bug-bash
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: The memory occupied by bash has been increasing due to the fork bomb

From: zju
Subject: Re: The memory occupied by bash has been increasing due to the fork bomb
Date: Sat, 11 Mar 2023 10:50:21 +0800 

> 2023年3月11日 06:17,Chet Ramey <chet.ramey@case.edu> 写道:
> 
> On 3/10/23 11:37 AM, zju wrote:
> 
>> I have already set the maximum number of processes available to a single 
>> user "ulimit -Su”.
>> But the memory occupied by bashes were increasing all the time which would 
>> call oom.This is the key issue.
> 
> If you don't see an error message from bash about fork failing, then fork
> hasn't failed, and the processes continue to run.
> 
> -- 
> ``The lyf so short, the craft so long to lerne.'' - Chaucer
>                ``Ars longa, vita brevis'' - Hippocrates
> Chet Ramey, UTech, CWRU    chet@case.edu    http://tiswww.cwru.edu/~chet/

Thanks for you reply:

I want to express this problem more clearly:

1.I set "ulimit -Su 30” to observe the situation;

2.exec
1.Actually there are many error messages already.
-bash: fork: retry: Resource temporarily unavailable
-bash: fork: retry: Resource temporarily unavailable

2.exec fork book in bash
[parallels@fedora ~]$ :() { :|:& };

3.The following error will appear soon
-bash: fork: retry: Resource temporarily unavailable
-bash: fork: retry: Resource temporarily unavailable

4.And I observe the situation in other terminal.
As you can see. The process 250229(bash) continues to pull new child processes 
which the rss is larger than the old process(2096->2112). So the memory 
occupied by the bashes keep growing even though the num of bash processes is 
the same, if 8M is occupied by each bash process, there maybe 4G occupied by 
500 bash processes totally.

And as the memory occupied by each bash process is not enough, the oom killer 
would not take bash as the first target to kill.

So is it possible to optimize the continuous growth of memory occupied by child 
processes?

> In regard to OOM, if the goal is to prevent fork bombs, the system
> administrator would need to set a hard limit on "ulimit -u", “The
> maximum number of processes available to a single user" as well as
> "ulimit -d", "The maximum size of a process's data segment". Changing
> the behavior of bash alone could not prevent an attacker from forcing
> OOM, it would just require the attacker to be more sophisticated.

Or is there anyway to avoid this problem?
As I used to use ulimit -Su to limit the process on bash-5.0 which dosen’t work 
now.
I doubt that whether Worley said using "ulimit -d” with "ulimit -u” could avoid 
this problem as the rss maybe occupied by the stack rather than the data 
segment?

Looking forward to your reply!


[root@fedora ~]# ps aux | grep bash | grep paralle

paralle+  250229  0.0  0.1 224500  3828 pts/0    S+   09:39   0:00 -bash

paralle+  255620  0.0  0.1 224368  2096 pts/0    S    10:10   0:00 -bash

paralle+  255621  0.0  0.1 224368  2096 pts/0    S    10:10   0:00 -bash

paralle+  255622  0.0  0.1 224368  2096 pts/0    S    10:10   0:00 -bash

paralle+  255623  0.0  0.1 224368  2096 pts/0    S    10:10   0:00 -bash

paralle+  255624  0.0  0.1 224368  2096 pts/0    S    10:10   0:00 -bash

paralle+  255625  0.0  0.1 224368  2096 pts/0    S    10:10   0:00 -bash

paralle+  255626  0.0  0.1 224368  2096 pts/0    S    10:10   0:00 -bash

paralle+  255627  0.0  0.1 224368  2096 pts/0    S    10:10   0:00 -bash

paralle+  255628  0.0  0.1 224368  2104 pts/0    S    10:10   0:00 -bash

paralle+  255629  0.0  0.1 224368  2096 pts/0    S    10:10   0:00 -bash

paralle+  255630  0.0  0.1 224368  2104 pts/0    S    10:10   0:00 -bash

paralle+  255631  0.0  0.1 224368  2100 pts/0    S    10:10   0:00 -bash

paralle+  255632  0.0  0.1 224368  2100 pts/0    S    10:10   0:00 -bash

paralle+  255633  0.0  0.1 224368  2100 pts/0    S    10:10   0:00 -bash

paralle+  255634  0.0  0.1 224368  2096 pts/0    S    10:10   0:00 -bash

paralle+  255635  0.0  0.1 224368  2096 pts/0    S    10:10   0:00 -bash

paralle+  255636  0.0  0.1 224368  2096 pts/0    S    10:10   0:00 -bash

paralle+  255637  0.0  0.1 224368  2096 pts/0    S    10:10   0:00 -bash

paralle+  255638  0.0  0.1 224368  2096 pts/0    S    10:10   0:00 -bash

paralle+  255639  0.0  0.1 224368  2096 pts/0    S    10:10   0:00 -bash

paralle+  255640  0.0  0.1 224368  2096 pts/0    S    10:10   0:00 -bash

paralle+  255641  0.0  0.1 224368  2096 pts/0    S    10:10   0:00 -bash

paralle+  255642  0.0  0.1 224368  2096 pts/0    S    10:10   0:00 -bash

paralle+  255643  0.0  0.1 224368  2096 pts/0    S    10:10   0:00 -bash

paralle+  255644  0.0  0.1 224368  2096 pts/0    S    10:10   0:00 -bash

paralle+  255645  0.0  0.1 224368  2096 pts/0    S    10:10   0:00 -bash

paralle+  255646  0.0  0.1 224368  2096 pts/0    S    10:10   0:00 -bash

paralle+  255647  0.0  0.1 224368  2096 pts/0    S    10:10   0:00 -bash

paralle+  255648  0.0  0.1 224368  2104 pts/0    S    10:10   0:00 -bash

[root@fedora ~]# ps aux | grep bash | grep paralle

paralle+  250229  0.0  0.1 224500  3828 pts/0    S+   09:39   0:00 -bash

paralle+  255708  0.0  0.1 224368  2108 pts/0    S    10:10   0:00 -bash

paralle+  255709  0.0  0.1 224368  2108 pts/0    S    10:10   0:00 -bash

paralle+  255712  0.0  0.1 224368  2112 pts/0    S    10:10   0:00 -bash

paralle+  255716  0.0  0.1 224368  2112 pts/0    S    10:10   0:00 -bash

paralle+  255723  0.0  0.1 224368  2112 pts/0    S    10:10   0:00 -bash

paralle+  255724  0.0  0.1 224368  2112 pts/0    S    10:10   0:00 -bash

paralle+  255726  0.0  0.1 224368  2112 pts/0    S    10:10   0:00 -bash

paralle+  255728  0.0  0.1 224368  2116 pts/0    S    10:10   0:00 -bash

paralle+  255729  0.0  0.1 224368  2112 pts/0    S    10:10   0:00 -bash

paralle+  255730  0.0  0.1 224368  2116 pts/0    S    10:10   0:00 -bash

paralle+  255731  0.0  0.1 224368  2112 pts/0    S    10:10   0:00 -bash

paralle+  255733  0.0  0.1 224368  2116 pts/0    S    10:10   0:00 -bash

paralle+  255735  0.0  0.1 224368  2116 pts/0    S    10:10   0:00 -bash

paralle+  255736  0.0  0.1 224368  2112 pts/0    S    10:10   0:00 -bash

paralle+  255737  0.0  0.1 224368  2112 pts/0    S    10:10   0:00 -bash

paralle+  255738  0.0  0.1 224368  2112 pts/0    S    10:10   0:00 -bash

paralle+  255739  0.0  0.1 224368  2112 pts/0    S    10:10   0:00 -bash

paralle+  255740  0.0  0.1 224368  2116 pts/0    S    10:10   0:00 -bash

paralle+  255741  0.0  0.1 224368  2112 pts/0    S    10:10   0:00 -bash

paralle+  255742  0.0  0.1 224368  2116 pts/0    S    10:10   0:00 -bash

paralle+  255743  0.0  0.1 224368  2112 pts/0    S    10:10   0:00 -bash

paralle+  255744  0.0  0.1 224368  2116 pts/0    S    10:10   0:00 -bash

paralle+  255745  0.0  0.1 224368  2112 pts/0    S    10:10   0:00 -bash

paralle+  255746  0.0  0.1 224368  2116 pts/0    S    10:10   0:00 -bash

paralle+  255747  0.0  0.1 224368  2112 pts/0    S    10:10   0:00 -bash

paralle+  255748  0.0  0.1 224368  2112 pts/0    S    10:10   0:00 -bash

paralle+  255749  0.0  0.1 224368  2120 pts/0    S    10:10   0:00 -bash

paralle+  255750  0.0  0.1 224368  2112 pts/0    S    10:10   0:00 -bash

paralle+  255751  0.0  0.1 224368  2120 pts/0    S    10:10   0:00 -bash
reply via email to
[Prev in Thread] Current Thread [Next in Thread]