[Q]Patch against memory exploit?

Johnny Tevessen (j.tevessen@tribal.line.org)
26 May 1998 20:24:00 +0200


This is a 2.0.x kernel.

Being curious, I just wrote and ran a little program that eats up
all memory it can get (as much 1meg blocks as possible, then
as much .5meg blocks as possible and so on) and then goes in a
sleep(). I found out that being in that state not even root is
able to work on in his shell to ps the program's ID and to kill
it---only the user that ran it can stop it via C-c. Logging in
in another console/getty is not possible, too (INIT: spawning
too fast [sigsegv?]).

So I have two questions to the community:

1) Is 2.1.x resistent against such an attack and/or is there
a patch for 2.0.x to reserve some MB for the root user?

2) How can root kick such a process, or is there maybe a
kernel patch that makes the kernel detect and kick such
a process automagically? Is there a chance to escape
from this state except resetting the machine? shutdown'ing
could be dangerous in low memory situations, too.

Or am I missing something here? It should be no problem to
invoke this code on many machines, even without compiler
access, so I assume this might be a problem?


Trust nobody.
## CrossPoint v3.11 ##

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu