tech-kern: Re: Fork bomb protection patch

Subject: Re: Fork bomb protection patch
To: NetBSD Kernel Technical Discussion List <tech-kern@netbsd.org>
From: Lord Isildur <mrfusion@uranium.vaxpower.org>
List: tech-kern
Date: 12/06/2002 18:39:48
yes, and killing a fork bomb with even only one slot in the process table is 
very simple. your last command to the shell is to exec top ;) 
happy hacking,
isildur

On Fri, 6 Dec 2002, Greg A. Woods wrote:
> It's really _not_ that hard.  Back to sysadmin remedial class for you!
> 
> (yes I too once wrote a fork-bomb that I called a "spawning spinning
> top" where each child was self-reproducing and each was careful to
> maximize its use of resources without getting itself killed accidentally
> by stray signals and errors and such -- but this thread has finally come
> to at least the consensus that it is only about a stupid fix that can
> only possibly try to ease the impact of stupid accidents done by
> ordinary users that are much more easily stopped with one well-placed
> kill and then a simple followup kill or two and much more easily
> controlled with proper resource limits:  i.e. this hack can't work
> against malicious attackers and the battle's lost before it begins if
> the fork-bomb is run as root so what's left are the situations where the
> hack is not ever needed)
> 
> > Strange, but it works great for me.
> 
> You've got very strange concept of "works great", I think.....
> 
> >  before the commit, I had lots of
> > problems with forkbombs on systems that I had to deal with.
> 
> Wonders will never cease I suppose -- how did you manage to get so many
> fork-bombs on your systems?  Pure dumb luck, or are you actually talking
> about malicious users that can be better dealt with by other proper and
> true fixes using resource limits and big sticks?  Why can't you just
> kill the evil spawn yourself in the first place?  Why do you think you
> need some kind of silly and incorrect kernel hack to help you out?
> 
> > Having lived several months in the forkbomb free zone of freebsd shows
> > that this change is very worth while.
> 
> heh.
> 
> You're _NOT_ "free" of fork-bombs -- you just think you have it easier
> when cleaning them up, but that's only because you haven't really
> thought through the whole problem from beginning to end.  You haven't
> really gained anything at all while in the mean time you have a kernel
> that thinks it knows better when to delay some arbitrary process.
> 
> on FreeBSD you even have 'killall' to do most of the "hard" work for you
> 
> -- 
> 								Greg A. Woods
> 
> +1 416 218-0098;            <g.a.woods@ieee.org>;           <woods@robohack.ca>
> Planix, Inc. <woods@planix.com>; VE3TCP; Secrets of the Weird <woods@weird.com>
>