From owner-cvs-all Mon Feb 25 21:32:48 2002 Delivered-To: cvs-all@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 20E5437B41B; Mon, 25 Feb 2002 21:32:44 -0800 (PST) Received: (from silby@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g1Q5Wi459827; Mon, 25 Feb 2002 21:32:44 -0800 (PST) (envelope-from silby) Message-Id: <200202260532.g1Q5Wi459827@freefall.freebsd.org> From: Mike Silbersack Date: Mon, 25 Feb 2002 21:32:44 -0800 (PST) To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/sys/kern kern_fork.c X-FreeBSD-CVS-Branch: RELENG_4 Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG silby 2002/02/25 21:32:44 PST Modified files: (Branch: RELENG_4) sys/kern kern_fork.c Log: MFC rev 1.132: A few misc forkbomb defenses: - Leave 10 processes for root-only use, the previous value of 1 was insufficient to run ps ax | more. - Remove the printing of "proc: table full". When the table really is full, this would flood the screen/logs, making the problem tougher to deal with. - Force any process trying to fork beyond its user's maximum number of processes to sleep for .5 seconds before returning failure. This turns 2000 rampaging fork monsters into 2000 harmlessly snoozing fork monsters. Revision Changes Path 1.72.2.10 +5 -2 src/sys/kern/kern_fork.c To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message