Linux Kernel Security, Again

Threat level definition

Linux Kernel Security, Again
Jason Miller, 2005-03-16

It's a sad day when an ancient fork bomb attack can still take down most of the latest Linux distributions.

Expand all | Post comment

silly article 2005-03-17
Anonymous (4 replies)

silly article 2005-03-18
Anonymous

silly article 2005-03-18
Anonymous (1 replies)

shouldn't you people already have your boxes secured? 2005-03-18
Anonymous (2 replies)

shouldn't you people already have your boxes secured? 2005-03-19
Anonymous

shouldn't you people already have your boxes secured? 2005-03-23
anon

silly response 2005-03-18
Anonymous

silly comment 2005-03-18
Anonymous (1 replies)

silly article 2005-03-18
Anonymous

Linux Kernel Security, Again 2005-03-17
Karyl Stein (1 replies)

Linux Kernel Security, Again 2005-03-17
Jason V. Miller (Author) (1 replies)

Linux Kernel Security, Again 2005-03-18
Anonymous

Linux^H^H^H^H^HAny Kernel Security, Again 2005-03-18
Anonymous

Silly IDS kid needs to learn C. 2005-03-19
OpenBSD is for Girls

Linux Kernel Security, Again 2005-03-19
Anonymous

Linux Kernel Security, Again 2005-03-19
Anonymous

FC2 vulnerable, too - copy of script enclosed 2005-03-19
Anonymous

Linux Kernel Security 2005-03-19
Anonymous

Does it work on Mac OS X? 2005-03-19
huwr

Fresh FreeBSD 5.3 install 2005-03-20
Anonymous

Gentoo: emerge hardened-dev-sources 2005-03-20
Scoove

Try, disk I/O and mem. alloc 2005-03-20
Bipin Gautam

Solaris 10 vulnerable, too 2005-03-20
Anonymous

Why its Valid! 2005-03-21
Anonymous

Mandrake 10.1 didn't freeze... 2005-03-21
Anonymous

Scaremongering. Not a serious problem. 2005-03-21
Anonymous

DEBIAN 2005-03-21
Anonymous (1 replies)

DEBIAN 2005-03-22
Anonymous (1 replies)

DEBIAN 2005-03-23
Lucio

Linux Kernel Security, Again 2005-03-23
Anonymous

Linux Kernel Security, Again 2005-03-24
Anonymous

PAM 2005-03-24
Maestr0

Linux Kernel Security, Again 2005-03-28
Anonymous

Linux Kernel Security, Again 2005-03-29
Anonymous

Linux Kernel Security, Again 2005-09-01
tcsh

Linux Kernel Security, Again 2005-03-17
Anonymous (3 replies)

Linux Kernel Security, Again 2005-03-17
Jason V. Miller (Author) (3 replies)

Linux Kernel Security, Again 2005-03-19
CrossChris

Linux Kernel Security, Again 2005-03-17
mrsad (1 replies)

Linux Kernel Security, Again 2005-03-17
Jason V. Miller (Author) (1 replies)

Linux Kernel Security, Again 2005-03-18
Anonymous (2 replies)

Linux Kernel Security, Again 2005-03-20
Anonymous

Linux Kernel Security, Again 2005-03-18
crf (2 replies)

Linux Kernel Security, Again 2005-03-18
Anonymous

Linux Kernel Security, Again 2005-03-18
Anonymous

Linux Kernel Security, Again 2005-03-18
Anonymous

Linux Kernel Security, Again 2005-03-18
Anonymous

Linux Kernel Security, Again 2005-03-18
Anonymous

simple fork bomb? 2005-03-17
Anonymous (1 replies)

simple fork bomb? 2005-03-17
Jason V. Miller (Author) (3 replies)

simple fork bomb? 2005-03-20
Anonymous

simple fork bomb? 2005-03-17
Anonymous

simple fork bomb? 2005-03-17
Anonymous (1 replies)

simple fork bomb? 2005-03-17
Jason V. Miller (Author) (1 replies)

simple fork bomb? 2005-03-18
Stephen Samuel (3 replies)

One of the problems with Linux is that it is so scalable. Limits that wouldn't sweat a 3Gz P4 with 4GB of ram would reduce my 200Mz P2 with 128MB of ram to a quivering pile of silicon, but I can install onto both from the same CD.

Similarly, limits that seemed reasonable on my P2 might have people complainig about arbitrary limits on the P4. Although it's a bit of a no-win situation for a distribution maker, I still agree that they have to come up with SOME sort of limit -- but that also requires clearly documenting how to change those limits when the prove to be unreasonably low (or high).

Something else that I'd point out is that preventing a local DOS is a lot harder than preventing a remote DOS -- especially if you want to avoid arbitrary limits on legitimate work. If we block forkbombing today, I'm sure we're going to see somebody 5 years down the road screaming about 'only' being allowed 2000 processes on the default build.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/308/31052#31052

simple fork bomb? 2005-03-20
Anonymous

simple fork bomb? 2005-03-18
Eric F.

simple fork bomb? 2005-03-18
Michael Ayres

Linux Kernel Security, Again 2005-03-17
AdamW

Linux Kernel Security, Again 2005-03-17
Todd Knarr

Intended use dictates the limits 2005-03-17
Erik Keller (1 replies)

Intended use dictates the limits 2005-03-17
Jason V. Miller (Author) (4 replies)

Intended use dictates the limits 2005-03-23
Anonymous

Intended use dictates the limits 2005-03-25
Anon

Intended use dictates the limits 2005-03-18
Erik Keller (1 replies)

Maybe just use proper distros where needed? 2005-03-20
Michael Shigorin

Intended use dictates the limits 2005-03-18
Jim

Linux Kernel Security, Again 2005-03-17
Anonymous (2 replies)

Linux Kernel Security, Again 2005-03-17
Jason V. Miller (Author) (1 replies)

LSM is in the standard kernel. 2005-03-18
Anonymous

Linux Kernel Security, Again 2005-03-18
Anonymous (1 replies)

Linux Kernel Security, Again 2005-03-18
Anonymous (1 replies)

Linux Kernel Security, Again 2005-03-19
PaX Team

Once again... 2005-03-18
Anonymous (1 replies)

re: Once again... 2005-03-18
editor

Debian not vulnerable? 2005-03-18
Wilmer van der Gaast (2 replies)

Debian not vulnerable? 2005-03-18
k_the_c

Debian not vulnerable? 2005-03-18
Anonymous

Linux Kernel Security, Again 2005-03-18
Matthew

Linux Kernel Security, Again 2005-03-18
Gentoo User (1 replies)

Linux Kernel Security, Again 2005-03-18
Another Gentoo User (2 replies)

Linux Kernel Security, Again 2005-03-18
Gentoo/Debian/OpenBSD user (1 replies)

Linux Kernel Security, Again 2005-03-18
Jason V. Miller (Author)

Linux Kernel Security, Again 2005-03-18
gregm

python forkbomb one liner + thoughts 2005-03-18
X

Linux Kernel Security, Again 2005-03-18
FreeBSD user (2 replies)

Linux Kernel Security, Again 2005-03-19
Ryan

Linux Kernel Security, Again 2005-03-18
Jason V. Miller (Author)

Debian IS vulnerable! 2005-03-18
Anonymous (2 replies)

Debian IS vulnerable! 2005-03-18
Anonymous

Debian IS vulnerable! 2005-03-18
Anonymous (2 replies)

Get SuSE 2005-03-18
Anonymous

Debian IS vulnerable! 2005-03-18
Anonymous

Linux Kernel Security, Again 2005-03-18
Gentoo User

Linux Kernel Security, Again 2005-03-18
Anonymous

Linux only? perhaps across the board problem? Conflict of interest? 2005-03-18
glotfeltys@gmail.com (1 replies)

no conflict, thank-you very much 2005-03-18
editor

Linux Kernel Security, Again 2005-03-18
Angel Freire

Gentoo vulnerable? 2005-03-18
Anonymous (1 replies)

Gentoo vulnerable? 2005-03-18
dk

Linux Kernel Security, Again 2005-03-18
Saltine (1 replies)

Linux Kernel Security, Again 2005-03-20
Anonymous

Linux Kernel Security, Again 2005-03-18
Stef (1 replies)

Linux Kernel Security, Again 2005-03-18
Jason V. Miller (Author)

Jason's opinion is too biased 2005-03-18
Anonymous (2 replies)

Jason's opinion is too biased 2005-03-18
Jason V. Miller (Author) (1 replies)

Jason's opinion is too biased 2005-03-23
Anonymous

Jason's opinion is too biased 2005-03-18
Anonymous

Linux Kernel Security, Again 2005-03-18
Anonymous

Take the first step author. 2005-03-18
EG (2 replies)

Take the first step author. 2005-03-18
Jason V. Miller (Author)

Take the first step author. 2005-03-18
Anonymous (1 replies)

Take the first step author. 2005-03-18
Anonymous

Solution was?... 2005-03-18
Anonymous (2 replies)

Solution was?... 2005-03-18
Anonymous

Solution was?... 2005-03-19
Anonymous

Not quite a valid criticism... 2005-03-18
Anonymous (2 replies)

Not quite a valid criticism... 2005-03-20
darwin lopez

Not quite a valid criticism... 2005-03-20
Anonymous

Privacy Statement
Copyright 2009, SecurityFocus