ulimit don't help you too much, because ot "eated" processor time to hdd
access (after some time will use the caache, but...), fork process, exec
process, kill process, etc, so other users will see totaly overloaded server
if someone can kill process in the root of chain all will be OK
Deim ?goston wrote:
> R P Herrold wrote:
>
>> On Sat, 19 Mar 2005, str tux wrote:
>>
>>> I tried to run this:
>>>
>>> :(){ :&:;};:
>>>
>>> as a non-root user in my CentOS4
>>>
>>> and it bring down my box to its knees.
>>
>>
>>
>> It looks like a longstanding stupid local user geek trick -- where is
>> the news? A talented local user is a BOFH's worst nightmare and
>> favorite victim.
>
>
> And don't forget you can ulimit a user. And yes, a real local user is a
> real pain in the ass if you don't trust him/her. Not to mention the
> "users" whom runs the commands. Just look at how many times a webserver
> gain shell and runs scripts etc. after a bug just like the phpBB ones.
> SELinux helps either way.
> bye,
> Ago
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxxx
> http://lists.caosity.org/mailman/listinfo/centos
>
>
