Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Linux Kernel Security, Again
Jason Miller, 2005-03-16

It's a sad day when an ancient fork bomb attack can still take down most of the latest Linux distributions.

Comments Mode:
silly article 2005-03-17
Anonymous (4 replies)
silly article 2005-03-18
Anonymous
silly article 2005-03-18
Anonymous (1 replies)
shouldn't you people already have your boxes secured? 2005-03-18
Anonymous (2 replies)
shouldn't you people already have your boxes secured? 2005-03-19
Anonymous
shouldn't you people already have your boxes secured? 2005-03-23
anon
silly response 2005-03-18
Anonymous
silly comment 2005-03-18
Anonymous (1 replies)
silly article 2005-03-18
Anonymous
You don't grok ulimit. There are two kinds of limits: hard limits and soft limits. A hard limit cannot be increased by non-root users, while a soft limit can.

If a distribution sets hard limits in a shell startup file like /etc/profile or whatever, then those limits will be applied at login time for all users, and users cannot raise them.

The key here is that this is 100%, ENTIRELY, COMPLETELY distribution-specific and has absolutely NOTHING to do with the kernel. Thus, using that as the one and only, main point in an article about KERNEL security is just silly.


[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/308/31059#31059
Linux Kernel Security, Again 2005-03-17
Karyl Stein (1 replies)
Linux Kernel Security, Again 2005-03-17
Jason V. Miller (Author) (1 replies)
Linux Kernel Security, Again 2005-03-18
Anonymous
Linux Kernel Security, Again 2005-03-17
Anonymous (3 replies)
Linux Kernel Security, Again 2005-03-17
Jason V. Miller (Author) (3 replies)
Linux Kernel Security, Again 2005-03-17
mrsad (1 replies)
Linux Kernel Security, Again 2005-03-17
Jason V. Miller (Author) (1 replies)
Linux Kernel Security, Again 2005-03-18
Anonymous (2 replies)
Linux Kernel Security, Again 2005-03-18
crf (2 replies)
Linux Kernel Security, Again 2005-03-18
Anonymous
Linux Kernel Security, Again 2005-03-18
Anonymous
Linux Kernel Security, Again 2005-03-20
Anonymous
Linux Kernel Security, Again 2005-03-18
Anonymous
Linux Kernel Security, Again 2005-03-19
CrossChris
Linux Kernel Security, Again 2005-03-18
Anonymous
Linux Kernel Security, Again 2005-03-18
Anonymous
simple fork bomb? 2005-03-17
Anonymous (1 replies)
simple fork bomb? 2005-03-17
Jason V. Miller (Author) (3 replies)
simple fork bomb? 2005-03-17
Anonymous
simple fork bomb? 2005-03-17
Anonymous (1 replies)
simple fork bomb? 2005-03-17
Jason V. Miller (Author) (1 replies)
simple fork bomb? 2005-03-18
Stephen Samuel (3 replies)
simple fork bomb? 2005-03-18
Eric F.
simple fork bomb? 2005-03-18
Michael Ayres
simple fork bomb? 2005-03-20
Anonymous
simple fork bomb? 2005-03-20
Anonymous
Linux Kernel Security, Again 2005-03-17
AdamW
Linux Kernel Security, Again 2005-03-17
Todd Knarr
Intended use dictates the limits 2005-03-17
Erik Keller (1 replies)
Intended use dictates the limits 2005-03-17
Jason V. Miller (Author) (4 replies)
Intended use dictates the limits 2005-03-18
Erik Keller (1 replies)
Maybe just use proper distros where needed? 2005-03-20
Michael Shigorin
Intended use dictates the limits 2005-03-18
Jim
Intended use dictates the limits 2005-03-23
Anonymous
Intended use dictates the limits 2005-03-25
Anon
Linux Kernel Security, Again 2005-03-17
Anonymous (2 replies)
Linux Kernel Security, Again 2005-03-17
Jason V. Miller (Author) (1 replies)
LSM is in the standard kernel. 2005-03-18
Anonymous
Linux Kernel Security, Again 2005-03-18
Anonymous (1 replies)
Linux Kernel Security, Again 2005-03-18
Anonymous (1 replies)
Linux Kernel Security, Again 2005-03-19
PaX Team
Once again... 2005-03-18
Anonymous (1 replies)
re: Once again... 2005-03-18
editor
Debian not vulnerable? 2005-03-18
Wilmer van der Gaast (2 replies)
Debian not vulnerable? 2005-03-18
k_the_c
Debian not vulnerable? 2005-03-18
Anonymous
Linux Kernel Security, Again 2005-03-18
Matthew
Linux Kernel Security, Again 2005-03-18
Gentoo User (1 replies)
Linux Kernel Security, Again 2005-03-18
Another Gentoo User (2 replies)
Linux Kernel Security, Again 2005-03-18
Gentoo/Debian/OpenBSD user (1 replies)
Linux Kernel Security, Again 2005-03-18
Jason V. Miller (Author)
Linux Kernel Security, Again 2005-03-18
gregm
python forkbomb one liner + thoughts 2005-03-18
X
Linux Kernel Security, Again 2005-03-18
FreeBSD user (2 replies)
Linux Kernel Security, Again 2005-03-18
Jason V. Miller (Author)
Linux Kernel Security, Again 2005-03-19
Ryan
Debian IS vulnerable! 2005-03-18
Anonymous (2 replies)
Debian IS vulnerable! 2005-03-18
Anonymous
Debian IS vulnerable! 2005-03-18
Anonymous (2 replies)
Get SuSE 2005-03-18
Anonymous
Debian IS vulnerable! 2005-03-18
Anonymous
Linux Kernel Security, Again 2005-03-18
Gentoo User
Linux Kernel Security, Again 2005-03-18
Anonymous
Linux only? perhaps across the board problem? Conflict of interest? 2005-03-18
glotfeltys@gmail.com (1 replies)
no conflict, thank-you very much 2005-03-18
editor
Linux Kernel Security, Again 2005-03-18
Angel Freire
Gentoo vulnerable? 2005-03-18
Anonymous (1 replies)
Gentoo vulnerable? 2005-03-18
dk
Linux Kernel Security, Again 2005-03-18
Saltine (1 replies)
Linux Kernel Security, Again 2005-03-20
Anonymous
Linux Kernel Security, Again 2005-03-18
Stef (1 replies)
Linux Kernel Security, Again 2005-03-18
Jason V. Miller (Author)
Jason's opinion is too biased 2005-03-18
Anonymous (2 replies)
Jason's opinion is too biased 2005-03-18
Anonymous
Jason's opinion is too biased 2005-03-18
Jason V. Miller (Author) (1 replies)
Jason's opinion is too biased 2005-03-23
Anonymous
Linux Kernel Security, Again 2005-03-18
Anonymous
Take the first step author. 2005-03-18
EG (2 replies)
Take the first step author. 2005-03-18
Anonymous (1 replies)
Take the first step author. 2005-03-18
Anonymous
Take the first step author. 2005-03-18
Jason V. Miller (Author)
Solution was?... 2005-03-18
Anonymous (2 replies)
Solution was?... 2005-03-18
Anonymous
Solution was?... 2005-03-19
Anonymous
Not quite a valid criticism... 2005-03-18
Anonymous (2 replies)
Not quite a valid criticism... 2005-03-20
darwin lopez
Not quite a valid criticism... 2005-03-20
Anonymous
Linux^H^H^H^H^HAny Kernel Security, Again 2005-03-18
Anonymous
Silly IDS kid needs to learn C. 2005-03-19
OpenBSD is for Girls
Linux Kernel Security, Again 2005-03-19
Anonymous
Linux Kernel Security, Again 2005-03-19
Anonymous
FC2 vulnerable, too - copy of script enclosed 2005-03-19
Anonymous
Linux Kernel Security 2005-03-19
Anonymous
Does it work on Mac OS X? 2005-03-19
huwr
Fresh FreeBSD 5.3 install 2005-03-20
Anonymous
Gentoo: emerge hardened-dev-sources 2005-03-20
Scoove
Try, disk I/O and mem. alloc 2005-03-20
Bipin Gautam
Solaris 10 vulnerable, too 2005-03-20
Anonymous
Why its Valid! 2005-03-21
Anonymous
Mandrake 10.1 didn't freeze... 2005-03-21
Anonymous
Scaremongering. Not a serious problem. 2005-03-21
Anonymous
DEBIAN 2005-03-21
Anonymous (1 replies)
DEBIAN 2005-03-22
Anonymous (1 replies)
DEBIAN 2005-03-23
Lucio
Linux Kernel Security, Again 2005-03-23
Anonymous
Linux Kernel Security, Again 2005-03-24
Anonymous
PAM 2005-03-24
Maestr0
Linux Kernel Security, Again 2005-03-28
Anonymous
Linux Kernel Security, Again 2005-03-29
Anonymous
Linux Kernel Security, Again 2005-09-01
tcsh







 

Privacy Statement
Copyright 2009, SecurityFocus