elsewhere.
in fact the GNU GPL has a clause specifying that the software is not guaranteed to be useful for any purpose, and i do not think microsoft has this in their EULA (check it out if you like, i have some of their EULAs archived at http://www.polytheism.org.uk/openopen/files/licences/ but can't be bothered to check right now). while this is not an excuse, it does mean that microsoft make more claims about the "quality" of their software than any GPL software does, not to imply that any entire "linux" distribution is GPL software, but you get the idea i am sure.
re: the ulimit setting, i would put it into rc.local to be honest. fair enough, this probably isn't the "right" place for it, but it will work. i might mention (since we mentioned the slack /etc/profile) that that file also, by default, adds ./ to the $PATH for the root user! this is a really stupid move in my opinion, i think for more than abvious reasons, and the first thing i do on a slack installation is edit the /etc/profile and get rid of this.
but the main point is that certain people still do not realise who is responsible for an end product such as a complete operating system. it is the vendor/distributor of that system, ie: the organisation responsible for putting it together in the first place. Once it is installed, a specific installation of that system becomes the responsibility of that system's administrator. i would say this is a fair model and is true to life, anyway.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version