fork bomb attack

Kyrre Ness Sjobak kyrre at solution-forge.net
Sat Mar 19 16:10:22 UTC 2005


lør, 19.03.2005 kl. 15.48 skrev Konstantin Ryabitsev:
> On Sat, 19 Mar 2005 15:20:50 +0100, Kyrre Ness Sjobak
> <kyrre at solution-forge.net> wrote:
> > But bugs in (preinstalled) system software has also been known to cause
> > a resource exhaustion. I had cups do this to me once (try sending a 400
> > mb postscript to gimpprint on a 128 MB RAM computer), or print to a
> > remote machine called "localhost" - thats effectively a forkbomb...
> 
> No, that's a computer with not enough memory. :) We have an OOM-killer
> for such cases. A "denial of service" that results when someone tries
> to run a large application with insufficient system resources is not a
> security concern -- it's a feature. It's the same as trying to buy a
> BMW when you only have enough money for a used Ford -- you'll get a
> denial of service from the dealership, too. ;)
> 

OOMkiller? I have lost all faith in that #"!%¤#%¤#... Situation:
You have:
1. ghostscript, eating about all RAM and all SWAP (a 128 MB computer is
configured with a helluva lot of swap, and it probably has a slow disk
to, so getting *there* took a while...)
2. gnome-panel
3. gaim
4. a buch of other small tray applets etc.
Which three++ did you think OOM killed?

> Besides, you can't ulimit a process running as root anyway. Can you?
Never tried.




More information about the fedora-devel-list mailing list