Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S261765AbVCWRGc (ORCPT ); Wed, 23 Mar 2005 12:06:32 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S261699AbVCWRGc (ORCPT ); Wed, 23 Mar 2005 12:06:32 -0500 Received: from rproxy.gmail.com ([64.233.170.197]:29177 "EHLO rproxy.gmail.com") by vger.kernel.org with ESMTP id S261780AbVCWRF3 (ORCPT ); Wed, 23 Mar 2005 12:05:29 -0500 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=My7z4gmTDboR0Z6S8oJ7mkn3IKRdrOArMoDtvMofivR2EhKngyIWPR/kVq6Dci0oj3ahYO0u1S/CwheTAGREFP4p5H922MlDtE8o0Cp2dk4NB3SFoPWZLVxx50hbOJQzQHDQqoDVXNfnrjzijhHr/4IpkfAqjfY17VDHcvwoKfs= Message-ID: <9cde8bff05032309056c9643a7@mail.gmail.com> Date: Thu, 24 Mar 2005 02:05:28 +0900 From: aq Reply-To: aq To: Natanael Copa Subject: Re: forkbombing Linux distributions Cc: "Hikaru1@verizon.net" , linux-kernel@vger.kernel.org In-Reply-To: <1111586058.27969.72.camel@nc> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit References: <20050322112628.GA18256@roll> <20050322124812.GB18256@roll> <20050322125025.GA9038@roll> <9cde8bff050323025663637241@mail.gmail.com> <1111581459.27969.36.camel@nc> <9cde8bff05032305044f55acf3@mail.gmail.com> <1111586058.27969.72.camel@nc> Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1286 Lines: 33 On Wed, 23 Mar 2005 14:54:18 +0100, Natanael Copa wrote: > On Wed, 2005-03-23 at 22:04 +0900, aq wrote: > > On Wed, 23 Mar 2005 13:37:38 +0100, Natanael Copa wrote: > > > > > This is an example of a program in C my friends gave me that forkbombs. > > > > > My previous sysctl.conf hack can't stop this, but the /etc/limits solution > > > > > enables the owner of the computer to do something about it as root. > > > > > > > > > > int main() { while(1) { fork(); } } > > > > > > I guess that "fork twice and exit" is worse than this? > > > > you meant code like this > > > > int main() { while(1) { fork(); fork(); exit(); } } > > > > is more harmful ? I dont see why (?) > > Because the parent disappears. When things like killall tries to kill > the process its already gone but there are 2 new with new pids. > are you sure? the above forkbomb will stop quickly after just several spawns because of exit(). I agree that make kernel more restrictive by default is a good approach. thank you, aq - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/