As an old coworker had in his sig: Unix doesn't prevent you from doing stupid things, because that would also prevent you from doing clever things.

I think the point that Jason is missing here is that the majority of people who are using Linux (or any *nix, really) are generally using it either as an individual's workstation or strictly as a server. There seems to be very little call these days, either in home or in business use, for servers that have several users. What do I care if a fork bomb can take out my home PC if I'm the only person using it? What do I care if a web server can be taken out by a fork bomb when the only local user is its administrator?

Fork bombs, as mere DoS, are really the least of a system administrator's worries. Most versions of most Linux distributions are almost guaranteed to have a buffer overflow in there somewhere that a local user can take advantage of to get root on the system. In contrast to your pathetic fork bomb, those carry the very real threat of further compromised security (trojans, etc.) and significant data loss.

With that in mind, it's generally not safe to grant local accounts to untrusted people to begin with, and Linux is not the only operating system for which randomly handing out local accounts is a foolish thing to do.

You're making pebbles sound like asteroids. Fork bombs are nothing; let's focus on the REAL problems.

crf


[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/308/31030#31030