Re: forkbombing Linux distributions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 2005-03-23 at 15:27 +0100, Max Kellermann wrote:
> On 2005/03/23 15:23, Natanael Copa <[email protected]> wrote:
> > On Wed, 2005-03-23 at 14:53 +0100, Max Kellermann wrote:
> > > The number of processes is counted per user, but CPU time and memory
> > > consumption is counted per process.
> > 
> > So limiting maximum number of processes will automatically limit CPU
> > time and memory consumption per user?
> 
> No. I was talking about RLIMIT_CPU and RLIMIT_DATA, compared to
> RLIMIT_NPROC. RLIMIT_NPROC limits the number of processes for that
> user, nothing else (slightly simplified explanation).

Yes, but if 
RLIMIT_NPROC is per user and RLIMIT_CPU is per proc

the theoretical CPU limit per user is RLIMIT_NPROC * RLIMIT_CPU. So if
you half the RLIMIT_NPROC you will half the theoretical maximum CPU
limit per user.

Same with memory.

I don't know if that really solves anything, but a misbehaving process
(fork bomb) would need to consume the double RAM or CPU to do the same
"damage" if RLIMIT_NPROC is halved.

--
Natanael Copa


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux