[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[MiNT] Security
Typed from "Practical Unix Security" Simson Garfinkel and
Gene Spafford.
The following program will paralyze or crash many older version of UNIX.
#include<stdio.h>
main()
{
while(1)
fork();
}
When this program is run, the process executes the fork() instruction,
creatng a second process identical to the first.
Both process then execute the fork() instruction, creating 4 processes.
The growth continues until the system can no longer support any new
processes. This is a total attack, because all of the child processes are
waiting for new processes to be established. Even if you were somehow able
to kill one of these processes, another would come along to take its
place.
This attack will not disable all current version of UNIX, because UNIX
today limits the number of processes that can be run under any UID (except
for root). This limit, call MAXUPROC, is usually configured into the
kernel when the system is built. Some UNIX systems allow this value to be
set at boot time. A user employing this attack will use up his quota of
processes, but no more.
kellis, thanks..