Date: Sun, 24 Jun 2001 02:01:34 -0700 From: "Ted Mittelstaedt" <tedm@toybox.placo.com> To: <js43064n@pace.edu>, <freebsd-questions@FreeBSD.ORG>, <freebsd-stable@FreeBSD.ORG>, <freebsd-security@FreeBSD.ORG> Subject: RE: Kernel Panic Message-ID: <004101c0fc8c$44e12280$1401a8c0@tedm.placo.com> In-Reply-To: <200106221156.AA442106040@stmail.pace.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
That would be impossible unless you had "." in your path. If you did (which is a very BAD thing) then yes your script probably loaded itself (assuming you named it "pine). This is why the system defaults to NOT having "." in the path. However, if the script DID load itself, a recursive script under an ordinary user ID isn't allowed to crash the system. I'd be very interested in seeing someone who thinks differently post a script that could do this. The ordinary users have limits restrictions that styme forkbombs and such like that. Of course, if a setuid-to-root binary has a programming bug that allows an ordinary user to call it recursively, then all bets are off. But pine is not normally setuid to root. But, since you are apparently so determined to NOT believe that your system has a hardware problem, in the interests of putting this issue to final rest, here is what I did on my own system (FreeBSD 4.2) 1) Logged in as an ordinary user 2) Issued the commands PATH=.:$PATH export PATH 3) Created the script: #!/bin/sh ./pine -i rm -rf $HOME/dead.letter (note that not only did I put current directory in my path - I forced the script to reload itself just to be as convincing as possible) 4) Then issued the command: pine 5) After about 16 seconds, I got this error message: ./pine: Cannot fork: Resource temporarily unavailable and the script exited and came back to the $ prompt. And, just for the sake of argument, I ALSO did the exact same thing as the root user, and got the exact same response. Please, you need to give the FreeBSD developers credit for SOME sense at least. Your not the only one that has ever built a recursive script by accident, you know. FreeBSD is not so fragile that this kind of thing is going to kill it. Like I said, you need to focus your attention on your disk subsystem. The script you built, called recursively, creates an intense burst of disk activity until the system runs out of resources. It's that burst of activity that's taking your system down, not the fact that the recursive script is consuming all free resources. Undoubtedly, if you were to run other equally disk-intensive programs on your machine they would cause it to crash as well. If you don't want to believe you have a hardware problem then fine, but please don't throw unwarranted stones at the OS in place of that. Ted Mittelstaedt tedm@toybox.placo.com Author of: The FreeBSD Corporate Networker's Guide Book website: http://www.freebsd-corp-net-guide.com >-----Original Message----- >From: owner-freebsd-questions@FreeBSD.ORG >[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Jonathan Slivko >Sent: Friday, June 22, 2001 8:56 AM >To: js43064n@pace.edu; freebsd-questions@FreeBSD.ORG; >freebsd-stable@FreeBSD.ORG; freebsd-security@FreeBSD.ORG; Ted >Mittelstaedt >Subject: RE: Kernel Panic > > >I think I see what caused the kernel to crash. What happened was >this, I believe, is that since I didn't specify the regular pine >binary, the script just loaded itself, thus throwing it into a >loop. It's really a sad situation. -- Jonathan > >______________________________________________ >Jonathan M. Slivko <js43064n@pace.edu> >Technical Support, Black Lotus Communications >http://www.blacklotus.net -- check us out! >---------------------------------------------- > > > >---------- Original Message ---------------------------------- >From: "Ted Mittelstaedt" <tedm@toybox.placo.com> >Date: Thu, 21 Jun 2001 23:34:02 -0700 > >>That absolutely will not crash a FreeBSD system that's not >>got other problems. >> >>However, what I think is going on here is that the system that >>you ran this on has buggy disk hardware. It's probably some >>IDE disk, right? >> >>I've got a system here that I've tried 5 different IDE paddle >>cards in, and on every one I've tried installing FreeBSD and >>doing different operations and within about 20 minutes I >>had crashed it and screweged the filesystem. >> >>I finally got so annoyed I dug up an old AHA1520 SCSI card >>and slapped a 1GB SCSI disk on it (the system isn't intended >>to be doing anything fancy) and it's been solid as a rock >>ever since. The best conclusion I have is that the ISA bus >>in the system has some clock speed error that doesen't affect >>the SCSI disk system. >> >>Ted Mittelstaedt tedm@toybox.placo.com >>Author of: The FreeBSD Corporate Networker's Guide >>Book website: http://www.freebsd-corp-net-guide.com >> >> >>>-----Original Message----- >>>From: owner-freebsd-questions@FreeBSD.ORG >>>[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of >Jonathan Slivko >>>Sent: Thursday, June 21, 2001 4:59 PM >>>To: freebsd-questions@FreeBSD.ORG; freebsd-stable@FreeBSD.ORG; >>>freebsd-security@FreeBSD.ORG >>>Subject: Kernel Panic >>> >>> >>>Hello, >>> >>>I just wrote a little shell script that, on the machine I tested >>>it on, crashed the box and forced a reboot. The contents of the >>>script was: >>> >>>#!/bin/sh >>>pine -i >>>rm -rf $HOME/dead.letter >>> >>>Thats the whole script. I don't see how something like that >could >>>cause a kernel to crash. Would anyone mind trying to replicate >>>this on a test box. If it's a security issue, i'll forward it to >>>security when I get more information. >>> >>>-- Jonathan >>> >>>______________________________________________ >>>Jonathan M. Slivko <js43064n@pace.edu> >>>Technical Support, Black Lotus Communications >>>http://www.blacklotus.net -- check us out! >>>---------------------------------------------- >>> >>>_________________________________________________________________ >__ >>>___ >>>Sent via the Pace University Mail system at stmail.pace.edu >>> >>> >>> >>> >>> >>>To Unsubscribe: send mail to majordomo@FreeBSD.org >>>with "unsubscribe freebsd-questions" in the body of the message >>> >> >>To Unsubscribe: send mail to majordomo@FreeBSD.org >>with "unsubscribe freebsd-stable" in the body of the message >> > > >___________________________________________________________________ >___ >Sent via the Pace University Mail system at stmail.pace.edu > > > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?004101c0fc8c$44e12280$1401a8c0>