Date: Fri, 6 Apr 2007 18:23:21 +0400 From: Eygene Ryabinkin <rea-fbsd@codelabs.ru> To: G Hasse <gh@raditex.se> Cc: freebsd-security@freebsd.org Subject: Re: The best way to protect against starvation? Message-ID: <20070406142321.GC11667@twilight.grid.kiae.ru> In-Reply-To: <20070406145008.GA88336@mail.raditex.se> References: <20070406145008.GA88336@mail.raditex.se>
next in thread | previous in thread | raw e-mail | index | archive | help
G?ran, good day.
Fri, Apr 06, 2007 at 04:50:08PM +0200, G Hasse wrote:
> If an ordinary user runs:
>
> -- snip --
> cat > starv.c <<EOF
> main(){ char *point; while(1) { point = ( char * ) malloc(10000); }}
> EOF
> cc starv.c
> while true
> do
> ./a.out &
> done
> -- snip --
>
> This will fast starv the operating system (FreeBSD 6.2).
Yep, the combined malloc/fork bomb.
> I have tried to
> limit the number of processes and the amount of memmory consumed (in
> login.conf).
And had any success? I am happening to run some servers for the
schoolboys -- they like to do the bombing and I had partial success
with the 'maxproc', 'memoryuse' and '{data,stack}size'. But even
with the tight limits that are just making the people to get the
'man <anything>' work three of four students can starvate the server
resources (though the server is rather old and has some 64 Mb of
memory). Having the per-group cumulative restrictions in the
login.conf would mitigate the issue, but still, the united efforts
of many people from the different groups can provoke the starvation.
> There is also a file /etc/malloc.conf - but I don't understand if this
> could help? Any advice?
'man malloc.conf', but in short, this will not help you much with
this issue.
--
Eygene
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070406142321.GC11667>