Re: forkbombing Linux distributions

From: aq
Date: Wed Mar 23 2005 - 12:07:47 EST

Next message: Bodo Stroesser: "Re: [uml-devel] [patch 02/12] uml: cpu_relax fix"
Previous message: Mike Turcotte: "RE: memory size"
In reply to: Natanael Copa: "Re: forkbombing Linux distributions"
Next in thread: Paul Jackson: "Re: forkbombing Linux distributions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 23 Mar 2005 14:54:18 +0100, Natanael Copa <mlists@xxxxxxxxxx> wrote:
> On Wed, 2005-03-23 at 22:04 +0900, aq wrote:
> > On Wed, 23 Mar 2005 13:37:38 +0100, Natanael Copa <mlists@xxxxxxxxxx> wrote:
> > > > > This is an example of a program in C my friends gave me that forkbombs.
> > > > > My previous sysctl.conf hack can't stop this, but the /etc/limits solution
> > > > > enables the owner of the computer to do something about it as root.
> > > > >
> > > > > int main() { while(1) { fork(); } }
> > >
> > > I guess that "fork twice and exit" is worse than this?
> >
> > you meant code like this
> >
> > int main() { while(1) { fork(); fork(); exit(); } }
> >
> > is more harmful ? I dont see why (?)
>
> Because the parent disappears. When things like killall tries to kill
> the process its already gone but there are 2 new with new pids.
>

are you sure? the above forkbomb will stop quickly after just several
spawns because of exit().

I agree that make kernel more restrictive by default is a good approach.

thank you,
aq
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Bodo Stroesser: "Re: [uml-devel] [patch 02/12] uml: cpu_relax fix"
Previous message: Mike Turcotte: "RE: memory size"
In reply to: Natanael Copa: "Re: forkbombing Linux distributions"
Next in thread: Paul Jackson: "Re: forkbombing Linux distributions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]