I think that it has nothing to do with su, rather malloc() limitations. That is to say that if you tried it with anything else, it probably would have the same effect. On my SuSE 7.2 install, it halts for a second and then exits out of the current shell. Robert ----- Original Message ----- From: "H VC" <overclocking_a_la_abuelaat_private> To: <vuln-devat_private> Sent: Thursday, December 13, 2001 4:54 AM Subject: possible su local D.o.S > Hi, > > Dave Ahmad ( daat_private ) tell me to post this. > > On a default installation of RedHat 7.2 sh-utils-2.0.11-5 is installed. On a > RH 7.1 sh-utils version is 2.0.13 ... ¿ Why this ? > > On my RH 7.2 I tried this : > > [hvc@condor hvc] $ su `perl -e 'print "A" x 100000000'` > > and my box got practically frozen. > I'm on a K6-II 500 , 128 MB and 550 of swap. > > I have noticed that it only seems to work whe I parse a user string > to su near the limit ( free mem. + swap ). Over this range is detected > as a too many large string but also just over the available memory... > > Why su allows so large user names ? > How long could be a unix/linux user name ? > Why do not su limit the size of username to the unix/linux max. size of a > user name ? > > Thanks. > > HVC > > Hugo Vázquez Caramés > IT Security Services Winmat > Barcelona > Spain > > overclocking_a_la_abuelaat_private > > > > > > _________________________________________________________________ > Descargue GRATUITAMENTE MSN Explorer en http://explorer.yupimsn.com/intl.asp > ---------------------------------------------------- Sign Up for NetZero Platinum Today Only $9.95 per month! http://my.netzero.net/s/signup?r=platinum&refcd=PT97
This archive was generated by hypermail 2b30 : Thu Dec 13 2001 - 11:27:25 PST