zju <21625...@zju.edu.cn> writes: >> Interactive shells always ignore SIGTERM. > > I confirmed that the fork bomb through bash would cause the system > oom! This indicates that anybody can use this flaw to crash the > system.It is quite dangerous. > > If you think the behavior of ignoring the SIGTERM is reasonable. Maybe > the only way to solve the problem is to deal with the increasing of > the memory?
The Un*x convention has always been that SIGTERM kills the process but the process can override that, and SIGKILL kills the process and the process cannot override that. So if systemd isn't protecting the system adequately with its current operation, it should instead send SIGKILL. In regard to OOM, if the goal is to prevent fork bombs, the system administrator would need to set a hard limit on "ulimit -u", "The maximum number of processes available to a single user" as well as "ulimit -d", "The maximum size of a process's data segment". Changing the behavior of bash alone could not prevent an attacker from forcing OOM, it would just require the attacker to be more sophisticated. Dale
