[2439] in linux-security and linux-alert archive
Re: Problem with red hat 6.1
daemon@ATHENA.MIT.EDU (Martin Macok)
Fri Dec 1 09:07:54 2000
Date: Thu, 30 Nov 2000 17:30:05 +0100
From: Martin Macok <martin.macok@underground.cz>
To: nayakvinod <nayakvinod@hotmail.com>
Cc: linux-alert@redhat.com
Message-ID: <20001130173005.C10663@sarah.kolej.mff.cuni.cz>
Mail-Followup-To: nayakvinod <nayakvinod@hotmail.com>,
linux-alert@redhat.com
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-2
Content-Disposition: inline
In-Reply-To: <OE48jQHtMFaukyCKDkb00003ad1@hotmail.com>; from nayakvinod@hotmail.com on Wed, Nov 29, 2000 at 11:27:00AM +0530
Content-Transfer-Encoding: 8bit
Errors-To: linux-alert-admin@redhat.com
On Wed, Nov 29, 2000 at 11:27:00AM +0530, nayakvinod wrote:
> I login as an ordinary user and did as follows( in fact I wrote a
> faulty shell program and put it in a directory in PATH):
[ simple fork bomb ]
> This system crashed after giving messages like:
>
> syslog: Out of memory
> init: out of memory
>
> First I suspected that the problem is in kernel2.2.12. But when I
> booted RED hat 6.2 with this kernel and run the same culprit shell
> prog, the process terminated with the messge: bash: Out of memory!
> which it should do. Vinod Nayak
(You have booted same kernel under RH6.1 and RH6.2 and it behaves
different? Maybe the system wasn't in a same state and kernel decided to
kill something else (bash) in second case ... or RH6.2 was configured
properly with user limits ...)
Local user can almost always stress the system up (or eating too much
system resources) to make the system unusable (even with ulimits). You
(admin) should make it harder by tightening per user/per group limits.
See setrlimit(2), ulimit(3) and bash(1) man pages.
See /etc/security/limits.conf, I have something like this:
ftp hard nproc 0
@extern - maxlogins 4
@extern hard nproc 30
@extern hard rss 40000
@extern hard priority 5
guest hard priority 10
(Users that I don't trust are in group 'extern').
If you are concerd about kernel (how it works and what it should do in
such situatins) search "OOM" and "OOM killer" in linux-kernel mailing
list archives or kernel-traffic (http://kt.linuxcare.com/).
Before you study some problem with kernel always try latest kernel.
2.2.12 is definitely buggy (capabilities bug, tcp memory leak, memory
management problems). 2.2.17 (or latests 2.2.18pre?) should be much
better.
Have a nice day
(Hint: insert some ulimit into netscape's starting scripts, protect
yourself ;-)
--
< Martin Mačok .-= martin.macok@underground.cz =-. < iso-8859-2 >
\\. http://kocour.ms.mff.cuni.cz/~macok/ http://underground.cz/ .//
\\\.. `-= t.r.u.s.t n.0 o.n.e =-' ..///
_______________________________________________
Linux-alert mailing list
Linux-alert@redhat.com
https://listman.redhat.com/mailman/listinfo/linux-alert
