技术控

    今日:80| 主题:49471
收藏本版 (1)
最新软件应用技术尽在掌握

[其他] 48 characters enough to crash most Linux distros, says sysadmin

[复制链接]
雨与泪 发表于 2016-10-5 04:37:53
157 3

立即注册CoLaBug.com会员,免费获得投稿人的专业资料,享用更多功能,玩转个人品牌!

您需要 登录 才可以下载或查看,没有帐号?立即注册

x

48 characters enough to crash most Linux distros, says sysadmin-1 (developed,otherwise,critical,services,command)

  A sysadmin has developed 48 characters of code that he claims can crash most popular Linux distributions.
   Andrew Ayer, a Linux administrator and founder of SSLMate, explains his code works by crashing systemd , an open-source init system that is used to boot up most Linux distributions.

48 characters enough to crash most Linux distros, says sysadmin-2 (developed,otherwise,critical,services,command)

  Users can choose to run systemd as the first processes a Linux distribution executes upon boot-up, otherwise known as Process ID 1.
   Under those circumstances, Ayer warns a local user can abuse his code, NOTIFY_SOCKET=/run/systemd/notify systemd-notify "" , to cause a denial-of-service condition on a critical system component:
  "After running this command, PID 1 is hung in the pause system call. You can no longer start and stop daemons. inetd-style services no longer accept connections. You cannot cleanly reboot the system. The system feels generally unstable (e.g. ssh and su hang for 30 seconds since systemd is now integrated with the login system)."
  At 48 characters long, this code is short enough to fit into a single Tweet.
  How to crash systemd in one Tweet:
   NOTIFY_SOCKET=/run/systemd/notify systemd-notify "" https://t.co/9HNVhEoeYs
   — Andrew Ayer (@__agwa) September 28, 2016
  According to Ayer, the problem doesn't just stop at a single vulnerability. He feels systemd is overall "defective by design" and argues the system has adopted too many features, thereby making PID 1 too complex.
  Ayer concludes by urging Linux admins to not replace existing services with systemd and and application developers to not use systemd's non-standard interfaces.
  That explanation might work for Ayer. But it doesn't for others in the field.
   In particular, Pantheon CTO and co-founder David Timothy Strauss wrote his own blog post calling out most of Ayer's claims as "wrong or misleading."
  He especially takes issue with the notion that systemd "crashes":
  "There are some services that attempt to use systemd but will time out in 30 seconds (by default) if it is unavailable. These facilities are degrading gracefully, which is exactly what should happen."
   Not wanting to give up the last word, Ayer responded to Strauss by saying systemd is useful only for whole application sandboxing .
  Disagreement is the cornerstone of tech communities. In one sense, arguments can drive our understanding forward. But in another frame of mind, they can mire us in gritty technical details.
   As Linux users continue to debate the utility and complexity of systemd , a patch has been released for the vulnerability identified by Ayer. You can find it on Github .
  If you're a Linux admin, please go ahead and implement it as soon as possible.
友荐云推荐




上一篇:BroadcastReceiver 的工作过程分析
下一篇:Linux MySQL Slow Query Tracing with bcc/BPF
酷辣虫提示酷辣虫禁止发表任何与中华人民共和国法律有抵触的内容!所有内容由用户发布,并不代表酷辣虫的观点,酷辣虫无法对用户发布内容真实性提供任何的保证,请自行验证并承担风险与后果。如您有版权、违规等问题,请通过"联系我们"或"违规举报"告知我们处理。

ghklbhjl54635 发表于 2016-10-7 03:46:21
写得实在太好了,我唯一能做的就是默默顶贴!
回复 支持 反对

使用道具 举报

ptyks 发表于 2016-10-9 19:10:16
顶顶更健康
回复 支持 反对

使用道具 举报

bebci 发表于 2016-10-14 22:33:16
小弟bebci默默的路过贵宝地~~~
回复 支持 反对

使用道具 举报

*滑动验证:
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

我要投稿

推荐阅读

扫码访问 @iTTTTT瑞翔 的微博
回页顶回复上一篇下一篇回列表手机版
手机版/CoLaBug.com ( 粤ICP备05003221号 | 文网文[2010]257号 )|网站地图 酷辣虫

© 2001-2016 Comsenz Inc. Design: Dean. DiscuzFans.

返回顶部 返回列表