From owner-freebsd-hackers  Tue Apr 29 05:22:45 1997
Return-Path: <owner-hackers>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id FAA13407
          for hackers-outgoing; Tue, 29 Apr 1997 05:22:45 -0700 (PDT)
Received: from korin.warman.org.pl (korin.warman.org.pl [148.81.160.10])
          by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id FAA13399
          for <freebsd-hackers@FreeBSD.ORG>; Tue, 29 Apr 1997 05:22:40 -0700 (PDT)
Received: from localhost (abial@localhost) by korin.warman.org.pl (8.8.5/8.7.3) with SMTP id OAA20900 for <freebsd-hackers@FreeBSD.ORG>; Tue, 29 Apr 1997 14:21:58 +0200 (MET DST)
Date: Tue, 29 Apr 1997 14:21:58 +0200 (MET DST)
From: Andrzej Bialecki <abial@korin.warman.org.pl>
To: freebsd-hackers@FreeBSD.ORG
Subject: Who enforces the `limits` ? (Or: The Forkin' Monster)
Message-ID: <Pine.NEB.3.95.970429140901.20882A-100000@korin.warman.org.pl>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-hackers@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk


Hi All!

It was Friday afternoon, and I was rather bored. So I wrote the following
program:

#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>

int main()
{
	while(1) {
		fork();
	}
	exit(0);
}

I compiled it and run as a normal user. It effectively locked up my
machine. For all practical purposes <g> it constitutes very effective DoS
attack.

So here are my questions:

* How to defend against such a hostile process?
* How to enforce the `limits`, as shown by e.g. csh, in order to protect
system from running out of resources (e.g. kernel proc table entries)?

(BTW. I previously set limits on maxprocesses to 50. I'm running kernel
with "maxusers 10"). 

To put it mildly, I feel rather uncomfortable, knowing that any user can
do such harm to my system. 

Sincerely yours,

---
Andrzej Bialecki                  FreeBSD: Turning PCs Into Workstations
<abial@warman.org.pl>             http://www.freebsd.org
Research and Academic Network in Poland