Re: forkbombing Linux distributions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Natanael Copa napisał(a):
On Thu, 2005-03-31 at 01:46 +0200, Felipe Alfaro Solana wrote:

On Mon, 28 Mar 2005 19:28:20 +0200, Matthieu Castet
<[email protected]> wrote:

The memory limits aren't good enough either: if you set them low
enough that memory-forkbombs are unperilous for
RLIMIT_NPROC*RLIMIT_DATA, it's probably too low for serious
applications.

yes, if you want to run application like openoffice.org you need at
least 200Mo. If you want that your system is usable, you need at least 40 process per user. So 40*200 = 8Go, and it don't think you have all this memory...

I think per user limit could be a solution.

attached a small fork-memory bombing.

Doesn't do anything on my machine:

# ulimits -a

...


it tops at 100 processes and eats a little CPU... although the system
is under load, it's completely responsive.


100 processes is low. I often have over 150.

On desktop system 150 processes is low too. 250 is safe and sufficient value.

I use the patch mentioned here:
http://marc.theaimsgroup.com/?l=linux-kernel&m=111209980932023&w=2
(it set the default max_threads and RLIMIT_NPROC to half of the current
default)

and my system survived.

Hmmm....my didn't when nearly all users start forkbombing!

I think that changing the default max_threads is not a good idea. It might solve many problems but forkbombing require something more universal.

	Jacek
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux