Fork bombing a Linux machine as a non-root user
Dave Jones
davej at redhat.com
Fri Mar 18 19:51:55 UTC 2005
On Fri, Mar 18, 2005 at 02:24:56PM -0500, Scot L. Harris wrote:
> This is the wrong approach. A user level account should not be allowed
> to consume resources to the point that the whole system crashes.
man ulimit
sysadmins are responsible for setting these limits as they are per-site
values that make no sense globally.
> Per the article, this is an old trick that was fixed in many different
> versions of Unix. There should be limits on the resources a user
> process can request
man ulimit
> Similar limit is placed on a user allocating disk space.
again, the tools are there, use them.
If Fedora shipped with every single configuration having a quota
enforced, a lot people would go nuts. It doesn't make sense everywhere.
> While this is not an exploit that results in root level access it is a
> denial of service that could be used by anyone that achieves user level
> access to a system. And users should never be trusted. They will find
> some way to mess things up. :)
man ulimit.
This is a complete non-issue, that gets blown out of all proportion
every single time it comes up. Usually at the beginning of each academic year.
Dave
More information about the users
mailing list