From: Joe <[EMAIL PROTECTED]>
> >
> > Another thing (2.2.10 related):
> > - if I run a stupid malloc-ing and forking for-loop (as a
> > non-privileged
> > user) every process I try to execute dumps core; is this
> > exploitable?
>
> what does your code look like? something like that shown
> below?
>
> for (i=1;i>0; i++) {
> somevar = (char*)malloc(1024);
> }
>
> if you have users doing this then you have other problems.. I
> think ANY system/OS would have problems as it is equivalant to a
> memory leak ...
>
> > Furthermore, with this little proggie anyone can "freeze" my
> > system;
> > i.e. it doesn't halt, but all my resources are eaten up (I
> > can't even
> > run kill being root) -- can I use another way besides PAM,
> > running top
> > from inittab or the Sysctl hack to solve this gently (maybe
> > using some
> > root/kernel memory or perhaps a way to `talk' to init
> > directly??)
> >
> I'd write a small program that would check on system procvess to
> see how much memory they are using (read the /proc/PID/status
> file) and if a program was using more memory then I wanted it to
> kill the process.
This is also a call for per/user and per/process limits. You can also
hang the system by using too many processes/open file ids ... which in
turn calls for more per user information (unabashed plug for a user
database instead of a password/shadow file combo :)
-------------------------------------------------------------------------
Jesse I Pollard, II
Email: [EMAIL PROTECTED]
Any opinions expressed are solely my own.
-
Linux SMP list: FIRST see FAQ at http://www.irisa.fr/prive/mentre/smp-faq/
To Unsubscribe: send "unsubscribe linux-smp" to [EMAIL PROTECTED]
