From owner-freebsd-questions@FreeBSD.ORG Mon Oct 22 21:57:56 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 72DF516A46C for ; Mon, 22 Oct 2007 21:57:56 +0000 (UTC) (envelope-from datahead4@gmail.com) Received: from rn-out-0102.google.com (rn-out-0910.google.com [64.233.170.191]) by mx1.freebsd.org (Postfix) with ESMTP id 0534513C4B6 for ; Mon, 22 Oct 2007 21:57:55 +0000 (UTC) (envelope-from datahead4@gmail.com) Received: by rn-out-0102.google.com with SMTP id s42so558007rnb for ; Mon, 22 Oct 2007 14:57:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=qdI2fBwcQRPjybX0VuSFrt0jh1cuLQDLWB+8ik31L68=; b=lqNzna4qiVve27DLmvXt0j0q46RcuBbNaAyvhMMKr8jMdkzLmv5JJtpXeA0Kc3AdYHaG7gVbsFqTD5xWYkfROilFR2hmbl+R4L8UHpHV1tc04hjm31w1LgQwBBCSb75a8OY8hWURaBh5xNtXFp4cN30u4Q+kPpuqHraq81Ks+jA= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=AQ9sOqJcte2rprLYBOcPCGm/aYW3yweN1GIHljcxjhhP2QtrQzfuPmodBcMXqOMqT+e+0bjo+IKhT/bIU7KjMUgiuqdGPqmYRKQt/NvEHSNSKEa6joWWKVxLEVihXpNEeaa7wTKeqtUvgUq4Wy5/BLFFXFANCaQHrjWDIJ1TQTU= Received: by 10.151.7.6 with SMTP id k6mr893826ybi.1193088591315; Mon, 22 Oct 2007 14:29:51 -0700 (PDT) Received: by 10.90.106.19 with HTTP; Mon, 22 Oct 2007 14:29:51 -0700 (PDT) Message-ID: Date: Mon, 22 Oct 2007 16:29:51 -0500 From: Matt To: freebsd-questions@freebsd.org, laszlo.danielisz@gmail.com In-Reply-To: <20071022164418.GA864@glitch.rwxrwxrwx.net> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <123275.56819.qm@web30812.mail.mud.yahoo.com> <20071022164418.GA864@glitch.rwxrwxrwx.net> Cc: Subject: Re: defend from -> :() { :&:; } ;: X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Oct 2007 21:57:56 -0000 On 10/22/07, Martin Tournoij wrote: > On Sun 21 Oct 2007 12:10, Danielisz Laszlo wrote: > > Please do not try to execute this: :() { :&:; } ;: on your BSD machine. > > I ask all who already tried it how to defend from this? > > Wow,, my machine just crashed :-/ > Does in this work on other OS's as well (ie. GNU/Linux)? Or just > (Free?)BSD? I really don't feel like crashing another machine right > now... > > Only works in sh, not in csh. > > Anyway, this seems to be security/stability issue, maybe a PR is in > order? > > Regards, > Martin Tournoij I'm not a sh or bash syntax expert, but isn't this a standard "fork bomb" type command? If so, it should be possible to mitigate it with sensible login tunings set in login.conf (in this particular case, I think "maxprocesses" is the one to focus on). Executing this command on my workstation does not result in any (noticeable) bad side effects under sh or bash login shells - just notifications of "Cannot fork: Resource temporarily unavailable" as the max process limit is hit.