Security Through "Secure"

by kasper

Secure monitors your memory and CPU usage on all programs retrieved from ps aux.  It writes them to a temporary file (/tmp/.pstab), then parses the data from it and determines whether it is exceeding the limit or not.  Set your CPU/MEM limits on lines 76 & 77.  I added a dontkill table so if you have some software like RC5 that uses a lot of CPU or MEM and you don't want it killed, just add it to the dontkill table on line 79.  You can add as many dontkill's as desired.  If the program is not in dontkill and its CPU or MEM exceeds the given limit it will kill -9 the PID.  It parses the ps aux table on a one second interval.

What Good is Secure?

Secure is useful in protecting yourself from possible loop-bugs.  Constant loops like the infamous fork() loop would be killed with secure.  And if someone on your system is using up your memory the program will be removed by secure.  In other words, it just makes your life a little easier.

Testing

Secure was tested on various Linux machines running the Slackware distribution on the 2.0.33 kernel, compiled with GCC version 2.7.2.3.  The average constant CPU/MEM on our tested machines for secure was CPU: 0.3 MEM: 2.0.  The 2.0 memory is primarily because of our fopen() to /tmp/.pstab.  If need be, report any questions/comments regarding it to kasper@supernova.digital-galaxy.net

Known Bugs

Because of the interval every once in a while it may error "unable to load interpreter."  If it doesn't load the pstab then it will respawn until it does.  In some of our testing the interpreter bug did not occur.

Misc. Information

You might want to add local commands like locate and ls, because if locate or ls displays (prints to standard output) for over a second, which would have the CPU at 99.9, it will be killed.

Warning

I'm not sure, but if tested on other operating systems other than Linux, secure may turn on you and may do some damage.  By compiling this source code you agree that if harm is caused because of secure, I cannot be held responsible for the damages.  Erm.

/* keep your self secure * secure monitors the PIDs on a 1 second basis ... * secure looks at the CPU and MEM count and if its above its desired * level it kills the process, I think the code should be cleaned up, * but for now, oh whell. :D * -kasper */ #include <stdio.h> #include <stdlib.h> #define CPULIMIT 90 #define MEMLIMIT 90 char *dontkill[] = { "", "" }; void parse_pstab(char pstab[]); void do_pstab(); int checkfontkill(char name[]); int checksize_for_dontkill(); void main() { if (fork() > 0) exit(0); do_pstab(); } void do_pstab() { char pstab[1024]; FILE *pst; our_loop: system(">/tmp/.pstab ps aux"); if (!(pst = fopen("/tmp/.pstab", "r"))) main(); while (!(feof(pst))) { fgets(pstab, sizeof(pstab), pst); parse_pstab(pstab); } sleep(1); fclose(pst); goto our_loop; } void parse_pstab(char pstab[]) { char who[16]; char pid[8]; char cpu[8]; char mem[8]; char none[8]; char name[16]; sscanf(pstab, "%s %s %s %s %s %s %s %s %s %s %s", name, pid, cpu, mem); if (check_dontkill(name)) kill(atoi(pid), 9); } int check_dontkill(char name[]) { int i = 0; while (1 < checksize_for_dontkill()) { if (check_dontkill(name)) i++; } return (1); } int checksize_for_dontkill() { int i = 0; while (1) { if (dontkill[i] != NULL) i++; else return (-1); } }

Code: secure.c