Subject: Re: Fork bomb protection patch
To: Lord Isildur <mrfusion@uranium.vaxpower.org>
From: Jaromir Dolecek <jdolecek@netbsd.org>
List: tech-kern
Date: 12/04/2002 22:24:35
Lord Isildur wrote:
> if the user has reached his limit, then he's not yet exceeded it..
> albeit on the very edge of it, he should not be penalized for using the
> resources that he was already granted. refuse to give any further
> resources, sure.. but sleeping a process for .5s is an eternity! just
> deny the requesting process any further fork()s, as we already would do if
> the table was full or the per-user limit was reached.
Problem is that we can't 'deny further forks', since the program
might be just innocent system program bumping to temporal process slot
shortage or into it's process limit. Sleeping there seems like
reasonable; it stops the bad guys, and isn't too annoying for the
'innocent' guys.
It would be quite simple to add some ratecheck() for how frequently
the process bumps into limit, but it seems as overkill; moreover,
I guess that even 'innocent' system programs would loop trying
to spawn children, so would bump into this ratecheck()-induced
sleep anyway too.
Jaromir
> Upping the reserve for root seems good, though it's certainly
> aesthetically more pleasing to see it all done with a single slot..
> my 0.02,
> isildur
>
> On Wed, 4 Dec 2002, Jaromir Dolecek wrote:
> > * make process sleep for 0.5s if the system table is full
> > or when the user reaches their process number limit
>
--
Jaromir Dolecek <jdolecek@NetBSD.org> http://www.NetBSD.org/
-=- We should be mindful of the potential goal, but as the tantric -=-
-=- Buddhist masters say, ``You may notice during meditation that you -=-
-=- sometimes levitate or glow. Do not let this distract you.'' -=-