| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 23 Nov 2007 08:34:47 +0100
From: Radoslaw Szkodzinski (AstralStorm) <lkml@...ralstorm.puszkin.org>
To: Dane Mutters <dmutters@...il.com>
Cc: Diego Calleja <diegocg@...il.com>,
Martin Olsson <mnemo@...imum.se>,
Peter Zijlstra <peterz@...radead.org>,
Alan Cox <alan@...rguk.ukuu.org.uk>,
linux-kernel@...r.kernel.org
Subject: Re: Is it possible to give the user the option to cancel forkbombs?
On Sat, 17 Nov 2007 09:55:01 -0800
Dane Mutters <dmutters@...il.com> wrote:
> I don't know if this is at all feasible, but is it possible to have a
> mechanism that would detect a fork bomb in progress and either stop the
> fork, or allow the user to cancel the operation? For example, are there
> any legitimate processes (i.e. ones that really need to fork like crazy)
> that would need to generate 200+ processes in less than 1 second?
>
> (Note: I'm not a programmer; I'm just throwing out the idea.)
>
If the parent PID of the new task is exported through TASKSTATS, you can
do it already in userspace. If not, that data should be exported.
Then you could write a root daemon using netlink, set it to RT priority
and create an inheritable counter in it to thwart binary forking.
The counter would be cleared every x seconds.
No need to do it in the kernel.
Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)
Powered by blists - more mailing lists