Re: fork()

[scott () Disclosure COM (Scott Barman)]

On Sun, 10 Dec 1995, Alex Leipold wrote:

> O'm new to the list, so Im not sure if this has been covered, but someone
> can crash any system with a few lines of code. (tested on UNIX, LINUX)
>
> main() {
> int x;
> while(x=0;x<1000000;x++)
> {
> system("uptime");
> fork();
> }
> }
>
> Gcc it, run it and whatever system your on will crash. Is their any way
> to stop users from doing this? I.e. restricting number of process that
> can run?

Somehow I knew that Linux and FreeBSD will bring back all these oldies,
but goodies!  :-)

This is the ultimate Unix-based denial of service attack!  It's been
around since the dawn of Unix.

On most systems, no you cannot control this.  Limits can be placed on
time of execution and size of processes (as well as disk quotas).
Placing these limits on users can do things like terminate editing
sessions in the middle.  There should be a better way, but there isn't.

The only thing that should help protect you is that only root can use
the last possible process.  While it is difficult, root can be used to
kill all these process off (easiest to use the process group of the
parent: kill -pid).  However, if you run the above program as root,
then you're up the creek because it will use all of the remaining
processes and leave nothing for you to stop it with.

Good luck.

scott barman
--
scott barman                  DISCLAIMER: I speak to anyone who will listen,
scott () disclosure com                      and I speak only for myself.
barman () ix netcom com
  "Micro$oft and Windoze/NT will be the cause of the de-evolution of
   network security just as the original PC and BASIC was the cause of
   the de-evolution of programming."    - scott barman