lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <200711220005.32569.Ubuntu@bugabundo.net>
Date:	Thu, 22 Nov 2007 00:05:32 +0000
From:	"(``-_-´´) -- Fernando" 
	<ubuntu@...abundo.net>
To:	ubuntu-devel-discuss@...ts.ubuntu.com
Cc:	linux-kernel@...r.kernel.org
Subject: Re: Is it possible to give the user the option to cancel forkbombs?

On Saturday 17 November 2007 07:04:48 Martin Olsson wrote:
> Repro steps:
> 
> 1. Install gutsy gibbon (or probably any ubuntu)
> 2. Start a gnome terminal
> 3. Run this command:
> 
>     :(){ :|:& };:
> 
> 4. Ubuntu starts to work furiously, after less than a second terminal 
> gets flooded with "low resources" message, and within a few seconds the 
> whole machine breaks down complete to the point where no a single pixel 
> is updated and the mouse cannot be moved at all. It's not possible to 
> escape to a ALT-Fn console terminal and CTRL-ALT-DEL does not work.
> 
> Okay, so this is not as bad as winnuke.exe because it's not remote but I 
> just did it on my shared hosting co and their server went down. And I 
> mean seriously, there should be a way for a user to abort stuff that 
> hogs resources this type of complete breakdown is NEVER acceptible. I 
> had to power of the machine and my file system got royally screwed (long 
> fsck etc).
> 
> Some of you might say this is like the oldest trick in the book, yada 
> yada yada...
> 
> 		Martin

I used to see stuff like this happening on my University students test servers. Once they started doing forks inside for(;;), the server would go down.
Then they replaced the servers by vwmare machines, and now reboots are faster.

But I would like to see installed by default some script like AND(Auto Nice Daemon) or CpuLimit locking any and every process to a maximum of 90% after X seconds. That way one could allways launch a new command and kill it.
Of course, this is assuming that disk I/O is not our main prob, 'cause if that happens there's no way out.

-- 
BUGabundo  :o)
(``-_-´´)	http://Ubuntu.BUGabundo.net
Linux user #443786    GPG key 1024D/A1784EBB
My new micro-blog @ http://BUGabundo.net

Download attachment "signature.asc " of type "application/pgp-signature" (190 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ