[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[MiNT] Security

To: MiNT mailing list <mint@fishpool.com>
Subject: [MiNT] Security
From: kellis <kellis@leading.net>
Date: Tue, 13 Jul 1999 20:41:51 +0000
Sender: owner-mint@fishpool.com

Typed from "Practical Unix Security" Simson Garfinkel and 
Gene Spafford.

The following program will paralyze or crash many older version of UNIX.

#include<stdio.h> 
main() 
{
	while(1)
	fork(); 

}

When this program is run, the process executes the fork() instruction,
creatng a second process identical to the first.
Both process then execute the fork() instruction, creating 4 processes.
The growth continues until the system can no longer support any new
processes. This is a total attack, because all of the child processes are
waiting for new processes to be established. Even if you were somehow able
to kill one of these processes, another would come along to take its
place.

This attack will not disable all current version of UNIX, because UNIX
today limits the number of processes that can be run under any UID (except
for root). This limit, call MAXUPROC, is usually configured into the 
kernel when the system is built. Some UNIX systems allow this value to be
set at boot time. A user employing this attack will use up his quota of
processes, but no more.


kellis, thanks..

Follow-Ups:
- Re: [MiNT] Security
  - From: Dancer <dancer@zeor.simegen.com>

Prev by Date: Re: [MiNT] Mintnet bug
Next by Date: [MiNT] Mint Structure Chart
Previous by thread: Re: [MiNT] Mails lost
Next by thread: Re: [MiNT] Security
Index(es):
- Date
- Thread