Date: Fri, 18 Mar 2005 19:40:36 -0600 From: "Ryan J. Cavicchioni" <ryan@confabulator.net> To: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: How to avoid forkbomb? Message-ID: <423B8314.1000606@confabulator.net>
next in thread | raw e-mail | index | archive | help
Hi, After reading this article: http://www.securityfocus.com/cgi-bin/sfonline/columnists-item.pl?id=308, I decided to give the forkbomb script a try which is below: #!/bin/sh $0 & $0 & The system was unresponsive for a couple minutes but then FreeBSD killed the script and the system was accessible. I started looking around for what my process limit was set at but I found a couple different values. ulimit -a outputs: core file size (blocks, -c) unlimited data seg size (kbytes, -d) 524288 file size (blocks, -f) unlimited max locked memory (kbytes, -l) unlimited max memory size (kbytes, -m) unlimited open files (-n) 7264 pipe size (512 bytes, -p) 1 stack size (kbytes, -s) 65536 cpu time (seconds, -t) unlimited max user processes (-u) 3632 kern.maxproc is set to 4036 /etc/login.conf reads: :maxproc=unlimited:\ My questions are: Am I looking at the correct values? Which is the actual process limit? What would you recommend that I set it to in order to have my machine shrug off the fork bomb sooner? What would be a good process limit for a LAMP webserver? How would I set the process limits? Thanks in advance. - Ryan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?423B8314.1000606>