Re: fork()

[Natanael Copa]

On Fri, 2005-03-25 at 04:17 +1000, Triffid Hunter wrote:
> you can limit the max number of processes by putting the following into /etc/security/limits.conf (on my distro, and quite a number of others according to google too)
> 
> *	hard	nproc	<max # processes>
> 
> you can also limit quite a number of other things in this file, and other files in that directory.

I bet your PAM nonaware daemons started at boot are not affected by
those settings. The point is that if you gain access through a non-root
daemon started from boot scripts, you are no longer limited
by /etc/security/limits.conf.

Try to set hard nproc limits for user UID and run this from your boot
script:

#define UID 65534
#define MAX 65535

int pids[MAX];
int main() {
        int count = 0; pid_t pid;
        if (setuid(UID) < 0) { perror("setuid"); exit(1); }
        while ((pid = fork()) >= 0 && count < MAX) {
                if (pid == 0) { sleep(300); exit(); }
                pids[count++] = pid;
        }
        printf("Forked %i new processes\n", count);
        while (count--) kill(pids[count], SIGTERM);
}

You will see that even if user UID is limited
in /etc/security/limits.conf it will be able to fork many more
processes.

> > It should exist a global limit in case someone could spawn 
> > a shell without limits through some flawed application.

I agree on this one. Or the RLIMIT_NPROC should be set to a lower value
by default.

--
Natanael Copa


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/