Re: [2.4.18] Security: Process-Killer if machine get's out of memory

From: Andreas Hartmann (andihartmann@freenet.de)
Date: Sun Mar 24 2002 - 13:37:20 EST


Christian Bornträger wrote:
> Rik van Riel wrote:
>
>>On Sun, 24 Mar 2002, Roy Sigurd Karlsbakk wrote:
>>
>>>Would it hard to do some memory allocation statistics, so if some
>>>process at one point (as rsync did) goes crazy eating all memory, that
>>>would be detected?
>>
>>No. What I doubt however is whether it would be worth it,
>>since most machines never run OOM.
>
>
> Well, I think could be worth in terms of security, because a local user could
> use a bad memory-eating program to produce an Denial of Service of other
> processes.

That's what I fear.

Take the actual example. You've running a server on which people can
connect with rsync. Somebody breaks off rsync - and the rsync-process on
the server is getting crazy - that's the situation, I described at the
beginning.

Now, the httpd-process on the server is killed, the named, ... .

It's a perfect DOS-attack.

Regards,
Andreas Hartmann

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Sun Mar 31 2002 - 22:00:08 EST