I don't give too much attention to DoS attacks that need full local accounts.
Just yesterday, I made my system unusable by starting ~300 sa-learn processes in parallel. I was not able to use the console any more, and could not log in from remote to kill those processes. I waited a full hour to check if the system consolidate itself until I pressed the reset button.
As long as simple starts of too many processes can bring down the system, we don't need special means for those local-user DoS attacks. Just a shell is enough. :-(
That's an 2.6.8 SUSE-kernel, by the way. Oh yes, and that's one area where advantages in Linux would be great. On my Solaris box, I can start thousands of processes and then I can still login and kill them if necessary.
Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds