forkbombing Linux distributions

From: William Beebe
Date: Sun Mar 20 2005 - 22:08:32 EST

Next message: Dan Kegel: "Re: 2.6.11.3 build problem in arch/alpha/kernel/srcons.c with gcc-4.0"
Previous message: Andrew Morton: "Re: 2.6.11.3 build problem in arch/alpha/kernel/srcons.c withgcc-4.0"
Next in thread: Dave Jones: "Re: forkbombing Linux distributions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The following quote is from the article "Linux Kernel Security, Again"
(http://www.securityfocus.com/columnists/308):

"Don't get me wrong. Linux doesn't suck. But I do believe that the
Linux kernel team (and some of the Linux distributions that are still
vulnerable to fork bombing) need to take proactive security a little
more seriously. I'm griping for a reason here -- things need to be
change."

Sure enough, I created the following script and ran it as a non-root user:

#!/bin/bash
$0 & $0 &

and ran it on Fedora Core 3 with kernel 2.6.11.5 (the box is an Athlon
XP 2500+ Barton with 512M on an nForce2 board). The system locked up
tighter than a drum. However... After about two minutes the system
"unlocked" and responsiveness returned to normal. I can see where this
would be an issue on a production system, especially if you could kick
off a new fork bomb to continuously lock the system.

Is this really a kernel issue? Or is there a better way in userland to
stop this kind of crap?

Regards
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Dan Kegel: "Re: 2.6.11.3 build problem in arch/alpha/kernel/srcons.c with gcc-4.0"
Previous message: Andrew Morton: "Re: 2.6.11.3 build problem in arch/alpha/kernel/srcons.c withgcc-4.0"
Next in thread: Dave Jones: "Re: forkbombing Linux distributions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]