Attached is a trivial Linux-2.2.12 patch wich adds add a procfs entry
for tuning the limit of shared memory allocable.
/proc/sys/kernel/shmmax Max number of shared memory pages
Attached is also a small hack for freeing unreferenced shared memory
pages and printing interesting details of available shared memory
segments (such as who created the segment, and when).
I am assuming others have made similar patches and tools before, but no
effective limit on shared memory exists in base Linux-2.2.12.
--
Henrik Nordstrom
Robert 'Shadow' Paj1k wrote:
[snip]
> Raport title : Shared Memory DoS - IPC vulnerability (Linux
> abuse as example)
> Problem found by : Robert Pajak (shadow@security.kki.pl),
> probably other ppl found that first - one of them is
> lcamtuf, Solar Designer is probably other...
[snip]
> This is due to fact that shared memory segments can exist without
> beeing bind with processes. To protect you should diable this
> operations, or use Solar Designer's stack patch with limits set,
> etc...
[snip]
