Re: forkbombing Linux distributions

From: Peter Chubb
Date: Sun Mar 20 2005 - 22:30:16 EST

Next message: Richard Henderson: "Re: 2.6.11.3 build problem in arch/alpha/kernel/srcons.c with gcc-4.0"
Previous message: William Beebe: "Re: forkbombing Linux distributions"
In reply to: William Beebe: "Re: forkbombing Linux distributions"
Next in thread: Grant Coady: "Re: forkbombing Linux distributions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>>>>> "William" == William Beebe <wbeebe@xxxxxxxxx> writes:

William> Sure enough, I created the following script and ran it as a
William> non-root user:

William> #!/bin/bash $0 & $0 &

There are two approaches to fixing this.
1. Rate limit fork(). Unfortunately some legitimate usges do a lot
of forking, and you don't really want to slow them down.
2. Limit (per user) the number of processes allowed. This is what's
currently done; and if you as administrator want to you can set
RLIMIT_NPROC in /etc/security/limits.conf

On an almost-single-user system such as most desktops, there isn't much
point in setting this. On shared systems, it can be useful.

--
Dr Peter Chubb http://www.gelato.unsw.edu.au peterc AT gelato.unsw.edu.au
The technical we do immediately, the political takes *forever*
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Richard Henderson: "Re: 2.6.11.3 build problem in arch/alpha/kernel/srcons.c with gcc-4.0"
Previous message: William Beebe: "Re: forkbombing Linux distributions"
In reply to: William Beebe: "Re: forkbombing Linux distributions"
Next in thread: Grant Coady: "Re: forkbombing Linux distributions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]