On 5/18/07, Anand Jahagirdar <[email protected]> wrote:
Hello All
I tried to execute a program which creates 8152 process.(
i=0; while( i<14) i++ fork(); ) with ulimit 8200. This program
created 8152 processes and then stopped and came back to command
prompt. this proves that my machine do have sufficient resources to
create 8000 processes.
I found one more interesting thing on the same machine
having FC6 distribution and Linux Kernel 2.6.18. i have set "ulimit -u
100". after setting this limit i tried to execute fork bombing program
with guest account. after executing it
expected result:- guest uesr should not able to fork another single
process when it reaches to 100 processes count.
actual result :- kernel allow me to create another processes without
giving error. due to this i tried to execute same fork bombing program
on another terminal with guest account and this fork bombing attack
killed the box completely and machine needed reboot.
I think if you want resource limiting per _UID_ (and not per _process_
as you did), you should use PAM module pam_limits.so. You can edit
those limits using the file /etc/security/limits.conf
Regards,
--
Ahmed S. Darwish
http://darwish-07.blogspot.com
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
