Fork Bomb and why it doesn't happen on BSDs
Aleksandar Milivojevic
amilivojevic at pbl.ca
Thu Mar 24 20:11:20 UTC 2005
William Hooper wrote:
> Ow Mun Heng said:
> [snip]
>
>>The author then compares the results with that of BSD eg: OpenBSD and
>>FreeBSD IIRC, and notes that on a system with Pentium 90 w/ 32MB Ram, on
>>using the forkbomb, doesn't bring the system down to it's knees.
>
>
> Following the discussion on the -devel list, the BSDs aren't immune.
>
> https://www.redhat.com/archives/fedora-devel-list/2005-March/msg01201.html
I gave a try to "while(1) fork();" on OpenBSD (SS5, 64MB RAM). You
can't go much simpler than that. Results:
Running as normal user, max number of processes is limited to 64 by
default, load average went to 50-something. Perfectly able to kill
offending process(es).
Running as root, max number of processes is limited to 340, load average
went to almost 300. Not able to do much, since root couldn't create any
new processes (in order to kill existing), but top worked, and already
running processes worked. Anyhow, if somebody does fork bomb as root,
he could just as well type "halt" or wipe out the disk or do some other
irreversable damage.
The maximum number of processes per user is hard coded in OpenBSD
kernel. It is 340 for root, and 64/128 for normal users in my generic
kernel (soft limit is 64, hard limit is 128). If you want more either
for root or normal users, you need to recompile the kernel. In *BSD
world, recompiling the kernel is something you do twice a day anyhow, so
this isn't much of a problem ;-)
For those interested, these are ulimits on stock OpenBSD (user and root,
soft and hard).
$ ulimit -Sa
core file size (blocks, -c) unlimited
data seg size (kbytes, -d) 76800
file size (blocks, -f) unlimited
max locked memory (kbytes, -l) 28430
max memory size (kbytes, -m) 84964
open files (-n) 64
pipe size (512 bytes, -p) 1
stack size (kbytes, -s) 4096
cpu time (seconds, -t) unlimited
max user processes (-u) 64
virtual memory (kbytes, -v) 80896
$ ulimit -Ha
core file size (blocks, -c) unlimited
data seg size (kbytes, -d) 131072
file size (blocks, -f) unlimited
max locked memory (kbytes, -l) 85292
max memory size (kbytes, -m) 85292
open files (-n) 1024
pipe size (512 bytes, -p) 1
stack size (kbytes, -s) 131072
cpu time (seconds, -t) unlimited
max user processes (-u) 128
virtual memory (kbytes, -v) 262144
# ulimit -Sa
core file size (blocks, -c) unlimited
data seg size (kbytes, -d) 131072
file size (blocks, -f) unlimited
max locked memory (kbytes, -l) 28430
max memory size (kbytes, -m) 84964
open files (-n) 128
pipe size (512 bytes, -p) 1
stack size (kbytes, -s) 8192
cpu time (seconds, -t) unlimited
max user processes (-u) 340
virtual memory (kbytes, -v) 139264
# ulimit -Ha
core file size (blocks, -c) unlimited
data seg size (kbytes, -d) 131072
file size (blocks, -f) unlimited
max locked memory (kbytes, -l) 85292
max memory size (kbytes, -m) 85292
open files (-n) 1024
pipe size (512 bytes, -p) 1
stack size (kbytes, -s) 131072
cpu time (seconds, -t) unlimited
max user processes (-u) 340
virtual memory (kbytes, -v) 262144
--
Aleksandar Milivojevic <amilivojevic at pbl.ca> Pollard Banknote Limited
Systems Administrator 1499 Buffalo Place
Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7
More information about the fedora-list
mailing list