I have a Linux server with evil users looking to destroy it (ISP).
Even effortlessly, I find that I can consume all of the VM on the system.
The limits are set to something rather reasonable (10M of addressable
memory per process, 12 processes max per user). Stricter restrictions
make trivial tasks impossible (man, for one). Under this scheme, a single
user can still consume 120 megs of virtual memory.
This isn't what I had in mind. It'd be much easier to say "User A can only
use X megs of memory at most!" rather than say how much memory each
process can use and how many processes the user can spawn.
Perusing the kernel source shows that such a framework is in place, but no
real meat is attached to it, so it rules that option out (unless I'm
misreading).
What can I do in the meantime? There's only so much swap space that I can
add, and I'm still vulnerable if enough users decide that they want to run
resource intensive tasks.
It seems like the system can't say that enough is enough for a greedy user
and start making mmap() fail for them, choosing to instead axe some
processes (such as init(!)) to satisfy memory demand.
Am I missing something bluntly obvious?
Thanks
-Michael Bacarella
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/