> It is very easy to crash a system simply by viewing a large file with
> editor such as pico. It will eat up all the resources and do some
> unpredictible things. In my case I viewed a 100mb file as it was reading
> it, it filled up all the swap space which is 48mb. It killed most of the
> processes including sendmail, sshd, X, syslog. Does anyone have any idea
> how can i protect myself against that kind of DoS? My configuration:
> P100, 48mb ram, 48mb swap running on kernel 2.2.2.
There are many 'attacks' similar to this.
As there's often no limit on the resources a user can eat.
Putting a malloc in a while loop will kill the sys quickly.
As will this monster:
void main()
{
int i;
for (i=0;i<10000;i++)
{
system("uptime");
fork();
}
}
This fills the process table so much, that in most cases it's not
possible to log out, or even reboot.
I've been playing with the latter type for the last few days.
A killall 'a.out' (assuming output file was a.out) works in most cases,
but sometimes, there are insufficient resources to fork a new process to
run killall.
One way around this would be to reserve 2-3 slots in the process table for
usage only by root, but that would suck I think.
Aparently BSD doesn't suffer this problem. Anyone know how they get around
this ?
regards,
d.
_____________________________________________________________
| Dave 'Barc0de' Jones. (Paranoid wierdo noize making geek) |
| barc0de@digital-corruption.net http://I.Am/PureHatred |
|_____________________________________________________________|
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/