攻撃防御モードのCTFで役立つ「kill -9」でも殺せないプロセスを作成しようとしています。これを試しましたhttps://unix.stackexchange.com/questions/134888/simulate -an-unkillable-process-in-d-state ですが、2.6.25 以降のカーネルでは修正されているようですhttp://www.ibm.com/developerworks/library/l-task-killable/ので、何か方法があるのだろうかLinux で root 権限のない unkillable プロセスを作成するには? ありがとうございました。(スタックオーバーフローで質問するのは初めて…ちょっと緊張してる…)
2 に答える
決して可能ではないはずですが、そのような可能性は単なるバグではなく、重大な脆弱性でもあります。
Theoretically root can kill any process. All other processes can only be killed by their owner. If you don't want a process to be killable, create a user that has and impossible password (one nobody needs to remember) and then get root to start the process with something like this: (root won't be asked to provide a password but 'su' will change to that user)
su newacct ksh -c "/home/newacct/bin/theProcessToStart.ksh and its parameters"
su - newacct ksh -c "/home/newacct/bin/theProcessToStart.ksh and its parameters"
The dash says that you should execute the .profile of that user. It depends if you want to or not. (You don't have to execute a script, but I assumed you were likely to in this example.)
This way, nobody but root can kill this process because nobody can become that user.
You might want to google how to make an undecryptable password in /etc/shadow. It's easy.