Date: Mon, 22 Oct 2007 16:29:51 -0500
From: Matt <datahead4@gmail.com>
To: freebsd-questions@freebsd.org, laszlo.danielisz@gmail.com
Subject: Re: defend from -> :() { :&:; } ;:
Message-ID: <cd6b4a5b0710221429x52b2fba0ibb8e3369d518586f@mail.gmail.com>
In-Reply-To: <20071022164418.GA864@glitch.rwxrwxrwx.net>
References: <123275.56819.qm@web30812.mail.mud.yahoo.com> <20071022164418.GA864@glitch.rwxrwxrwx.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 10/22/07, Martin Tournoij <carpetsmoker@xs4all.nl> wrote:
> On Sun 21 Oct 2007 12:10, Danielisz Laszlo wrote:
> > Please do not try to execute this: :() { :&:; } ;: on your BSD machine.
> > I ask all who already tried it how to defend from this?
>
> Wow,, my machine just crashed :-/
> Does in this work on other OS's as well (ie. GNU/Linux)? Or just
> (Free?)BSD? I really don't feel like crashing another machine right
> now...
>
> Only works in sh, not in csh.
>
> Anyway, this seems to be security/stability issue, maybe a PR is in
> order?
>
> Regards,
> Martin Tournoij
I'm not a sh or bash syntax expert, but isn't this a standard "fork
bomb" type command? If so, it should be possible to mitigate it with
sensible login tunings set in login.conf (in this particular case, I
think "maxprocesses" is the one to focus on).
Executing this command on my workstation does not result in any
(noticeable) bad side effects under sh or bash login shells - just
notifications of "Cannot fork: Resource temporarily unavailable" as
the max process limit is hit.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?cd6b4a5b0710221429x52b2fba0ibb8e3369d518586f>