Date: Mon, 10 Apr 2000 01:31:39 -0700 From: Alfred Perlstein <bright@wintelcom.net> To: Bjoern Fischer <bfischer@Techfak.Uni-Bielefeld.DE> Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: efficiency of maxproc hardlimit Message-ID: <20000410013139.R4381@fw.wintelcom.net> In-Reply-To: <20000410094436.A778@frolic.no-support.loc>; from bfischer@Techfak.Uni-Bielefeld.DE on Mon, Apr 10, 2000 at 09:44:36AM %2B0200 References: <20000410094436.A778@frolic.no-support.loc>
next in thread | previous in thread | raw e-mail | index | archive | help
* Bjoern Fischer <bfischer@Techfak.Uni-Bielefeld.DE> [000410 01:15] wrote:
> Hello,
>
> up till now I was convinced that a proper /etc/login.conf
> provides enough protection against silly dos efforts like
> fork bombs.
>
> Well, while a hard maxproc of 64 protects very well against
>
> echo '#!/bin/sh
> a &
> a &' > a; chmod 755 a; ./a
>
> but it fails to prevent that this
>
> main(){fork();main();}
>
> leaves the machine in an unusable state (it does ping
> back, one may break into the kernel debugger, but no
> io).
>
> Any way to prevent this (without harming the user)?
Please reread the documentation on limits.
cputime unlimited
filesize unlimited
datasize 256MB <-
stacksize 64MB <-
coredumpsize unlimited
memoryuse unlimited
memorylocked unlimited
maxproc 4115
descriptors 8232
sockbufsize unlimited
If appropriate limits are in place and you still get problems
then let us know.
--
-Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org]
"I have the heart of a child; I keep it in a jar on my desk."
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000410013139.R4381>