fork bomb attack

Kyrre Ness Sjobak kyrre at
Sat Mar 19 16:10:22 UTC 2005

lør, 19.03.2005 kl. 15.48 skrev Konstantin Ryabitsev:
> On Sat, 19 Mar 2005 15:20:50 +0100, Kyrre Ness Sjobak
> <kyrre at> wrote:
> > But bugs in (preinstalled) system software has also been known to cause
> > a resource exhaustion. I had cups do this to me once (try sending a 400
> > mb postscript to gimpprint on a 128 MB RAM computer), or print to a
> > remote machine called "localhost" - thats effectively a forkbomb...
> No, that's a computer with not enough memory. :) We have an OOM-killer
> for such cases. A "denial of service" that results when someone tries
> to run a large application with insufficient system resources is not a
> security concern -- it's a feature. It's the same as trying to buy a
> BMW when you only have enough money for a used Ford -- you'll get a
> denial of service from the dealership, too. ;)

OOMkiller? I have lost all faith in that #"!%¤#%¤#... Situation:
You have:
1. ghostscript, eating about all RAM and all SWAP (a 128 MB computer is
configured with a helluva lot of swap, and it probably has a slow disk
to, so getting *there* took a while...)
2. gnome-panel
3. gaim
4. a buch of other small tray applets etc.
Which three++ did you think OOM killed?

> Besides, you can't ulimit a process running as root anyway. Can you?
Never tried.

More information about the devel mailing list