Date: Sun, 26 Jul 1998 14:37:59 -0700 (PDT) From: "Jan B. Koum " <jkb@best.com> To: Nicholas Charles Brawn <ncb05@uow.edu.au> Cc: freebsd-security@FreeBSD.ORG Subject: Re: preventing fork bombs Message-ID: <Pine.BSF.3.96.980726135906.5143C-100000@shell6.ba.best.com> In-Reply-To: <Pine.SOL.3.96.980726201812.20876A-100000@banshee.cs.uow.edu.au>
next in thread | previous in thread | raw e-mail | index | archive | help
n1ck .. man 5 lgoin.conf? Don't know if it will help though.
Ohh.. and stop wasting so much space for yer C code:
echo "main(){while(1){fork();}}">foo.c;gcc foo.c;rm foo.c;./a.out
Much more compact, eh? :)
Now. Here is something interesting. I tried this on my IPC with 16MB of
RAM running OpenBSD. It didn't crash, but simply said:
rome:usr {87} w
No more processes.
rome:usr {88} uptime
No more processes.
The interesting part is that the user running ./a.out would get "No more
processes" - root AND other users (not the same user that run ./a.out
though) was still able to do everything just fine (but freaking slow at
first):
rome:usr {85} id
uid=0(root) gid=0(wheel) groups=0(wheel), 2(kmem), 3(sys), 4(tty),
5(operator), 20(staff), 31(guest)
rome:etc {99} uptime
2:16PM up 12:50, 2 users, load averages: 78.44, 63.11, 34.65
rome:load {5} id
uid=1001(load) gid=1001(load) groups=1001(load)
rome:load {6} uptime
2:33PM up 13:08, 3 users, load averages: 78.67, 65.73, 54.17
rome:etc {120} ps ax | grep a.out | wc -l
79
Load stays around 78 and root and others can do whatever they want.
I could telnet to the system just fine also. I guess now I'll have to
figure out what exactly makes this possible and could FreeBSD do the same.
(didn't see anything in sysctl and there is no /etc/login.conf either).
-- Yan
Jan Koum jkb@best.com | "Turn up the lights; I don't want
www.FreeBSD.org -- The Power to Serve | to go home in the dark."
"Write longer sentences - they are paying us a lot of money"
On Sun, 26 Jul 1998, Nicholas Charles Brawn wrote:
>How can someone limit/prevent fork bomb attacks on your system. I
>recently tried one on myself after modifying kern.maxprocperuid (thinking
>that should prevent it), and got my machine up to a load of over 150
>before I killed it.
>
>The simple code used was:
>
>#include <unistd.h>
>
>main(void) {
> while(1) {
> fork();
> }
>}
>
>The above effectively freezing my system. :\
>
>Anyone got any ideas?
>
>Nick
>
>--
>Email: ncb05@uow.edu.au - http://rabble.uow.edu.au/~nick
>Key fingerprint = DE 30 33 D3 16 91 C8 8D A7 F8 70 03 B7 77 1A 2A
>"When in doubt, ask someone wiser than yourself..." -unknown
>
>
>To Unsubscribe: send mail to majordomo@FreeBSD.org
>with "unsubscribe security" in the body of the message
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980726135906.5143C-100000>