Linux Kernel Security, Again
While investigating some reports of recent Unix compromises, I ran into a message from the SecurityFocus Incidents mailing list that was forwarded to me by the moderator, Daniel Hanson. It was a lengthy post detailing the compromise of a Linux machine. The post contained an awkward IRC-based discussion between the server administrator and the guy who had broke into the machine.
Reading through this discussion, I discovered the following exchange which immediately peeked my interest:
[15:16:53] <@darks> but I mean, I could have killed ur box
[15:17:04] <+IronBar> no, you couldn't have.
[15:17:08] <@darks> wanna bet ?
[15:17:27] <@darks> forkbomb it
I'll admit that I thought his statement was pretty funny. How did this guy expect to bring down a Linux machine by fork bombing it as a non-root user? Not being as intimately familiar with the various Linux distributions as I am with the three BSDs, I figured that I'd have a quick peek into his claim and see what happens.
I wrote up a very simple bourne shell script on my work machine, which runs Mandrake Linux, and executed it under my non-privileged account. Within seconds, the machine had crashed and was brought to its knees -- totally crippled and unusable. I stared at my screen in disbelief for a few moments, totally stunned with what had just happened.
