Bug 206289 - Fedora is succetible to forkbombs by a user.
Summary: Fedora is succetible to forkbombs by a user.
Alias: None
Product: Fedora
Classification: Fedora
Component: kernel   
(Show other bugs)
Version: 5
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Dave Jones
QA Contact: Brian Brock
URL: http://www.securityfocus.com/columnis...
Depends On:
TreeView+ depends on / blocked
Reported: 2006-09-13 14:39 UTC by Victor Bogado
Modified: 2015-01-04 22:28 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-09-14 06:21:13 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Victor Bogado 2006-09-13 14:39:41 UTC
Description of problem:
After seeing this article on security focus I wanted to test it and as soon as I
did I found out that indeed a normal user can efectly halt a system with a
simple forkbomb.

Steps to Reproduce:
1. open a terminal 
2. type :(){:|:?};:
3. press enter and wait a few seconds, after witch the computer will halt completly
Actual results:
A complete halt, the computer stops to answer interrupts, the mouse stop and no
keyboard activity can save ctrl-alt-F1 does not work. 

Expected results:
the process should reproduce till it meet a rational user limit. Then the fork
should fail to fork the process.

Comment 1 Dave Jones 2006-09-14 06:21:13 UTC
man ulimit

Comment 2 Victor Bogado 2006-09-14 12:12:41 UTC
Do you really feel that this should be a default and that this is not a BUG? 

Comment 3 Victor Bogado 2006-09-14 12:27:33 UTC
What I mean is that in the default instalation a user can halt a system, without
any priviledges, a situation that could be fixed by a simple switch on the
defaults. What is the use of having SELinux if you can simply forkbomb the

Now follow me here, SELinux is installed so if a service is compromised the
service will not be able to do damage on the system, correct? But httpd have to
be able to fork, and as such one person that compromises a httpd server can
bring the machine down with all other services with it. 

I, in my humble opinion, think that this limit in number of proccess a user can
have should have been setted to a reasonable number in the kernel, ulimit is a
bash feature and does not affect programs that are started by other means, or am
I mistaken? 

Note You need to log in before you can comment on or make changes to this bug.