On Mon, Mar 19, 2001 at 10:24:43AM -0700, Elias Levy wrote:
> From: Liviu Sas <[EMAIL PROTECTED]>
>
> Looks like bash 2.04.0(1)-release an linux, and older are also vulnerable
> to this bug ...
> a `ls */../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*` comand
> makes bash eat all memory and cpu available making the machine crash.
The machine will only crash if you've instructed it to allow bash to
allocate memory indefinitely. Unless you trust your users not to be
malicious or incompetent you should have kernel-enforced limits in place
to prevent this.
Set limits on userspace processes, in e.g. Red Hat /etc/security/limits.conf
and ensure that your limits reflect the capabilities of the hardware.
Getting this perfect is very hard, but getting it good enough to deter
casual vandals or thoughtless users is quite easy.
It is arguable that the FTP daemon is responsible for doing argument
checking to prevent DOS attacks, but bash can hardly be held to the same
standard.
Nick.
PGP signature
