On Sat, 17 Nov 2007 09:55:01 -0800
Dane Mutters <[EMAIL PROTECTED]> wrote:
> I don't know if this is at all feasible, but is it possible to have a
> mechanism that would detect a fork bomb in progress and either stop the
> fork, or allow the user to cancel the operation? For example, are there
>
(``-_-´´) -- Fernando wrote:
I used to see stuff like this happening on my University students test servers.
Once they started doing forks inside for(;;), the server would go down.
Then they replaced the servers by vwmare machines, and now reboots are faster.
UNIX (and Linux) already has a
On Saturday 17 November 2007 07:04:48 Martin Olsson wrote:
> Repro steps:
>
> 1. Install gutsy gibbon (or probably any ubuntu)
> 2. Start a gnome terminal
> 3. Run this command:
>
> :(){ :|:& };:
>
> 4. Ubuntu starts to work furiously, after less than a second terminal
> gets flooded with
On Saturday 17 November 2007 07:04:48 Martin Olsson wrote:
Repro steps:
1. Install gutsy gibbon (or probably any ubuntu)
2. Start a gnome terminal
3. Run this command:
:(){ :|: };:
4. Ubuntu starts to work furiously, after less than a second terminal
gets flooded with low
(``-_-´´) -- Fernando wrote:
I used to see stuff like this happening on my University students test servers.
Once they started doing forks inside for(;;), the server would go down.
Then they replaced the servers by vwmare machines, and now reboots are faster.
UNIX (and Linux) already has a
On Sat, 17 Nov 2007 09:55:01 -0800
Dane Mutters [EMAIL PROTECTED] wrote:
I don't know if this is at all feasible, but is it possible to have a
mechanism that would detect a fork bomb in progress and either stop the
fork, or allow the user to cancel the operation? For example, are there
any
On Sat, 2007-11-17 at 16:53 +0100, Diego Calleja wrote:
> El Sat, 17 Nov 2007 09:42:51 -0800, Martin Olsson <[EMAIL PROTECTED]>
> escribió:
>
> > I don't think that setting a max process count by default is a
> > good/viable solution.
>
>
> I don't see why...OS X had a default limit of 100
El Sat, 17 Nov 2007 09:42:51 -0800, Martin Olsson <[EMAIL PROTECTED]> escribió:
> I don't think that setting a max process count by default is a
> good/viable solution.
I don't see why...OS X had a default limit of 100 processes per uid (increased
to 266 in 10.5) and "it works" (many people
Andi Kleen <[EMAIL PROTECTED]> wrote:
>
> Pretty much all the per process limits would need to be per uid to be really
> useful in general. I'm hoping that we'll get some of that out of the recent
You've hit the nail on the head. I've always liked to have
per-uid limits on network sockets too as
Alan Cox <[EMAIL PROTECTED]> writes:
>> > I would like to see something done about this, with Ubuntu as popular as
>> > it is, even as a server in some cases. Is there a way that in the
>> > future, one could simply download a package or click a box or something
>> > and have a limit set, like
> > I would like to see something done about this, with Ubuntu as popular as
> > it is, even as a server in some cases. Is there a way that in the
> > future, one could simply download a package or click a box or something
> > and have a limit set, like the links suggest? That would make things
On Sat, 2007-11-17 at 09:42 -0800, Martin Olsson wrote:
> (taking this reply offline, so this is mostly intended for Alan)
>
> Peter Zijlstra wrote:
> >
> > If you don't know which limits to set and need a package for them, your
> > job title should not be system administrator.
> >
>
> In
(taking this reply offline, so this is mostly intended for Alan)
Peter Zijlstra wrote:
If you don't know which limits to set and need a package for them, your
job title should not be system administrator.
In theory I agree with you Peter but in practice a lot of low-skill
people have to
(taking this reply offline, so this is mostly intended for Alan)
Peter Zijlstra wrote:
If you don't know which limits to set and need a package for them, your
job title should not be system administrator.
In theory I agree with you Peter but in practice a lot of low-skill
people have to
On Sat, 2007-11-17 at 09:42 -0800, Martin Olsson wrote:
(taking this reply offline, so this is mostly intended for Alan)
Peter Zijlstra wrote:
If you don't know which limits to set and need a package for them, your
job title should not be system administrator.
In theory I agree
I would like to see something done about this, with Ubuntu as popular as
it is, even as a server in some cases. Is there a way that in the
future, one could simply download a package or click a box or something
and have a limit set, like the links suggest? That would make things
just
Alan Cox [EMAIL PROTECTED] writes:
I would like to see something done about this, with Ubuntu as popular as
it is, even as a server in some cases. Is there a way that in the
future, one could simply download a package or click a box or something
and have a limit set, like the links
Andi Kleen [EMAIL PROTECTED] wrote:
Pretty much all the per process limits would need to be per uid to be really
useful in general. I'm hoping that we'll get some of that out of the recent
You've hit the nail on the head. I've always liked to have
per-uid limits on network sockets too as
El Sat, 17 Nov 2007 09:42:51 -0800, Martin Olsson [EMAIL PROTECTED] escribió:
I don't think that setting a max process count by default is a
good/viable solution.
I don't see why...OS X had a default limit of 100 processes per uid (increased
to 266 in 10.5) and it works (many people notices
On Sat, 2007-11-17 at 16:53 +0100, Diego Calleja wrote:
El Sat, 17 Nov 2007 09:42:51 -0800, Martin Olsson [EMAIL PROTECTED]
escribió:
I don't think that setting a max process count by default is a
good/viable solution.
I don't see why...OS X had a default limit of 100 processes
On Fri, 2007-11-16 at 22:45 -0800, Dane Mutters wrote:
> I thought you might find this helpful. (I brought this issue up with
> the Slackware folks once, and they told me basically this.)
>
> http://wiki.craz1.homelinux.com/index.php/Linux:Security:Forkbomb
>
> I was also told that the ability
I thought you might find this helpful. (I brought this issue up with
the Slackware folks once, and they told me basically this.)
http://wiki.craz1.homelinux.com/index.php/Linux:Security:Forkbomb
I was also told that the ability to spawn such rampant forks/processes
is controlled by default in
> 3. Run this command:
>
> :(){ :|:& };:
>
> 4. Ubuntu starts to work furiously, after less than a second terminal
> gets flooded with "low resources" message,
Set your system with suitable process and user resource limits. Also I'd
suggest setting memory overcommit to strict.
Our
Sorry about that, I checked the "has security impact" checkbox and that
marked it as private by default. This is a very well known problem
though so keeping secret certainly does not make sense. I have manually
removed the "private" flag now.
The content of the bug report was as follows:
El Fri, 16 Nov 2007 21:51:27 -0800, Martin Olsson <[EMAIL PROTECTED]> escribió:
> Dear kernel hackers,
>
> This is a message from below 0x7FFF. Please look at this bug (it's
> not a new concept but still):
> https://bugs.launchpad.net/ubuntu/+bug/163185
Can't see that page:
On Fri, 16 Nov 2007 21:51:27 -0800
Martin Olsson <[EMAIL PROTECTED]> wrote:
> Dear kernel hackers,
>
> This is a message from below 0x7FFF. Please look at this bug (it's
> not a new concept but still):
> https://bugs.launchpad.net/ubuntu/+bug/163185
It seems to want people to register to
Dear kernel hackers,
This is a message from below 0x7FFF. Please look at this bug (it's
not a new concept but still):
https://bugs.launchpad.net/ubuntu/+bug/163185
I'm no expert but I'd guess the "complete freeze" part of the bug has to
do with the kernel, no? It would be nice to have a
Dear kernel hackers,
This is a message from below 0x7FFF. Please look at this bug (it's
not a new concept but still):
https://bugs.launchpad.net/ubuntu/+bug/163185
I'm no expert but I'd guess the complete freeze part of the bug has to
do with the kernel, no? It would be nice to have a
On Fri, 16 Nov 2007 21:51:27 -0800
Martin Olsson [EMAIL PROTECTED] wrote:
Dear kernel hackers,
This is a message from below 0x7FFF. Please look at this bug (it's
not a new concept but still):
https://bugs.launchpad.net/ubuntu/+bug/163185
It seems to want people to register to view it.
El Fri, 16 Nov 2007 21:51:27 -0800, Martin Olsson [EMAIL PROTECTED] escribió:
Dear kernel hackers,
This is a message from below 0x7FFF. Please look at this bug (it's
not a new concept but still):
https://bugs.launchpad.net/ubuntu/+bug/163185
Can't see that page:
--
Sorry about that, I checked the has security impact checkbox and that
marked it as private by default. This is a very well known problem
though so keeping secret certainly does not make sense. I have manually
removed the private flag now.
The content of the bug report was as follows:
3. Run this command:
:(){ :|: };:
4. Ubuntu starts to work furiously, after less than a second terminal
gets flooded with low resources message,
Set your system with suitable process and user resource limits. Also I'd
suggest setting memory overcommit to strict.
Our default
I thought you might find this helpful. (I brought this issue up with
the Slackware folks once, and they told me basically this.)
http://wiki.craz1.homelinux.com/index.php/Linux:Security:Forkbomb
I was also told that the ability to spawn such rampant forks/processes
is controlled by default in
On Fri, 2007-11-16 at 22:45 -0800, Dane Mutters wrote:
I thought you might find this helpful. (I brought this issue up with
the Slackware folks once, and they told me basically this.)
http://wiki.craz1.homelinux.com/index.php/Linux:Security:Forkbomb
I was also told that the ability to
34 matches
Mail list logo
