Fork bombing a Linux machine as a non-root user

Aleksandar Milivojevic amilivojevic at pbl.ca
Mon Mar 21 17:08:11 UTC 2005 

Scot L. Harris wrote:
> On Mon, 2005-03-21 at 11:23, Aleksandar Milivojevic wrote:

>> Linux does not protect user space processes from each other.  

> That statement is incorrect.  Linux and Unix in general have done a
> better job of this than Windows ever did.  I think what you mean is that
> without setting appropriate ulimits there is nothing to keep a user
> process from using all available resources on a system.

No, I ment that Linux is not protecting processes from each other.  Yes, 
it does allocate seprate memory address space to each process, and one 
process can't corrupt the address space of other process, and trash or 
crash it.  But this isn't really Linux doing it.  It is in hardware. 
Your MMU is really doing the job here.  All the Linux is doing is using 
what exists in the hardware: your MMU.

This kind of protection is really trivial to implement.  It requires 
hardware that is capable of performing it.  And once you have the 
hardware, there's really a little job for OS, other than actually using 
the existing hardware.

The more complex protection to implement is to protect processes from 
starving each other to death and stealing all system resources from each 
other.  The operating system that I would describe as "rock solid" would 
have this kind of protections in place.  Than you don't really need to 
set most of those ulimits.  The system will be usuable even when put to 
extremely high stress, regardless if the stress comes from legitimate 
usage or abuse.  Note the "legitimate usage" pharase here.  Even the 
legitimate usage can make the Linux box go down, if it causes too much 
stress on the available physical resources.

Also, note that you can't limit access to all vital system rousources 
using ulimit.  Check ulmit man page.  No matter how you set limits, it 
is possible for abusive user to bring system down.  Unless if you set 
limits so low, that system is actually unusable for anything else than 
demonstration of ulimit usage.

I like the Linux.  And I like it a lot.  But it is not "rock solid" 
operating system.  Linux is designed to give high numbers in benchmark 
tests in laboratory controlled environment.  Linux is doing great in 
this area.  Linux is not designed to be rock stable in real world 
applications.  It is doing great in real world, because it is designed 
to be fast, and adding resources is relatively cheap these days.  But 
than, you end up with system that has 10 gigs of RAM only because once a 
month there's that half an hour period when all that RAM might be used, 
while rest of the time system would do just fine with 100 or 200 megs of 
RAM.  Now, this is something I don't like to see.  If the process is 
going to run for 2 hours, slowing it down to run for 2 hours and 3 
minutes is more than acceptable, if it makes entire system performing 
stable under high loads.

Yeah, and I'd rather see Linux scoring #2 in benchmarks and being rock 
solid, than seeing Linux scoring #1 in benchmarks and being vulnerable 
to some basic resource attacks.

-- 
Aleksandar Milivojevic <amilivojevic at pbl.ca>    Pollard Banknote Limited
Systems Administrator                           1499 Buffalo Place
Tel: (204) 474-2323 ext 276                     Winnipeg, MB  R3T 1L7

More information about the fedora-list mailing list