From mboxrd@z Thu Jan  1 00:00:00 1970
From: toresbe@ifi.uio.no (Tore Sinding Bekkedal)
Date: Thu, 05 Oct 2006 16:51:02 +0200
Subject: [pups] User Mode DoS Attacks (was Re: Issues of AUUGN)
In-Reply-To: <E183486F-6903-48DA-BBC2-D35A498B86A6@uwlax.edu>
References: <mailman.1.1160013601.40099.pups@minnie.tuhs.org>
	<E183486F-6903-48DA-BBC2-D35A498B86A6@uwlax.edu>
Message-ID: <1160059862.4423.94.camel@localhost.localdomain>

(oops, sent it off-list - sorry, Milo!)

On Thu, 2006-10-05 at 08:46 -0500, Milo Velimirovic wrote:
> > But you'd need kernel mode for that; this is a DoS attack (one of the
> > first?) launched by a user.
> 
> The userland DoS I remember:
> 
> main() {
> 	while(1)
> 		fork();
> }
> 
> And in fact I tried it once on the 11/45 I had access to. Not pretty.  
> It can be made less disastrous by judicious addition of a wait(); call.
> 
> --Milo, wondering how contemporary UNIX will deal with such  
> pathological behavior....

Speaking for Linux, quite badly, though there are some patches that
allow you to limit forks per user. There's even a bash version,
":(){ :|:& };:", which will infinitely fork off bash processes. (It
defines a function calling itself in the background, and then
immediately launches it)

The max number of processes is not so much a problem as the fact that
they are all draining the system resources. Besides, one is likely to
run out of memory before one hits the max process number in Linux
anyway.

- Tore Sinding Bekkedal