libpam-modules: limits.conf should have default setting for nproc to prevent fork-bomb attack
Karl Hegbloom
hegbloom at pdx.edu
Fri Mar 18 19:40:55 UTC 2005
Package: libpam-modules
Version: 0.76-22
Severity: critical
Justification: breaks the whole system
http://www.securityfocus.com/columnists/308?ref=rssdebia
There should be a default setting for nproc: suggest 4095, which is
apparently the setting that was used in Debian 'Woody'.
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.9-lucgm.2
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Versions of packages libpam-modules depends on:
ii libc6 2.3.2.ds1-20ubuntu10 GNU C Library: Shared libraries an
ii libcap1 1:1.10-14 support for getting/setting POSIX.
ii libdb3 3.2.9-20 Berkeley v3 Database Libraries [ru
ii libpam0g 0.76-22 Pluggable Authentication Modules l
-- no debconf information
More information about the ubuntu-users
mailing list