[arch-dev-public] Fwd: limits.conf and fork bombing
Rémy Oudompheng
remyoudompheng at gmail.com
Wed Jun 6 02:42:30 EDT 2012
On 2012/6/5 Stéphane Gaudreault <stephane at archlinux.org> wrote:
> Le 2012-06-05 08:32, Daniel Isenmann a écrit :
>> Am 05.06.2012 14:26, schrieb Dave Reisner:
>>> On Tue, Jun 05, 2012 at 02:23:34PM +0200, Tobias Powalowski wrote:
>>>>
>>>> -------- Original-Nachricht --------
>>>> Betreff: limits.conf and fork bombing
>>>> Datum: Tue, 5 Jun 2012 13:15:26 +0200
>>>> Von: M0Rf30<morf3089 at gmail.com>
>>>>
>>>> Could you insert a string into /etc/security/limits.conf to prevent a
>>>> fork bombing attack?
>>>> An example:
>>>> * hard nproc 300
>>>> Thanks
>>>> Best Regards
>>>> Gianluca Boiano
>>>>
>>> Yeah, we've seen this before...
>>>
>>> https://bugs.archlinux.org/task/25690
>>>
>>> d
>>>
>> Isn't this a task for the administrator of the computer? I don't see a
>> reason, why we should add one for default in one of our packages.
>>
>> Daniel
> +1 To do nothing. This is definitely an admin task.
>
I agree. 300 is a ridiculously low limit and here my shell has a
default limit of 24070 processes without me doing anything.
Rémy.
More information about the arch-dev-public
mailing list