254 Security
of-service attacks. Unix was created in a research environment in which it
was more important to allow users to exploit the computer than to prevent
them from impinging upon each other’s CPU time or file allocations.If you have an account on a Unix computer, you can bring it to a halt by
compiling and running the following program:
main()
{
while(1){
fork();
}
}This program runs the fork() (the system call that spawns a new process)
continually. The first time through the loop, a single process creates a clone
of itself. Next time, two processes create clones of themselves, for a total of
four processes. A millimoment later, eight processes are busy cloning
themselves, and so on, until the Unix system becomes incapable of creating
any more processes. At this point, 30 or 60 different processes are active,
each one continually calling the fork()system call, only to receive an error
message that no more processes can be created. This program is guaran-
teed to grind any Unix computer to a halt, be it a desktop PC or a Unix
mainframe.You don’t even need a C compiler to launch this creative attack, thanks to
the programmability of the Unix shell. Just try this on for size:
#!/bin/sh
$0 &
exec $0Both these attacks are very elegant: once they are launched, the only way to
regain control of your Unix system is by pulling the plug because no one
can run the ps command to obtain the process numbers of the offending
processes! (There are no more processes left.) No one can even run the su
command to become Superuser! (Again, no processes.) And if you are
using sh, you can’t even run the kill command, because to run it you need
to be able to create a new process. And best of all, any Unix user can
launch this attack.(To be fair, some versions of Unix do have a per-user process limit. While
this patch prevents the system user from being locked out of the system
after the user launches a process attack, it still doesn’t prevent the system
from being rendered virtually unusable. That’s because Unix doesn’t have