LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Debian
User Name
Password
Debian This forum is for the discussion of Debian Linux.

Notices


Reply
  Search this Thread
Old 03-27-2005, 09:06 PM   #1
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Exclamation Debian's Fork Bomb Prevention / ULIMIT


i just read an article about forkbombing... debian passed the test, but other distros didn't...
Quote:
I'll quickly mention here that Debian did not suffer the same fate as the others; congrats to the Debian development team.
http://www.securityfocus.com/columnists/308


i'd like to know what (configuration) steps debian takes to have this great behaviour by default, and how the equivalent can be accomplished on other distros (in my case slackware)...

the following script (forkbomb.sh) will take-down my slackware box when run as a non-root user:

Code:
#!/bin/bash
while true; do
./forkbomb.sh &
done
if i do (as the non-root user) something like a "ulimit -u 128" (slackware's default seems to be 2048) before executing the script then the impact is not so high and my box won't go down, but i'd like to know how root can apply a system-wide limit (that can't be changed by non-root users) in the same manner debian does (according to the article)...

any input would be greatly appreciated...

=)


Last edited by win32sux; 03-27-2005 at 09:13 PM.
 
Old 03-27-2005, 10:24 PM   #2
DaWallace
Member
 
Registered: Feb 2004
Location: Southern Maine, United States
Distribution: Slackware Ubuntu Debian FreeBSD
Posts: 418

Rep: Reputation: 31
I too, would LOVE to know this. although I'm not really vulnerable to users trying to take down my system, I'm not going to make the mistake of ignoring potential problems.
 
Old 03-27-2005, 11:57 PM   #3
JordanH
Member
 
Registered: Oct 2003
Location: Toronto, Canada
Distribution: Ubuntu, FC3, RHEL 3-4 AS Retired: SuSE 9.1 Pro, RedHat 6-9, FC1-2
Posts: 360

Rep: Reputation: 30
I just did a few quick tests of this on RHEL 4 on VMWare (since I've never tried Debian). The first test ran within a terminal in Gnome and eventually it ran out of memory. The system terminated some processes and I suspect it took out X or Gnome and X restarted... no problems. The second time around, I ran it straight from the console and after 15 or 30 minutes, it was still running with memory errors showing up all over the place.

I adjusted the /etc/security/limits.conf file and added the line
MrUser hard nproc 128
Does Debian have a system wide limits.conf file as well?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LINUX is the BOMB 69RocketGC LinuxQuestions.org Member Success Stories 1 01-12-2005 07:28 AM
What's up with Debian's java? Dead Parrot Debian 6 04-28-2004 07:02 PM
GeForce 4 mx420 bomb twodogsfunking Linux - Newbie 3 05-08-2003 05:50 PM
Mail Bomb(s) Arcane Kidd Linux - Software 6 04-29-2003 01:11 PM
X Window Autostart Prevention Stephanie Linux - General 4 05-12-2001 02:12 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Debian

All times are GMT -5. The time now is 01:46 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration