[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [MiNT] Security

To: kellis <kellis@leading.net>
Subject: Re: [MiNT] Security
From: Dancer <dancer@zeor.simegen.com>
Date: Thu, 15 Jul 1999 08:03:33 +1000
Cc: MiNT mailing list <mint@fishpool.com>
References: <Pine.MNT.4.10.9907132027020.123-100000@tampa1-011.southeast.net>
Sender: owner-mint@fishpool.com

kellis wrote:
> 
> Typed from "Practical Unix Security" Simson Garfinkel and
> Gene Spafford.
> 
> The following program will paralyze or crash many older version of UNIX.
> 
> #include<stdio.h>
> main()
> {
>         while(1)
>         fork();
> 
> }

This isn't technically a security issue. It's an issue of resource
management. Most unices give the administrator the ability to deal with
this (setrlimit/getrlimit), but it's up to the administrator to do it.
Limitations that will protect from the above may hamper legitimate
applications at some deployments.

> This attack will not disable all current version of UNIX, because UNIX
> today limits the number of processes that can be run under any UID (except
> for root). 
Actually, that limitation doesn't usually have any effect on this
problem. Or, if it does, you can simply substitute: while(1) {
malloc(102400); fork(); }

and get around MAXUPROC. Most systems run out of memory before they run
out of job-slots anyway.

> This limit, call MAXUPROC, is usually configured into the
> kernel when the system is built. Some UNIX systems allow this value to be
> set at boot time. A user employing this attack will use up his quota of
> processes, but no more.

But will probably still have wedged the machine into uselessness before
getting anywhere near the number.

D

Follow-Ups:
- Re: [MiNT] Security
  - From: Thomas Binder <gryf@hrzpub.tu-darmstadt.de>

References:
- [MiNT] Security
  - From: kellis <kellis@leading.net>

Prev by Date: Re: [MiNT] Security
Next by Date: Re: [MiNT] Security
Previous by thread: [MiNT] Security
Next by thread: Re: [MiNT] Security
Index(es):
- Date
- Thread