Bug 85784

Summary:	Gentoo Susceptible to fork bombs by any user
Product:	Gentoo Security	Reporter:	Donald Giuliano <guido>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED DUPLICATE
Severity:	critical
Priority:	High
Version:	unspecified
Hardware:	All
OS:	All
URL:	http://www.securityfocus.com/columnists/308?ref=rssdebia
Whiteboard:
Package list:		Runtime testing required:	---

Description Donald Giuliano 2005-03-18 08:43:16 UTC

According to the following article...

http://www.securityfocus.com/columnists/308?ref=rssdebia

...Gentoo is susceptible to fork bombs by a generic user in a default configuration.  After downloading a fork bomb script...

http://backpan.cpan.org/authors/id/F/FO/FOOCHRE/forkbomb.pl

...I can verify that this is in fact the case, as my system locked up within 1-2 seconds of executing the perl script and had to be power cycled.

$ cat /proc/version
Linux version 2.6.9-gentoo-r9 (root@#######) (gcc version 3.3.4 20040623 (Gentoo Linux 3.3.4-r1, ssp-3.3.2-2, pie-8.7.6)) #4 Tue Dec 21 19:17:29 UTC 2004

Comment 1 Thierry Carrez (RETIRED) gentoo-dev

2005-03-18 08:47:18 UTC


*** This bug has been marked as a duplicate of 85656 ***