[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [MiNT] Security



kellis wrote:
> 
> Typed from "Practical Unix Security" Simson Garfinkel and
> Gene Spafford.
> 
> The following program will paralyze or crash many older version of UNIX.
> 
> #include<stdio.h>
> main()
> {
>         while(1)
>         fork();
> 
> }

This isn't technically a security issue. It's an issue of resource
management. Most unices give the administrator the ability to deal with
this (setrlimit/getrlimit), but it's up to the administrator to do it.
Limitations that will protect from the above may hamper legitimate
applications at some deployments.

> This attack will not disable all current version of UNIX, because UNIX
> today limits the number of processes that can be run under any UID (except
> for root). 
Actually, that limitation doesn't usually have any effect on this
problem. Or, if it does, you can simply substitute: while(1) {
malloc(102400); fork(); }

and get around MAXUPROC. Most systems run out of memory before they run
out of job-slots anyway.

> This limit, call MAXUPROC, is usually configured into the
> kernel when the system is built. Some UNIX systems allow this value to be
> set at boot time. A user employing this attack will use up his quota of
> processes, but no more.

But will probably still have wedged the machine into uselessness before
getting anywhere near the number.

D