[pups] User Mode DoS Attacks (was Re: Issues of AUUGN)
Tore Sinding Bekkedal
toresbe at ifi.uio.no
Fri Oct 6 00:51:02 AEST 2006
(oops, sent it off-list - sorry, Milo!)
On Thu, 2006-10-05 at 08:46 -0500, Milo Velimirovic wrote:
> > But you'd need kernel mode for that; this is a DoS attack (one of the
> > first?) launched by a user.
>
> The userland DoS I remember:
>
> main() {
> while(1)
> fork();
> }
>
> And in fact I tried it once on the 11/45 I had access to. Not pretty.
> It can be made less disastrous by judicious addition of a wait(); call.
>
> --Milo, wondering how contemporary UNIX will deal with such
> pathological behavior....
Speaking for Linux, quite badly, though there are some patches that
allow you to limit forks per user. There's even a bash version,
":(){ :|:& };:", which will infinitely fork off bash processes. (It
defines a function calling itself in the background, and then
immediately launches it)
The max number of processes is not so much a problem as the fact that
they are all draining the system resources. Besides, one is likely to
run out of memory before one hits the max process number in Linux
anyway.
- Tore Sinding Bekkedal
More information about the TUHS
mailing list