Re: Memory leak in Solaris 2.7 kernel?

[Crist Clark <crist.clark () GLOBALSTAR COM>]

Wakko Ellington Warner-Warner III wrote:
> # ls ../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*
>
> Wait a few minutes, let the disks churn (it never stops!)
>
> Break out of it...
>
> # vmstat
> cannot fork: no swap space
> # w
> cannot fork: no swap space
>
> Have fun hard-resetting your Sun box...

The Moral of the Story:

  "Don't do stoo-oopid things as root."

It's a simple resource starvation issue. The _shell_ process will keep
eating memory as it tries to do the glob on the command line. Since root
is not subject to resource limits, the shell will keep eating memory
until you are out of swap, and apparently, if you needed to cold restart
the box, your Solaris setup does not like to run out of swap.

root can also fork bomb the box with one command line. root can fill
up the hard drive with one command line. Don't do stupid things as
root.

As for any other user, if there are proper per-user resource limits
in place, the user's shell will be killed before it can cause too
much trouble. But don't do stupid things as root.

One may hypothesize that there may be better ways to do a globbing
algorithm so as not to cause this problem, but it is not a security
issue. Doing stupid things as root is not a security issue.
--
Crist J. Clark                                Network Security Engineer
crist.clark () globalstar com                    Globalstar, L.P.
(408) 933-4387                                FAX: (408) 933-4926

The information contained in this e-mail message is confidential,
intended only for the use of the individual or entity named above.  If
the reader of this e-mail is not the intended recipient, or the employee
or agent responsible to deliver it to the intended recipient, you are
hereby notified that any review, dissemination, distribution or copying
of this communication is strictly prohibited.  If you have received this
e-mail in error, please contact postmaster () globalstar com