From: meetch@DIALix.oz.au (Mitchell Brandsma)
Subject: Re: while(1){fork();} ???
Date: 15 Jun 1993 13:52:39 +0800
nick@quay.ie (Nick Hilliard) writes:
>mdejong@dutiws.twi.tudelft.nl wrote:
>: While checking the security of my linux box, i found that the following program
>: while(1)
>: {
>: fork();
>: }
>: will crash the linux machine, with the console coming with a # (prob in single
>: user mode), giving a user complete control !
>Really? The last time I tried messing about with fork bombs like that,
>nothing spectacular happened. Ok - the machine load went up to about 65 or
>thereabouts, but I was able to log on as root and kill all the processes
>using 'killall' (If you don't have it, then get it). But it definitely
>didn't go to single user mode or anything like that.
Agreed. There are things to take into account... like which kernel was
being used, and the NR_TASKS thingy mentioned below. I tried it last night
using the .99.9 kernel (a-la SLS). Just where does the .99.10 kernel live?
The thing is that after running the original in the foreground and using
^C to get out, all the forked processes refused to show on the process
table. "ps -ua" (when it worked) showed the getty and bash processes
only. Linux then had trouble giving me streams resources for command
completion, and usually ":#" prompt (yes, it had problems displaying the
hostname/directory in the prompt). I think security was still in tact
though... I'll try again later. I didn't try killall.
I'll try it again later and keep notes this time...
>: Is this normal, and can there be done anything about it ?
>: Most unix systems give a "No more processes" or "fork: try again" or something
>: like that, but linux crashes...
>Linux will give those, too. Perhaps you've set NR_TASKS too high in
>/usr/include/linux/tasks.h? Maybe the fork bomb is causing the machine to
>run out of memory? It sounds more like a configuration problem than a
>problem with Linux.
I know the last time my machine ran out of memory, it didn't have it in
mind to give me any sort of prompt. So I don't think that's the problem.
- Mitchell Brandsma (meetch@DIALix.oz.au :)