Fork bombing a Linux machine as a non-root user

Les Mikesell lesmikesell at gmail.com
Sun Mar 20 00:53:03 UTC 2005 

On Sat, 2005-03-19 at 13:36, David Curry wrote:
> Discussion in this thread frequently reflected an unwarranted, 
> underlying assumption.   Namely, that linux/unix experts are intalling 
> the OS, know how the system will be used, and act immediately after 
> installation to reset default installation resource limits to 
> appropriate levels. It is obvious to me from thread discussion that that 
> assumption is invalid. 

No, the assumption is that the person installing the OS, expert or
not, knows more about it's capabilities than the person who
built the distribution that will run on anything from a P100
or less to a multi-cpu, multi-Ghz box.  The other assumption
is that the person who adds logins and and gives out passwords
to others knows more about whether their access to certain
resources should be limited or if they can be trusted to
use the full power of the box.

>  Rather the discussion suggests many/some 
> respondents had the author's (and my) grasp of the resource limit 
> issue.  It is past time for the linux enthusiats touting linux as more 
> secure than windows to get acquainted with the result of parsing the 
> word assume into ass-u-me!

You are the one making the wrong assumption if you think the OS
distributors know more about how *your* PC's resources should be
used or how much you trust the other users on your machine.

> How many people on this list purchase automobiles with the expectation 
> of sitting in the driver's seat, turning the ignition key and start 
> forward at full throttle with windshield wipers on, head lights on at 
> high beam and the sound system blaring at top volume?  I predict the 
> answer to that question is zero!

Automobiles do nothing to stop you from driving into a brick wall
at full speed if you choose to do so.  Likewise your OS won't
(and shouldn't, by default) second-guess your decision to 
start an inefficiently large number of processes. In both cases
there are any number of ways to learn better practices.

Giving  passwords to others to use your system is very much like
giving out the keys to your car.  If you don't trust someone to
use it wisely, either don't do it or learn how to control what
they can do first.  Note that 'fork bombs' don't happen by
accident and require login/password access to be given to the
person that can set them off.   In the same way that you are
the only one who can decide who you trust to drive your car,
you are the only one who can decide how to issue can control
logins for others on your computer - and if you crash it yourself
it doesn't make any sense to blame someone else.

-- 
  Les Mikesell
    les at futuresource.com

More information about the fedora-list mailing list