[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] bash vulnerability?

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] bash vulnerability?
From: "Graham Reed" <greed@xxxxxxxxx>
Date: Tue, 16 Aug 2005 13:23:18 -0400

Rik Bobbaers writes:

so ctrl-c is just a SIGINT... you can make the program ignore that signal, i don't want to start doing that in asm (because its just a poc) but just change the pointer to the signal handler to rewrite the pointer to a return statement or something...

Set SIGINT's sa_handler to SIG_IGN. No need to make an actual handler.

But, Linux seems to be particularly susceptible to fork-bombs. Other systems (AIX, Solaris, BSD) I have accidentally (and later deliberately) fork-bombed have been easier to recover from console ^C. Linux tends to lose keyboard processing completely, so you can't get a ^C in edgewise. (At least, based on various Red Hats.)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] bash vulnerability?
  - From: nocfed

References:
- RE: [Full-disclosure] bash vulnerability?
  - From: Jay
- Re: [Full-disclosure] bash vulnerability?
  - From: Jay
- Re: [Full-disclosure] bash vulnerability?
  - From: Boris Jordanov / ÐÐÑÐÑ ÐÐÑÐÐÐÐÐ
- Re: [Full-disclosure] bash vulnerability?
  - From: Rik Bobbaers

Prev by Date: [Full-disclosure] [SECURITY] [DSA 776-1] New clamav packages fix several problems
Next by Date: [Full-disclosure] Disney Down?
Previous by thread: Re: [Full-disclosure] bash vulnerability?
Next by thread: Re: [Full-disclosure] bash vulnerability?
Index(es):
- Date
- Thread