Date: Mon, 06 May 2019 00:26:31 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 237715] maxproc needs a default value Message-ID: <bug-237715-227-1IP9GvOMYJ@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-237715-227@https.bugs.freebsd.org/bugzilla/> References: <bug-237715-227@https.bugs.freebsd.org/bugzilla/>
index | next in thread | previous in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=237715 sigsys@gmail.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |sigsys@gmail.com --- Comment #1 from sigsys@gmail.com --- It's hard to pick a sensible default though. OpenBSD has default (per architecture) rlimits, which I think is a good idea, but they often have to be changed. There's kern.maxprocperuid which can default to something calculated based on hardware resources. It's set a bit lower than maxproc as it is, but not enough to protect the system in most cases it seems. A process count limit alone only protects you against accidental fork bombs. And then again, it probably only protects other users from it, it's pretty hard to recover your session when you can't spawn more processes. I guess that's the reason it hasn't been done already, it's not a good protection by itself and setting a whole bunch of resource limits is too difficult (and required to set very low per-process limits to be effective before rctl). -- You are receiving this mail because: You are the assignee for the bug.help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-237715-227-1IP9GvOMYJ>