Home » Forums » Linux » Linux general

Forkbombing Linux

Submitted by Kedar Sovani
on March 21, 2005 - 12:07am

Recently, there was an article on Security Focus, about how it is possible to forkbomb most of the Linux distributions. It has nothing to do with a vulnerability/bug in the kernel, it is simply a configuration issue. Apparently, most of the Linux distributions do not set the security configurations for this, by default (Debian was an exception, I guess).

There was also a thread on the lkml.

Some of the solutions suggested were to use man ulimit or edit the settings in /etc/security/limits.conf and restrict the number of process that a user can fork.

‹ How does -j switch in make work sil3112 and kernels >= 2.6.10 ›

Old!

Anonymous (not verified)
on
March 21, 2005 - 12:17pm

This is nothing new, it was discovered __years__ ago.

The configuration for ulimit is the reponsibility of the system administrator IMHO.

Move along!

Exactly!

Kedar Sovani
on
March 21, 2005 - 11:26pm

Such an old attack vector is not protected by the *default* security configurations in most Linux distributions. Yes, it is the administrator's responsibility, but also the distributions'.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.