Re: Patch Related With Fork Bombing Attack

view
thread

Score:

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

[view in full thread]

From: Bodo Eggert <7eggert@...>

To: Anand Jahagirdar <anandjigar@...>, <linux-kernel@...>

Subject: Re: Patch Related With Fork Bombing Attack

Date: Wednesday, June 27, 2007 - 6:14 pm

(not CCing security, since it's not a security bug and it's too late to
 verify if they should be on cc. Will do later.)

Anand Jahagirdar <anandjigar@gmail.com> wrote:

quoted text> This patch Warns the administrator about the fork bombing attack
> (whenever any user is crossing its process limit). I have used
> printk_ratelimit function in this patch. This function helps to
> prevent flooding of syslog and prints message as per the values set by
> root user in following files:-
> 
> 1) /proc/sys/kernel/printk_ratelimit:- This file contains value for,
> how many times message should be printed in syslog.
[...]

I'm wondering: Can these ratelimits be used to tell real forkbombs from
normal oops-i-hit-the-limits? I imagine if you have your private ratelimit,
that might just do the trick.

Beware: I have no idea on how much such an extra ratelimit would cost, and if
having that ratelimit-based detector would actually be a gain.
-- 
Ever notice how fast Windows runs? Neither did I. 

Friß, Spammer: .w@7eggert.dyndns.org N@zu.0vJB.7eggert.dyndns.org
 99aLZMlkFe@YE.7eggert.dyndns.org Bbga@PKDpIYua.7eggert.dyndns.org
-
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Re: Patch Related With Fork Bombing Attack, Bodo Eggert, (Wed Jun 27, 6:14 pm)

Navigation

Mail archive search

Popular discussions


linux-kernel:
Naveen Gupta	Re: [PATCH] cgroup: limit block I/O bandwidth
Chuck Ebbert	Why do so many machines need "noapic"?
Greg KH	[GIT PATCH] driver core patches against 2.6.24
Ingo Molnar	Re: 2.6.24-rc6-mm1
git:
Andy Parkins	svn:externals using git submodules
Linus Torvalds	Be more careful about updating refs
Wink Saville	Using git with Eclipse
Shawn O. Pearce	[JGIT PATCH 0/5] Patch parsing API
openbsd-misc:
Steve Shockley	Re: Real men don't attack straw men
Laurent CARON	IPSEC VPN between OpenBSD and Linux (OpenSwan)
Beavis	mutiple pptp pass-through PF
GVG GVG	ssh_exchange_identification: Connection closed by remote host
linux-netdev:
Jarek Poplawski	Re: [PATCH] pkt_sched: Destroy gen estimators under rtnl_lock().
Gerrit Renker	[PATCH 36/37] dccp: Initialisation and type-checking of feature sysctls
Hannes Eder	[PATCH 19/27] drivers/net/usb: fix sparse warnings: make symbols static
Arjan van de Ven	Re: [GIT]: Networking

Latest forum posts


Calling functions from system call	5 minutes ago	Linux kernel
drivers for motherboard d101ggc	5 hours ago	Linux general
Tune CFS for htpc usage to decoding HD 1080p x264 video streams	17 hours ago	Linux kernel
How to write in kernel memory	19 hours ago	Linux kernel
linux_wrappers.c:306: error: unknown field ‘nopage’ specified in initializer	19 hours ago	Linux kernel
Packet Replay Check	1 day ago	FreeBSD
Cannot rdr from internal network to a squid proxy running on pf bridge firewall.	1 day ago	OpenBSD
Cannot compile kernel modules	1 day ago	Linux kernel
Intelligent enclosure (SES, SAF-TE) monitoring & configuration	3 days ago	Applications and Utilities
I/O operations	3 days ago	Linux kernel

Show all forums...

Recent Tags

more tags

Colocation donated by:

Online users

Syndicate