Re: forkbombing Linux distributions

On Wed, Mar 23, 2005 at 01:37:38PM +0100, Natanael Copa wrote:
> On Wed, 2005-03-23 at 19:56 +0900, aq wrote:
> > > /etc/limits does a better job at stopping forkbombs.
> 
> but does not limit processes that are started from the boot scripts. So
> if a buggy non-root service is exploited, an attacker would be able to
> easily shut down the system.

That's easy to fix: set limits from initrd or initramfs.


Erik

-- 
+-- Erik Mouw -- www.harddisk-recovery.com -- +31 70 370 12 90 --
| Lab address: Delftechpark 26, 2628 XH, Delft, The Netherlands
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• Follow-Ups:
  • Re: forkbombing Linux distributions
    • From: Natanael Copa <[email protected]>

• References:
  • Re: forkbombing Linux distributions
    • From: aq <[email protected]>
  • Re: forkbombing Linux distributions
    • From: Natanael Copa <[email protected]>

• Prev by Date: Re: unused 'size' assignment in filemap_nopage
• Next by Date: Re: [PATCH][alpha] "pm_power_off" [drivers/char/ipmi/ipmi_poweroff.ko] undefined!
• Previous by thread: Re: forkbombing Linux distributions
• Next by thread: Re: forkbombing Linux distributions
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]