85784 – Gentoo Susceptible to fork bombs by any user

Bug 85784 - Gentoo Susceptible to fork bombs by any user

Summary: Gentoo Susceptible to fork bombs by any user

Status:	RESOLVED DUPLICATE of bug 85656

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All All

Importance:	High critical (vote)
Assignee:	Gentoo Security

URL:	http://www.securityfocus.com/columnis...
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2005-03-18 08:43 UTC by Donald Giuliano
Modified:	2005-07-17 13:06 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Donald Giuliano 2005-03-18 08:43:16 UTC

According to the following article...

http://www.securityfocus.com/columnists/308?ref=rssdebia

...Gentoo is susceptible to fork bombs by a generic user in a default configuration.  After downloading a fork bomb script...

http://backpan.cpan.org/authors/id/F/FO/FOOCHRE/forkbomb.pl

...I can verify that this is in fact the case, as my system locked up within 1-2 seconds of executing the perl script and had to be power cycled.

$ cat /proc/version
Linux version 2.6.9-gentoo-r9 (root@#######) (gcc version 3.3.4 20040623 (Gentoo Linux 3.3.4-r1, ssp-3.3.2-2, pie-8.7.6)) #4 Tue Dec 21 19:17:29 UTC 2004

Comment 1 Thierry Carrez (RETIRED) gentoo-dev

2005-03-18 08:47:18 UTC


*** This bug has been marked as a duplicate of 85656 ***