Preventing fork bombs? ulimit completely ineffectual

Mailing List

Home

Linux - General Red Hat Linux discussion list

Enterprise Linux 3 - Discussion of Red Hat Enterprise Linux 3 (Taroon)

Red Hat Linux 9 - Discussion of Red Hat Linux 9 (Shrike)

Installation - Getting started with Red Hat Linux

Red Hat Linux 7.3 - Discussion of Red Hat Linux 7.3 (Valhalla)

Red Hat Linux 8.0 - Discussion of Red Hat Linux 8.0 (Psyche)

Red Hat Linux 7.2 - Discussion of Red Hat Linux 7.2 (Enigma)

Red Hat Linux 7.1 - Discussion of Red Hat Linux 7.1 (Seawolf)

Apache Web Server

Oracle database, Microsoft SQL server ...

Subjects

•	application/x mplayer2 plugin
•	RPM error: db4 error(16) from dbenv >remove: Device or resource busy
•	Command stream end of file while reading
•	X Windows problem (xauth)
•	Upgrading openoffice 1 1 rpm
•	FTP: connection refused
•	FTP: connection refused
•	mount: /dev/cdrom: is not a valid block device
•	Dell Precision 650, RedHat 9, no sound
•	how to trace the cause resulting in the crash of bind server
•	Virus on the list
•	UNINSTALL RPM MYSQL
•	usb pen drives: mounting as a user
•	broadcom network interface
•	make mrproper
•	sendmail configuration on redhat
•	Couldn 't open PID file /var/run/named/named pid Permission denied
•	Promise 378 controller
•	kernel 2 6 and /dev/sound/mixer not found
•	Problem using up2date
•	mrtg step by step howto/configuration for a newbie?
•	Compiling and Installing Kernel 2 6
•	Can 't locate module ppp0, can 't locate module ppp compress 21
•	HOW I CAN MAKE BOOTABLE FLOPPY DISKET
•	Lotus Notes under Wine
•	/etc/security/limits conf question
•	Intel E/1000 driver
•	Command stream end of file while reading
•	rpm database corrupt
•	qla2300 modules

Preventing fork bombs? ulimit completely ineffectual

Preventing fork bombs? ulimit completely ineffectual

2003-12-29 - By Jason Tackaberry

Back
I am in the process of building a server that is slated to go into
production by the end of the week. Things have mostly gone well, and
currently I 'm locking things down.

Since this is a system where users are given shell access, I 'm applying
appropriate ulimits on login. However, having tested with a trivial
fork bomb (while (1) fork()), ulimits are proving to be broken -- the
system still drags, and root gets out of memory errors (unacceptable!).

I have been testing with "ulimit -u 50 -v 512000 -m 512000 -t 3 ". Here
is my memory usage:

total used free shared buffers cached
Mem: 2061616 1960552 101064 0 38984 1174232
-/+ buffers/cache: 747336 1314280
Swap: 2096472 0 2096472

Now, observe the following, run as a regular user:

[jtackabe@(protected) jtackabe]$ ulimit -a
core file size (blocks, -c) 0
data seg size (kbytes, -d) unlimited
file size (blocks, -f) unlimited
max locked memory (kbytes, -l) 4
max memory size (kbytes, -m) 512000
open files (-n) 1024
pipe size (512 bytes, -p) 8
stack size (kbytes, -s) 10240
cpu time (seconds, -t) 3
max user processes (-u) 50
virtual memory (kbytes, -v) 512000
[jtackabe@(protected) jtackabe]$ nice
10
[jtackabe@(protected) jtackabe]$ cat bomb.c
main() { while(1) fork(); }
[jtackabe@(protected) jtackabe]$ cc bomb.c
[jtackabe@(protected) jtackabe]$ ./a.out

Immediately after running this, I do a ps in another shell, where I am
logged in as root:

[root@(protected) root]# ps auxww |grep a.out
-bash: fork: Cannot allocate memory

Eventually I can ctrl-c the a.out process, and eventually I stop getting
memory errors when I issue commands as root. However, when I kill -9
the parent process, it takes several minutes to die (eventually it does
seem to die), but during this time it consumes all available CPU. I 'm
not sure how much of this is normal behaviour, but surely root getting
out of memory errors isn 't.

The kernel is 2.4.21-4.0.1.ELsmp, using RHEL 3. Any advice would be
appreciated!

Thanks,
Jason.

--
Jason Tackaberry :: tack@(protected) :: 705-949-2301 x330
Academic Computing Support Specialist
Information Technology Services
Algoma University College :: www.auc.ca