Re: [2.4.18] Security: Process-Killer if machine get's out of memory

Andreas Hartmann (
Sun, 24 Mar 2002 19:37:20 +0100

Christian Bornträger wrote:
> Rik van Riel wrote:
>>On Sun, 24 Mar 2002, Roy Sigurd Karlsbakk wrote:
>>>Would it hard to do some memory allocation statistics, so if some
>>>process at one point (as rsync did) goes crazy eating all memory, that
>>>would be detected?
>>No. What I doubt however is whether it would be worth it,
>>since most machines never run OOM.
> Well, I think could be worth in terms of security, because a local user could
> use a bad memory-eating program to produce an Denial of Service of other
> processes.

That's what I fear.

Take the actual example. You've running a server on which people can
connect with rsync. Somebody breaks off rsync - and the rsync-process on
the server is getting crazy - that's the situation, I described at the

Now, the httpd-process on the server is killed, the named, ... .

It's a perfect DOS-attack.

Andreas Hartmann

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
More majordomo info at
Please read the FAQ at