Bugtraq mailing list archives
Re: fork()
From: scott () Disclosure COM (Scott Barman)
Date: Mon, 11 Dec 1995 11:58:16 -0500
On Sun, 10 Dec 1995, Alex Leipold wrote:
O'm new to the list, so Im not sure if this has been covered, but someone can crash any system with a few lines of code. (tested on UNIX, LINUX) main() { int x; while(x=0;x<1000000;x++) { system("uptime"); fork(); } } Gcc it, run it and whatever system your on will crash. Is their any way to stop users from doing this? I.e. restricting number of process that can run?
Somehow I knew that Linux and FreeBSD will bring back all these oldies, but goodies! :-) This is the ultimate Unix-based denial of service attack! It's been around since the dawn of Unix. On most systems, no you cannot control this. Limits can be placed on time of execution and size of processes (as well as disk quotas). Placing these limits on users can do things like terminate editing sessions in the middle. There should be a better way, but there isn't. The only thing that should help protect you is that only root can use the last possible process. While it is difficult, root can be used to kill all these process off (easiest to use the process group of the parent: kill -pid). However, if you run the above program as root, then you're up the creek because it will use all of the remaining processes and leave nothing for you to stop it with. Good luck. scott barman -- scott barman DISCLAIMER: I speak to anyone who will listen, scott () disclosure com and I speak only for myself. barman () ix netcom com "Micro$oft and Windoze/NT will be the cause of the de-evolution of network security just as the original PC and BASIC was the cause of the de-evolution of programming." - scott barman
Current thread:
- Cracked: WINDOWS.PWL Michael S. Fischer (Dec 05)
- Another tmpfs bug in SunOS 4 Arfst Ludwig (Dec 02)
- Re: Another tmpfs bug in SunOS 4 Pete Shipley (Dec 07)
- little whole on Suns concerning /dev/kbd Arfst Ludwig (Dec 02)
- Re: little whole on Suns concerning /dev/kbd Pete Shipley (Dec 07)
- Re: Cracked: WINDOWS.PWL [most services accessed by any version Rich Graves (Dec 05)
- fork() Alex Leipold (Dec 10)
- Re: fork() Scott Barman (Dec 11)
- Re: fork() Tom Jones (Dec 12)
- SECURITY: Announcing Splitvt 1.6.3 Sam Lantinga (Dec 13)
- Re: SECURITY: Announcing Splitvt 1.6.3 Alex Leipold (Dec 14)
- Re: fork() Scott Barman (Dec 11)
- Re: fork() JaDe (Dec 11)
- Re: fork() Nathan Lawson (Dec 11)
- Another tmpfs bug in SunOS 4 Arfst Ludwig (Dec 02)