Linux Kernel Security, Again

Threat level definition

Linux Kernel Security, Again
Jason Miller, 2005-03-16

It's a sad day when an ancient fork bomb attack can still take down most of the latest Linux distributions.

Expand all | Post comment

silly article 2005-03-17
Anonymous (4 replies)

silly article 2005-03-18
Anonymous

silly article 2005-03-18
Anonymous (1 replies)

shouldn't you people already have your boxes secured? 2005-03-18
Anonymous (2 replies)

shouldn't you people already have your boxes secured? 2005-03-19
Anonymous

shouldn't you people already have your boxes secured? 2005-03-23
anon

silly response 2005-03-18
Anonymous

silly comment 2005-03-18
Anonymous (1 replies)

silly article 2005-03-18
Anonymous

Linux Kernel Security, Again 2005-03-17
Karyl Stein (1 replies)

Linux Kernel Security, Again 2005-03-17
Jason V. Miller (Author) (1 replies)

Linux Kernel Security, Again 2005-03-18
Anonymous

Linux Kernel Security, Again 2005-03-17
Anonymous (3 replies)

Linux Kernel Security, Again 2005-03-17
Jason V. Miller (Author) (3 replies)

Linux Kernel Security, Again 2005-03-17
mrsad (1 replies)

Linux Kernel Security, Again 2005-03-17
Jason V. Miller (Author) (1 replies)

Linux Kernel Security, Again 2005-03-18
Anonymous (2 replies)

Linux Kernel Security, Again 2005-03-18
crf (2 replies)

Linux Kernel Security, Again 2005-03-18
Anonymous

Linux Kernel Security, Again 2005-03-18
Anonymous

Linux Kernel Security, Again 2005-03-20
Anonymous

Linux Kernel Security, Again 2005-03-18
Anonymous

Linux Kernel Security, Again 2005-03-19
CrossChris

Linux Kernel Security, Again 2005-03-18
Anonymous

Linux Kernel Security, Again 2005-03-18
Anonymous

simple fork bomb? 2005-03-17
Anonymous (1 replies)

simple fork bomb? 2005-03-17
Jason V. Miller (Author) (3 replies)

simple fork bomb? 2005-03-17
Anonymous

simple fork bomb? 2005-03-17
Anonymous (1 replies)

simple fork bomb? 2005-03-17
Jason V. Miller (Author) (1 replies)

simple fork bomb? 2005-03-18
Stephen Samuel (3 replies)

simple fork bomb? 2005-03-18
Eric F.

simple fork bomb? 2005-03-18
Michael Ayres

simple fork bomb? 2005-03-20
Anonymous

simple fork bomb? 2005-03-20
Anonymous

Linux Kernel Security, Again 2005-03-17
AdamW

Linux Kernel Security, Again 2005-03-17
Todd Knarr

Intended use dictates the limits 2005-03-17
Erik Keller (1 replies)

Intended use dictates the limits 2005-03-17
Jason V. Miller (Author) (4 replies)

Intended use dictates the limits 2005-03-18
Erik Keller (1 replies)

Maybe just use proper distros where needed? 2005-03-20
Michael Shigorin

Well the message "distro makers should have done it" is equally true or false depending on _what_ is "it".

They're routinely doing a bunch of things administrators would have to even more routinely perform otherwise, and the only sane proposal I see here is some kind of "security level" (btw, don't know how it's now but exactly Mandrake had msec several years ago although was completely horrid in a bunch of other aspects).

And the _major_ knob is the distro itself: don't judge "Linux" on Mdk, get Owl, Adamantix or ALTLinux there to see. These are hardened distros, people using them are or become aware that the usability/security balance is quite different from most other distros.

PS: frankly, I'm thinking Symantec could have done a better job of finding a person of judging on these matters. Sorry but it's the first and still lasting impression after having partially followed the discussion...

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/308/31098#31098

Intended use dictates the limits 2005-03-18
Jim

Intended use dictates the limits 2005-03-23
Anonymous

Intended use dictates the limits 2005-03-25
Anon

Linux Kernel Security, Again 2005-03-17
Anonymous (2 replies)

Linux Kernel Security, Again 2005-03-17
Jason V. Miller (Author) (1 replies)

LSM is in the standard kernel. 2005-03-18
Anonymous

Linux Kernel Security, Again 2005-03-18
Anonymous (1 replies)

Linux Kernel Security, Again 2005-03-18
Anonymous (1 replies)

Linux Kernel Security, Again 2005-03-19
PaX Team

Once again... 2005-03-18
Anonymous (1 replies)

re: Once again... 2005-03-18
editor

Debian not vulnerable? 2005-03-18
Wilmer van der Gaast (2 replies)

Debian not vulnerable? 2005-03-18
k_the_c

Debian not vulnerable? 2005-03-18
Anonymous

Linux Kernel Security, Again 2005-03-18
Matthew

Linux Kernel Security, Again 2005-03-18
Gentoo User (1 replies)

Linux Kernel Security, Again 2005-03-18
Another Gentoo User (2 replies)

Linux Kernel Security, Again 2005-03-18
Gentoo/Debian/OpenBSD user (1 replies)

Linux Kernel Security, Again 2005-03-18
Jason V. Miller (Author)

Linux Kernel Security, Again 2005-03-18
gregm

python forkbomb one liner + thoughts 2005-03-18
X

Linux Kernel Security, Again 2005-03-18
FreeBSD user (2 replies)

Linux Kernel Security, Again 2005-03-18
Jason V. Miller (Author)

Linux Kernel Security, Again 2005-03-19
Ryan

Debian IS vulnerable! 2005-03-18
Anonymous (2 replies)

Debian IS vulnerable! 2005-03-18
Anonymous

Debian IS vulnerable! 2005-03-18
Anonymous (2 replies)

Get SuSE 2005-03-18
Anonymous

Debian IS vulnerable! 2005-03-18
Anonymous

Linux Kernel Security, Again 2005-03-18
Gentoo User

Linux Kernel Security, Again 2005-03-18
Anonymous

Linux only? perhaps across the board problem? Conflict of interest? 2005-03-18
glotfeltys@gmail.com (1 replies)

no conflict, thank-you very much 2005-03-18
editor

Linux Kernel Security, Again 2005-03-18
Angel Freire

Gentoo vulnerable? 2005-03-18
Anonymous (1 replies)

Gentoo vulnerable? 2005-03-18
dk

Linux Kernel Security, Again 2005-03-18
Saltine (1 replies)

Linux Kernel Security, Again 2005-03-20
Anonymous

Linux Kernel Security, Again 2005-03-18
Stef (1 replies)

Linux Kernel Security, Again 2005-03-18
Jason V. Miller (Author)

Jason's opinion is too biased 2005-03-18
Anonymous (2 replies)

Jason's opinion is too biased 2005-03-18
Anonymous

Jason's opinion is too biased 2005-03-18
Jason V. Miller (Author) (1 replies)

Jason's opinion is too biased 2005-03-23
Anonymous

Linux Kernel Security, Again 2005-03-18
Anonymous

Take the first step author. 2005-03-18
EG (2 replies)

Take the first step author. 2005-03-18
Anonymous (1 replies)

Take the first step author. 2005-03-18
Anonymous

Take the first step author. 2005-03-18
Jason V. Miller (Author)

Solution was?... 2005-03-18
Anonymous (2 replies)

Solution was?... 2005-03-18
Anonymous

Solution was?... 2005-03-19
Anonymous

Not quite a valid criticism... 2005-03-18
Anonymous (2 replies)

Not quite a valid criticism... 2005-03-20
darwin lopez

Not quite a valid criticism... 2005-03-20
Anonymous

Linux^H^H^H^H^HAny Kernel Security, Again 2005-03-18
Anonymous

Silly IDS kid needs to learn C. 2005-03-19
OpenBSD is for Girls

Linux Kernel Security, Again 2005-03-19
Anonymous

Linux Kernel Security, Again 2005-03-19
Anonymous

FC2 vulnerable, too - copy of script enclosed 2005-03-19
Anonymous

Linux Kernel Security 2005-03-19
Anonymous

Does it work on Mac OS X? 2005-03-19
huwr

Fresh FreeBSD 5.3 install 2005-03-20
Anonymous

Gentoo: emerge hardened-dev-sources 2005-03-20
Scoove

Try, disk I/O and mem. alloc 2005-03-20
Bipin Gautam

Solaris 10 vulnerable, too 2005-03-20
Anonymous

Why its Valid! 2005-03-21
Anonymous

Mandrake 10.1 didn't freeze... 2005-03-21
Anonymous

Scaremongering. Not a serious problem. 2005-03-21
Anonymous

DEBIAN 2005-03-21
Anonymous (1 replies)

DEBIAN 2005-03-22
Anonymous (1 replies)

DEBIAN 2005-03-23
Lucio

Linux Kernel Security, Again 2005-03-23
Anonymous

Linux Kernel Security, Again 2005-03-24
Anonymous

PAM 2005-03-24
Maestr0

Linux Kernel Security, Again 2005-03-28
Anonymous

Linux Kernel Security, Again 2005-03-29
Anonymous

Linux Kernel Security, Again 2005-09-01
tcsh

Privacy Statement
Copyright 2009, SecurityFocus