The user under consideration is by vast consensus considered an arrogant, unbearable idiot.

Why not approach this idiot, and/or his boss, and resolve the matter. If he has the right to burn CPU cycles on these machines, leave him alone. If not, either nice his processes or cancel his authorization to use these machines.

If it's cool to you then it is CUFP. That's just the way art is. Some like it, some don't.

TY! I hope that more people would have got the irony behind this thing...

Why did you choose to fork instead of maybe trying to nice down his processes as low as possible? You

That's more or less a long story, so I'll tell you one of those anecdotes I've avoided up until now... this guy at times is running some numerical simulation programs of his own. So every now and again you do log on a machine and notice that it is particularly slow. You launch 'top' and you notice an 'a.out' of his own taking as high as 98% of the CPU. He often does this on more than half of the most performant machines at a time.

By the end of August he's been noticed running one of these simulations on the server!! At this point a friend of mine who happens to be one of the sysadmins too wrote him an email kindly (no sarcasm intended this time: he's really a pleasant and kind person!) asking him to stop doing so and use one of the clients instead. And he didn't get any answer...

Exactly one month later I was running a somewhat CPU intensive program of my own ("of course" it was in perl and it was... ehm for a JAPH, see Re^2: My 1st post (japh) for more info). I would like to stress that I had carefully made sure that (i) no more than one instance of it could ever run on each node, (ii) it was launched with nice 18, (iii) it correctly trapped signals to be stopped at any time if needed.

I must say that a few users noticed my process running in the background, and indeed one of them asked me (in other words, but the sense was this) if I were stealing computing power away from him. I gently explained him that at nice 18 I was only using a small fraction of the CPU's resources and that he could run all of the programs he liked. I must admit that I was slightly disappointed by receiving his mail, but all in all he was honest and smart enough to accept my answer. Also, he was sensible enough to talk me face to face.

At this point do you guess what happened? The other guy answered the mail he had not answered for a month. This is what he wrote, in his typical attitude (that I can only partly translate into English, the original text is Italian):

I didn't know that *** was the server, it seemed to be only virgin land where to run my processes. I'll set out for foreign's country.

What do you think, instead, about imposing some rules to limit savage running on part of some users (like *** -Note: that's my username- who currently occupies almost all of the good machines (*** -Note: snip list-) with processes that often last for weeks.

I'm not saying that if everybody were just as reckless (even if I'm noticing as a pleasant surprise that he has discovered 'nice' since a few days ago) as he his it would be catastrophic, but two of them would be enough.

I snip the rest, but it's along the same lines. Needless to say, the sysadmins solidarized with me, I was sent a copy of this mail and answered him personally, telling him what I thought of him, etc.

could even add that to his .profile or add an if to the system wide profile. Instead of forking you

But I do not have superuser powers (even if I've been a sysadmin here too, in the past). But then even if had them, I really would consider it to be unethical to use them for this sort of personal revenge: I could never ever do anything like that.

could gobble up as much memory as possible then release it on his logout? Or finding their ip address and flooding it with useless udp packets? I ask because

Yes, I could have done something like this too. But this was also an excuse to find a motivation to deepen my knowledge of signal trapping and process management programming techniques.

I want him to log into a machine and see its load get as high as 100, launching top or ps and see more than a hundred processes of mine, all of which, BTW, have the same name as his login...

Yes: this is not really a malicious program, but it is definitely a means of making fun of him! Of course I will remove it after his first angry mail...

slowing the entire machine down would seem to cause you problems as well as him...

Not at all. The one and only possible (but unprobable!) damage for any other user could be a noticeable delay when trying to log into a machine. But as soon as they succeed in logging in (and they do!), the load will decrease rapidly.

Has it ever gotten out of control and overrun your machine? Just wondering :-) Hope your friend doesn't read perlmonks.

Nope, it has never got out of control. Also, he's not my friend. He's an idiot (and an idiot with an attitude too), period. And I couldn't care less if he read this: I already told him what I think of him, and many others did too.

You mention in another post that attempts to login to the server are "bounced" to one of the clients. Not sure how you accomplish this, but it would be interesting to force this guy to one single node no matter where he logs in. With ssh keys setup, you could automatically ssh him to the same server every other node :-) He would login, start his a.out, login to another machine, start his a.out, and would just be competing for cpu against himself.

I was going to suggest renaming your perl to a.out so that it appeared to be his code, but when I realized your program was named after his login I was ROFL.

read directly the code to find what it does:

Why are you wasting our time with a code submission if you aren't going to describe it? I don't know what it is and I don't know why should I care! I'm not going to waste my time figuring it out, and I'm sure as hell not going to run the code on my machine when it seems like its some sort of DDoser. --.

read directly the code to find what it does:

Why are you wasting our time with a code submission if you aren't going to describe it? I don't know what it is and I don't know why should I care! I'm not going to waste my time figuring it out, and I'm sure as hell not going to run the code on my machine when it seems like its some sort of DDoser.

I sincerely apologize: had I known the consequences of this post of mine I would have never ever submitted it.

I thought that the code would have been both (fundamentally) self explanatory and also kinda funny because of the expressive names given to variables and subs.

However you're right: it's some sort of DoSer, but for quite a relaxed meaning of the term. In fact it does NOT do DoS, "only" it puts the machine under heavy load iff a condition is realized, precisely that a certain user is logged.

As was implicitly implied, it would be natural to consider this "project" unethical rather than ethical as stated... however let me explain: this particular user is an unbearable arrogant idiot.

I could exhibit tons of anecdotes to support the claim above, and I'm sure that in the end you would fundamentally agree with me. However I fear that this would be OT here.

For those who want to know, this program sits down sleeping most of the time checking who is locked on the machine it's running on. If all the users are "bad", then it starts an harassing phase by forking 127 copies of itself each of which will basically just do rand() all of the time. The original copy continues to check who is logged and if the harassing condition does not hold any more (e.g. a "normal" user logs in) then it kills all the harassing copies and turns back to the "waiting in the shadow" phase.

One flaw with your strategy is that if 127 forks causes enough of a slowdown, other users may be unable to log in at all, thus the DOS criteria would never be broken, and the machine would forever stay in DOS mode (as long as the baddies are logged in). This problem would be accentuated if a system cron job suddenly started the weekly backup to DVD-ROM or tape drive (or whatever) at the same time that the DOS mode was active. The combination of the two heavy loads would bring the server to its knees to the point that the only hope would be rebooting.

If the person operating the server has a problem with some of its users, perhaps he (the system adminstrator) could set some policies that either restrict their bad behavior, or that make the place no fun for baddies. Once the policy is violated, there'll be legitimate reason to show them the one way exit door. In other words, he should grow a backbone and not ask one of his other users to sabbotage his system as a childish expression of disapproval of one or more of its users.

Your post sparked a big debate between at least one of the Janitors and an individual who believed the post should be reaped. Frankly, if it had been considered for reaping due to malicious or dangerous content, rather than for being useless, it probably would have been reaped. We don't reap for uselessness, but we do for posts that are dangerous.




Dave

Alright, that's cool, but why didn't you post that to begin with? I immediately caught what you meant by "ethical", and I immediately saw what the program did. I can't possibly fathom why the node approver didn't see that.

Anything suspected to be malicious does NOT go over well here. In the olden days, a thread like this would have been nuked - that means it wouldn't even go under the normal review process to be deleted, with a record of it remaining. The admins would make it just *disappear*. Its happened to me before, a few years ago over what I thought was some innocent networking code. (This node wasn't deleted under the normal review process because I was pretty sarcastic in my consideration - I often forget that people here don't get sarcasm. It kind of sucks for you, the rep would have probably wouldn't have gone under a -5 if it had been reaped.

Anyways, the quality of the code isn't too shabby. Lurk a bit, and don't try to imply that you're some sort of cracker next time, ok? :)

Hey, PAY attention, HE SAID HELL!!!

UM...

.{\('v')/}
_`(___)' __________________________
Wherever I lay my KNOPPIX disk, a new FREE LINUX nation could be established.