Re: luser beeing able to kill random root owned procs (linux 2.2.20) ?

[Samu <samu () linuxasylum net>]

On Fri, Nov 09, 2001 at 04:55:52PM -0800, rpc wrote:
> On Wed, 1 Jan 1997, Ralf Dreibrodt wrote:
> > Hi,
> > > while running "vi `perl -e 'print "." x 90000000'`" on
> > > a 2.2.20 linux kernel as a normal user, I've noticed:
> > > forsaken:~$ dmesg
> > > VM: killing process snmpd
> > > forsaken:~$ uname -rs
> > > Linux 2.2.20
> > > snmpd was running as root (this machine has 64MBytes of RAM)
> > the user is not allowed to kill a process owned by root, the user is allowed
> > to use all RAM (and probably swap).
> >
> > you can test whether he is allowed to and what will happen, when you execute
> > something like this:
> >
> > while true; do temp=$(echo temp$temp$temp$temp); done
>
> No, this is an artifact of Rik van Riel's OOM (out of memory) Kill code of
> the linux VM. When system resources are low, a process is chosen with a
> 'badness' algorithm (oom_kill.c in the kernel source tree).

it always a good idea to set system limit per users (ulimit) which lets
you to avoid DOS from local user: for example there was this beautifoul piece
of code on to an attachment of a guy ... :(){:|:&};: which cause to gain all system resources and freeze your machine 
... .  with ulimit you can avoid problems depended from ppl trying to catch all system resources and so avoid that 
problem you specify.

Samuele 

-- 
Samuele Tonon  <samu () linuxasylum net>   http://www.linuxasylum.net/~samu/
                Acid -- better living through chemistry.
                               Timothy Leary