On Saturday, March 19, 2005 11:24 AM, Jonathan Berry wrote: > > How about this idea: > Implement a process _creation_rate_ limit. That way, if > someone did try to fork-bomb the system, it would see the > enormous number of > fork() commands in a short period of time and do something to > slow the process down or kill it and its children. The only > reason to start up several hundred processes within a few > seconds is to fork-bomb the system (at least I cannot think > of another reason). At my work, I forked a few hundred processes to remotely update a batch of networked devices scattered across remote locations. Now why you tryin to keep a brother down?
