Web lists-archives.com

Re: [DNG] Linux system can be brought down by sending SIGILL to Systemd




On Sat, May 25, 2019 at 10:25:26AM +0300, Reco wrote:

[...]

> Seems harmless to me as one needs to be root to send signals to PID 1.

This is *exactly* the point. If you are root, there are far more creative
(and fun) ways to bring down your system, regardless of how your init
process is called.

I'll pay a virtual beer [1] to the first one here which comes with a shell
one-liner overwriting the first gig of init's heap space with /dev/urandom
(say the modern and correct moral equivalent of

  dd if=/dev/urandom of=/proc/1/mem bs=4096 count=256k 

... shouldn't be hard).

Cheers

[1] exchangeable by some physical $beverage of choice should we meet
   in person.

-- t

Attachment: signature.asc
Description: Digital signature