Date: Sun, 26 Jul 1998 15:38:01 -0700 (PDT) From: Liam Slusser <liam@tiora.net> To: "Jan B. Koum " <jkb@best.com> Cc: Nicholas Charles Brawn <ncb05@uow.edu.au>, freebsd-security@FreeBSD.ORG Subject: Re: preventing fork bombs Message-ID: <Pine.BSF.3.96.980726153558.17025A-100000@orbital.tiora.net> In-Reply-To: <Pine.BSF.3.96.980726135906.5143C-100000@shell6.ba.best.com>
next in thread | previous in thread | raw e-mail | index | archive | help
i tried that on my system,
orbital#
3:11PM up 45 days, 1:12, 3 users, load averages: 511.89, 384.91, 198.55
orbital#
notice..511..not bad for a pentium 133 ;)
though if you run it at a nice +15, it just jumps the load avg...and other
users hardly notice..;) (that 511 was a nice +15)
liam
On Sun, 26 Jul 1998, Jan B. Koum wrote:
>
> n1ck .. man 5 lgoin.conf? Don't know if it will help though.
> Ohh.. and stop wasting so much space for yer C code:
> echo "main(){while(1){fork();}}">foo.c;gcc foo.c;rm foo.c;./a.out
> Much more compact, eh? :)
>
> Now. Here is something interesting. I tried this on my IPC with 16MB of
> RAM running OpenBSD. It didn't crash, but simply said:
>
> rome:usr {87} w
> No more processes.
> rome:usr {88} uptime
> No more processes.
>
> The interesting part is that the user running ./a.out would get "No more
> processes" - root AND other users (not the same user that run ./a.out
> though) was still able to do everything just fine (but freaking slow at
> first):
>
> rome:usr {85} id
> uid=0(root) gid=0(wheel) groups=0(wheel), 2(kmem), 3(sys), 4(tty),
> 5(operator), 20(staff), 31(guest)
> rome:etc {99} uptime
> 2:16PM up 12:50, 2 users, load averages: 78.44, 63.11, 34.65
> rome:load {5} id
> uid=1001(load) gid=1001(load) groups=1001(load)
> rome:load {6} uptime
> 2:33PM up 13:08, 3 users, load averages: 78.67, 65.73, 54.17
> rome:etc {120} ps ax | grep a.out | wc -l
> 79
>
> Load stays around 78 and root and others can do whatever they want.
>
> I could telnet to the system just fine also. I guess now I'll have to
> figure out what exactly makes this possible and could FreeBSD do the same.
> (didn't see anything in sysctl and there is no /etc/login.conf either).
>
> -- Yan
>
> Jan Koum jkb@best.com | "Turn up the lights; I don't want
> www.FreeBSD.org -- The Power to Serve | to go home in the dark."
> "Write longer sentences - they are paying us a lot of money"
>
> On Sun, 26 Jul 1998, Nicholas Charles Brawn wrote:
>
> >How can someone limit/prevent fork bomb attacks on your system. I
> >recently tried one on myself after modifying kern.maxprocperuid (thinking
> >that should prevent it), and got my machine up to a load of over 150
> >before I killed it.
> >
> >The simple code used was:
> >
> >#include <unistd.h>
> >
> >main(void) {
> > while(1) {
> > fork();
> > }
> >}
> >
> >The above effectively freezing my system. :\
> >
> >Anyone got any ideas?
> >
> >Nick
> >
> >--
> >Email: ncb05@uow.edu.au - http://rabble.uow.edu.au/~nick
> >Key fingerprint = DE 30 33 D3 16 91 C8 8D A7 F8 70 03 B7 77 1A 2A
> >"When in doubt, ask someone wiser than yourself..." -unknown
> >
> >
> >To Unsubscribe: send mail to majordomo@FreeBSD.org
> >with "unsubscribe security" in the body of the message
> >
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe security" in the body of the message
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980726153558.17025A-100000>