System bus denial-of-service
Sean Meiners
Sean.Meiners at linspireinc.com
Mon Jun 20 15:22:33 PDT 2005
Sorry for sending to messages in a row, but it just didn't seem right to
combine them.
While attempting to track down some memory leaks in my application I found
something that you may agree is a bit worrisome. It seems that it's
relatively easy to cause a denial-of-service attack on the system bus. With
a small amount of code (see attached) I can cause method calls made by other
apps on the same bus to fail with this error: 'The maximum number of pending
replies per connection has been reached' until the attack is stopped. On a
multi-user system this could be a big problem.
PS: There is also an interesting side-effect in that the dbus-daemon quickly
jumps to using ~76MiB of resident memory and stays there, even after the
attack has ended. While it's great that the daemon caps it's own memory
usage, it would be even better if it released it as well.
--
Sean Meiners
Sean.Meiners at LinspireInc.com
Perl - $Just @when->$you ${thought} s/yn/tax/ &couldn\'t %get $worse;
-------------- next part --------------
A non-text attachment was scrubbed...
Name: attack.py
Type: application/x-python
Size: 351 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/dbus/attachments/20050620/66a6cedc/attack.bin
More information about the dbus
mailing list