Originally Published: Saturday, 21 August 1999 Author: Quentin Cregan
Published to: news_enhance_security/Security News Page: 1/1 - [Printable]

Solar Designer highlights problems with CLONE_PID

Due to the current kernels' implementation of CLONE_PID, code may be used to waste CPU cycles on a designated machine...

   Page 1 of 1  

In a post to the Linux Security Audit mailing list, Solar Designer highlighted a flaw in the kernel's current implementation of CLONE_PID. By abusing this flaw, CPU cycles may be wasted by unkillable zombie processes, startable by non-priviledged users.

This forces either you to hack the running kernel, or to reboot to free the cycles.

In a reply post by Alan Cox, it was noted that the problem was an oversight, and would be fixed in 2.2.13, and 2.3.x.

Sysadmins should upgrade when the patches become available.

The LSAP project site may be found at http://lsap.org.

The email archives may be found at http://www2.merton.ox.ac.uk/~security/

   Page 1 of 1