tech-kern: Re: Fork bomb protection patch

Subject: Re: Fork bomb protection patch
To: Roland Dowdeswell <elric@imrryr.org>
From: Jaromir Dolecek <jdolecek@netbsd.org>
List: tech-kern
Date: 12/06/2002 11:10:21
Roland Dowdeswell wrote:
> and runs into its process limit.  An example would be thttpd and
> running CGI scripts.  With the .5s sleep, if thttpd is asked to
> run too many CGI scripts it will also mysteriously pause every once
> in a while when serving up flat files---a situation which is both
> counter-intuitive and suboptimal.

The thttpd (IMO broken) behaviour is exactly why I earlier said it
wouldn't help to check rate with which fork() is called by process,
since even 'innocent' daemons would trigger the rate check and be
put to sleep anyway.

Perhaps there is some disagreement on the purpose of user/system
limits.

IMHO the limits are there to ensure fair resource usage among users.
The limits should be set in a way that the user (or daemon) never
really reaches it during normal operation, but so that it would
provide safety net should things unexpectedly (due to software bug,
malicious user or attack) start behaving oddly and tried to consume
unexpected amount of resources.

IMHO the thttpd behaviour is broken. It should really have some
limit of 'maximum or running spawned children', rather than spawning
unlimited number of childs to serve any incoming requests.

The other day, I was benchmarking something with thttpd. I was really
puzzled since the benchmark gave quite different results each run.
Only then I checked logs and noticed those thousands of 'can't fork'
messages :( In other words, it's trivial to remotely DoS a machine
running thttpd (or, with user limits, flood thttpd logs),
which is broken IMHO.

I think that as a general rule of thumb, a service shouldn't
frequently run into it's resource limits during normal operation.
If it does, something's wrong. Thus, the induced sleep in fork
doesn't create any new problem AFAICS.

Jaromir
-- 
Jaromir Dolecek <jdolecek@NetBSD.org>            http://www.NetBSD.org/
-=- We should be mindful of the potential goal, but as the tantric    -=-
-=- Buddhist masters say, ``You may notice during meditation that you -=-
-=- sometimes levitate or glow.   Do not let this distract you.''     -=-