Re: Fork bombing a Linux machine as a non-root user

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 2005-03-18 at 14:51, Dave Jones wrote:
> On Fri, Mar 18, 2005 at 02:24:56PM -0500, Scot L. Harris wrote:
> 
>  > This is the wrong approach.  A user level account should not be allowed
>  > to consume resources to the point that the whole system crashes.
> 
> man ulimit
> sysadmins are responsible for setting these limits as they are per-site
> values that make no sense globally.

> This is a complete non-issue, that gets blown out of all proportion
> every single time it comes up. Usually at the beginning of each academic year.

I was responding to Mathew Miller who suggested finding the user that
issued the fork bomb and slap them around.

And yes there are tools available to help mitigate the potential problem
as you pointed out.  But why not set a default limit instead of leaving
it open?  Kind of like saying it is the admins responsibility to disable
open relaying of sendmail instead of having the default configuration
setup to deny relaying.  By default fewer people create open relays, it
does take a little effort to correctly setup sendmail for a new admin
but safer for everyone else.  

Set some default limit for maximum number of processes for users that
satisfies 90% of the users out there.  The other 10% get to learn how to
up those numbers or disable the limit if needed.

Once done this would be a non-issue from then on.


-- 
Scot L. Harris
webid@xxxxxxxxxx

Your EMAIL is now being delivered by the USPS. 


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux