Re: Fork bombing a Linux machine as a non-root user

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
Subject: Re: Fork bombing a Linux machine as a non-root user
From: David Curry <dsccable@xxxxxxxxxxx>
Date: Sat, 19 Mar 2005 23:47:12 -0500
In-reply-to: <[email protected]>
List-archive: <https://www.redhat.com/archives/fedora-list>
List-help: <mailto:[email protected]?subject=help>
List-id: For users of Fedora Core releases <fedora-list.redhat.com>
List-post: <mailto:[email protected]>
List-subscribe: <http://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=subscribe>
List-unsubscribe: <http://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=unsubscribe>
References: <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]>
Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20040922

William Hooper wrote:

David Curry said:
The other assumption
is that the person who adds logins and and gives out passwords to others
knows more about whether their access to certain resources should be
limited or if they can be trusted to use the full power of the box.
This argument overlooks the specifc kind of concern that prompted the thread originating author to pose his question. Namely, vulnerability of the system to fork bombing if it is hacked.
If a system is hacked, a fork bomb is the least of your worries. Really. Given the choice between a DOS (which will get noticed) or a smart bad guy that is going to just quietly monitor everything and control your machine without being noticed, I would pick the DOS.

The thing about hackers, though, is that only they know what it is they want to do. A fork bomb may be a lesser risk than something else, but it is nevertheless a risk that many newcomers to linux are unaware of.

As Dave Jones pointed out (very early in this thread) it is next to
impossible to pick arbitrary values that will work in all situations.  You
will either guess too high or too low.

I am certainly not suggesting that OS distributors are in a position to pick arbitrary values that will work in all situations. Nor am I suggesting that they attempt to do so. Rather, I am saying that for OS distributors to set installation defaults at "unlimited" and/or high values is tantamount to doing just that. A better practice would be to set installatioin defaults at levels that will clearly support installation of the OS, make those default installation values known to the ops, and expect ops to address the resource allocation issue at time of installation.

To use your car analogy, would you expect to buy a car and have it's speed
limited to 35 MPH, because that is the speed limit on the street you
bought it?

--
William Hooper

I expect a car to run at idling speed in neutral gear until I as an op decide to use more of the resource available. At which time, as an op I allocate more resources by putting the vehicle into gear and provide more fuel to accelerate.

Follow-Ups:
- Re: Fork bombing a Linux machine as a non-root user
  - From: William Hooper

References:
- Fork bombing a Linux machine as a non-root user
  - From: M.Rudra
- Re: Fork bombing a Linux machine as a non-root user
  - From: Matthew Miller
- Re: Fork bombing a Linux machine as a non-root user
  - From: Scot L. Harris
- Re: Fork bombing a Linux machine as a non-root user
  - From: Dave Jones
- Re: Fork bombing a Linux machine as a non-root user
  - From: Scot L. Harris
- Re: Fork bombing a Linux machine as a non-root user
  - From: Dave Jones
- Re: Fork bombing a Linux machine as a non-root user
  - From: Ow Mun Heng
- Re: Fork bombing a Linux machine as a non-root user
  - From: Les Mikesell
- Re: Fork bombing a Linux machine as a non-root user
  - From: David Curry
- Re: Fork bombing a Linux machine as a non-root user
  - From: Les Mikesell
- Re: Fork bombing a Linux machine as a non-root user
  - From: David Curry
- Re: Fork bombing a Linux machine as a non-root user
  - From: William Hooper

Prev by Date: Re: Antivirus in FC3?
Next by Date: Re: FUDCon video
Previous by thread: Re: Fork bombing a Linux machine as a non-root user
Next by thread: Re: Fork bombing a Linux machine as a non-root user
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]

Powered by Linux