Re: luser beeing able to kill random root owned procs (linux 2.2.20) ?

From: Samu (samu@linuxasylum.net)
Date: 11/10/01


Date: Sat, 10 Nov 2001 18:11:07 +0100
From: Samu <samu@linuxasylum.net>
To: vuln-dev@securityfocus.com
Subject: Re: luser beeing able to kill random root owned procs (linux 2.2.20) ?
Message-ID: <20011110181107.A7598@linuxasylum.net>

On Fri, Nov 09, 2001 at 04:55:52PM -0800, rpc wrote:
> On Wed, 1 Jan 1997, Ralf Dreibrodt wrote:
> > Hi,
> > >while running "vi `perl -e 'print "." x 90000000'`" on
> > >a 2.2.20 linux kernel as a normal user, I've noticed:
> > >forsaken:~$ dmesg
> > >VM: killing process snmpd
> > >forsaken:~$ uname -rs
> > >Linux 2.2.20
> > >snmpd was running as root (this machine has 64MBytes of RAM)
> > the user is not allowed to kill a process owned by root, the user is allowed
> > to use all RAM (and probably swap).
> >
> > you can test whether he is allowed to and what will happen, when you execute
> > something like this:
> >
> > while true; do temp=$(echo temp$temp$temp$temp); done
>
> No, this is an artifact of Rik van Riel's OOM (out of memory) Kill code of
> the linux VM. When system resources are low, a process is chosen with a
> 'badness' algorithm (oom_kill.c in the kernel source tree).

it always a good idea to set system limit per users (ulimit) which lets
you to avoid DOS from local user: for example there was this beautifoul piece
of code on to an attachment of a guy ... :(){:|:&};: which cause to gain all system resources and freeze your machine ... . with ulimit you can avoid problems depended from ppl trying to catch all system resources and so avoid that problem you specify.

Samuele

-- 
Samuele Tonon  <samu@linuxasylum.net>   http://www.linuxasylum.net/~samu/
          	Acid -- better living through chemistry.
			       Timothy Leary



Relevant Pages

  • Re: Trying out Linux for newbie
    ... mplayer seems to use windows codec.s Ask microsoft. ... > Does Linux play DVD films? ... Kill the app using "kill". ...
    (alt.os.linux)
  • Re: OT: Ping eeePC owners
    ... released it will probably kill the Linux versions (I think I read it ... If you stick with Linux 4GB is absolutely fine, ... MacBook is taking a bit of a pounding. ... MacBook as a 3G to Wifi router, so I can grab work emails when in hotels ...
    (uk.comp.sys.mac)
  • Re: CD writer is burning with open tray
    ... > machine and you need a disc removed from it. ... Actually that is not quite true under Linux in all circumstances. ... I've sent a kill -9 to ... Ejecting the disc with needle in emergency eject hole always made Linux give up ...
    (Linux-Kernel)
  • Re: How to kill hidden winlogon processes
    ... | I know you are only trying to help, but this is a theory question. ... | the virtual machine looks like a single file to Linux. ... and kill or suspend them to kill a given process. ...
    (microsoft.public.windowsxp.general)
  • Re: ending wget ??
    ... I used this while the terminal window was ... > and if it is still running, how I end (kill) that particular process? ... amazed at the power of the command line once you start learning it. ... Never will in Linux. ...
    (alt.os.linux.suse)