Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 6 Apr 2007 18:23:21 +0400
From:      Eygene Ryabinkin <rea-fbsd@codelabs.ru>
To:        G Hasse <gh@raditex.se>
Cc:        freebsd-security@freebsd.org
Subject:   Re: The best way to protect against starvation?
Message-ID:  <20070406142321.GC11667@twilight.grid.kiae.ru>
In-Reply-To: <20070406145008.GA88336@mail.raditex.se>
References:  <20070406145008.GA88336@mail.raditex.se>

next in thread | previous in thread | raw e-mail | index | archive | help
G?ran, good day.

Fri, Apr 06, 2007 at 04:50:08PM +0200, G Hasse wrote:
> If an ordinary user runs:
> 
> -- snip --
> cat > starv.c <<EOF
> main(){  char *point; while(1) { point = ( char * ) malloc(10000); }}
> EOF
> cc starv.c
> while true
> do
> ./a.out &
> done
> -- snip --
> 
> This will fast starv the operating system (FreeBSD 6.2).

Yep, the combined malloc/fork bomb.

> I have tried to 
> limit the number of processes and the amount of memmory consumed (in 
> login.conf).

And had any success? I am happening to run some servers for the
schoolboys -- they like to do the bombing and I had partial success
with the 'maxproc', 'memoryuse' and '{data,stack}size'. But even
with the tight limits that are just making the people to get the
'man <anything>' work three of four students can starvate the server
resources (though the server is rather old and has some 64 Mb of
memory). Having the per-group cumulative restrictions in the
login.conf would mitigate the issue, but still, the united efforts
of many people from the different groups can provoke the starvation.

> There is also a file /etc/malloc.conf - but I don't understand if this
> could help? Any advice?

'man malloc.conf', but in short, this will not help you much with
this issue.
-- 
Eygene



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070406142321.GC11667>