On Thu, Dec 05, 2002 at 02:57:56AM -0500, Roland Dowdeswell wrote:
> But, you have the same problem if you have 2000 programs doing:
> 
> 	for (;;)
> 		getpid();
> 
> or any other system call.  Why should fork(2) be special?  Just
> because there is an old local DOS attack that used it?

Because fork() just happens to be the syscall that will create 2000
of these processes, rather than one, and seriously magnify the problem.

"Attackers who don't know what they're doing" includes "dumb mistakes".

--
Dan.