Re: luser beeing able to kill random root owned procs (linux 2.2.20) ?

From: Samu (samu@linuxasylum.net)
Date: 11/10/01


Date: Sat, 10 Nov 2001 18:11:07 +0100
From: Samu <samu@linuxasylum.net>
To: vuln-dev@securityfocus.com
Subject: Re: luser beeing able to kill random root owned procs (linux 2.2.20) ?
Message-ID: <20011110181107.A7598@linuxasylum.net>

On Fri, Nov 09, 2001 at 04:55:52PM -0800, rpc wrote:
> On Wed, 1 Jan 1997, Ralf Dreibrodt wrote:
> > Hi,
> > >while running "vi `perl -e 'print "." x 90000000'`" on
> > >a 2.2.20 linux kernel as a normal user, I've noticed:
> > >forsaken:~$ dmesg
> > >VM: killing process snmpd
> > >forsaken:~$ uname -rs
> > >Linux 2.2.20
> > >snmpd was running as root (this machine has 64MBytes of RAM)
> > the user is not allowed to kill a process owned by root, the user is allowed
> > to use all RAM (and probably swap).
> >
> > you can test whether he is allowed to and what will happen, when you execute
> > something like this:
> >
> > while true; do temp=$(echo temp$temp$temp$temp); done
>
> No, this is an artifact of Rik van Riel's OOM (out of memory) Kill code of
> the linux VM. When system resources are low, a process is chosen with a
> 'badness' algorithm (oom_kill.c in the kernel source tree).

it always a good idea to set system limit per users (ulimit) which lets
you to avoid DOS from local user: for example there was this beautifoul piece
of code on to an attachment of a guy ... :(){:|:&};: which cause to gain all system resources and freeze your machine ... . with ulimit you can avoid problems depended from ppl trying to catch all system resources and so avoid that problem you specify.

Samuele

-- 
Samuele Tonon  <samu@linuxasylum.net>   http://www.linuxasylum.net/~samu/
          	Acid -- better living through chemistry.
			       Timothy Leary