[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [suse-security] ulimit -v workaround for the do_brk() bug does not work

Erik Hensema <erik@xxxxxxxxxxx> wrote:
> Hi,
> Maybe this has been discussed earlier today on this list, 
> but I've just joined it.
> I was told that doing a 'limit -v 2097151' would work around 
> the do_brk() bug. Unfortunately it does not :-(
> The sample exploit posted on bugtraq manages to reboot 
> my SuSE 8.2 machine (standard kernel) despite the ulimit.
> Erik Hensema (erik@xxxxxxxxxxx)

Hi Erik,

Roman in hiw original post suggested two other things
needed to be done to install this work around:

Add the line 

    ulimit -v 2097151    

as the second lines of /etc/init.d/rc and /etc/profile, 

and then execute the command itself in your shell 

and then restart all daemons that allow logins 
(xdm, sshd, inetd/xinetd, ...). 

Alternatively, simply reboot after adding the lines to above files:
Roman said this workaround is Courtesy of Solar Designer.  

(Note: The reboot is in lieu of restarting 
all daemons and not the editing of /etc/init.d/rc and /etc/profile.)
Further Note:  the above limit -v # was changed to reflect
Roaman's second post.)

It would be best to Read, the entire thread 
"RE: [suse-security] Bugs on Kernel 2.4" at:

Redhat has already put up their patch rpm,

I suspect SuSe's will be up soon, making this work around moot.

Hope this helps,
     In the Beginning was the Command Line 
                       ---Neal Stephenson 



McAfee VirusScan Online from the Netscape Network.
Comprehensive protection for your entire computer. Get your free trial today!

Get AOL Instant Messenger 5.1 free of charge.  Download Now!

Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here