From owner-freebsd-bugs  Fri Jun 29 10:10: 9 2001
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id 8410D37B406
	for <freebsd-bugs@hub.freebsd.org>; Fri, 29 Jun 2001 10:10:05 -0700 (PDT)
	(envelope-from gnats@FreeBSD.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.11.3/8.11.3) id f5THA5V02424;
	Fri, 29 Jun 2001 10:10:05 -0700 (PDT)
	(envelope-from gnats)
Date: Fri, 29 Jun 2001 10:10:05 -0700 (PDT)
Message-Id: <200106291710.f5THA5V02424@freefall.freebsd.org>
To: freebsd-bugs@FreeBSD.org
Cc: 
From: Peter Pentchev <roam@orbitel.bg>
Subject: Re: misc/28522: The ability to crash any freebsd box with 8 lines of shell script
Reply-To: Peter Pentchev <roam@orbitel.bg>
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-bugs.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-bugs>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-bugs>
X-Loop: FreeBSD.org

The following reply was made to PR misc/28522; it has been noted by GNATS.

From: Peter Pentchev <roam@orbitel.bg>
To: David Malone <dwmalone@maths.tcd.ie>
Cc: freebsd-gnats-submit@FreeBSD.org
Subject: Re: misc/28522: The ability to crash any freebsd box with 8 lines of shell script
Date: Fri, 29 Jun 2001 20:08:29 +0300

 On Fri, Jun 29, 2001 at 10:00:19AM -0700, David Malone wrote:
 > The following reply was made to PR misc/28522; it has been noted by GNATS.
 > 
 > From: David Malone <dwmalone@maths.tcd.ie>
 > To: Ryan Malek <squirl@exotica.mach3ww.com>
 > Cc: freebsd-gnats-submit@FreeBSD.org
 > Subject: Re: misc/28522: The ability to crash any freebsd box with 8 lines of shell script
 > Date: Fri, 29 Jun 2001 17:54:34 +0100
 > 
 >  On Fri, Jun 29, 2001 at 09:11:32AM -0700, Ryan Malek wrote:
 >  > I wrote a small paper documenting this problem.  I _think_ its quite a serious problem considering the fact that I can drop any FreeBSD box with 7 or 8 lines of shell scripting.  Here is the paper I wrote on it:
 >  > 
 >  > http://exotica.mach3ww.com/~squirl/devzero-vuln.txt
 >  
 >  You seem to have rediscovered the fork bomb - if the admin has
 >  suitable process limits set then this shouldn't be a problem.  Try
 >  saying "limit maxproc 10" and running the catbomb, you should find
 >  it is less effective.
 >  
 >  (I'll close the PR unless there is more to the problem than this).
 
 But is it really ineffective?  Just five instances of 'cat' would
 consume quite a lot of kernel resources (fake read, fake write, two
 syscalls, data copies to userspace and back...).
 
 G'luck,
 Peter
 
 -- 
 I am the thought you are now thinking.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message