Date: Fri, 24 Mar 2000 10:04:25 -0800 (PST) From: Matthew Dillon <dillon@apollo.backplane.com> To: Dungeonkeeper <zethix@sofiaonline.com> Cc: freebsd-security@FreeBSD.ORG, freebsd-hackers@FreeBSD.ORG Subject: Re: shell issue Message-ID: <200003241804.KAA14795@apollo.backplane.com> References: <XFMail.000324183547.zethix@sofiaonline.com>
next in thread | previous in thread | raw e-mail | index | archive | help
:Hi there, : :First of all: I want to apologise for my poor english. : :Today me and a few friends of mine discussed the shells' (well, shell is :actualy one of: sh/bash/csh/tcsh... not tested for ksh) command line expansion :routines, mainly because of a problem discovered by one of my friends. I'm not :sure if this is something new... So, let me explain what he found. It seems :that the shell wants to allocate enough memory to hold the entire command line :when expanding all of the arguments and we can force it to allocate hudge :ammount of memory with a tricky command like this: : :carnivoro# /bin/csh -c `cat /dev/urandom` You can trivially write any program to allocate memory continuously. This isn't really a security problem with shells. If you want to cap memory useage you can set a datasize limit. It doesn't cap everything (i.e. it doesn't cap mmap() use), but it does cover the most common mistakes that users make. -Matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200003241804.KAA14795>