Patch Related With Fork Bombing Attack

From: Anand Jahagirdar
Date: Tue Jun 26 2007 - 11:32:37 EST

Next message: DervishD: "Re: NAK (bashizm in the /bin/sh script): [PATCH v3] doc/oops-tracing: add Code: decode info"
Previous message: DervishD: "Re: NAK (bashizm in the /bin/sh script): [PATCH v3] doc/oops-tracing: add Code: decode info"
Next in thread: Bodo Eggert: "Re: Patch Related With Fork Bombing Attack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello All
As per the discussion in the thread with subject as
Patch Related with Fork Bombing Attack on LKML,I have modified my
patch. I request you for the inclusion of my attached patch named
"fork.patch".

Summery of the Patch:

This patch Warns the administrator about the fork bombing attack
(whenever any user is crossing its process limit). I have used
printk_ratelimit function in this patch. This function helps to
prevent flooding of syslog and prints message as per the values set by
root user in following files:-

1) /proc/sys/kernel/printk_ratelimit:- This file contains value for,
how many times message should be printed in syslog.

2) /proc/sys/kernel/printk_ratelimit_burst: - This file contains value
for, after how much time message should be repeated.

This patch is really helpful for administrator/root user from security
point of view. They can take action against attacker by looking at
syslog messages related with fork bombing attack.

Added comments will definitely help developers.

Signed-Off-by: Anand Jahagirdar <anandjigar@xxxxxxxxx>

Attachment: fork.patch
Description: Binary data

Next message: DervishD: "Re: NAK (bashizm in the /bin/sh script): [PATCH v3] doc/oops-tracing: add Code: decode info"
Previous message: DervishD: "Re: NAK (bashizm in the /bin/sh script): [PATCH v3] doc/oops-tracing: add Code: decode info"
Next in thread: Bodo Eggert: "Re: Patch Related With Fork Bombing Attack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]