Date: Sat, 02 Feb 2002 23:54:36 -0800 From: Mike Makonnen <mike_makonnen@yahoo.com> To: Gaspar Chilingarov <nm@web.am> Cc: freebsd-hackers@freebsd.org Subject: Re: fork rate limit Message-ID: <200202030754.g137saC40573@blackbox.pacbell.net> In-Reply-To: <20020202223546.GA430@mail.web.am> References: <20020202201551.GA89061@mail.web.am> <200202022052.g12KqOM17214@apollo.backplane.com> <20020202223546.GA430@mail.web.am>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 3 Feb 2002 02:35:46 +0400 Gaspar Chilingarov <nm@web.am> wrote: > I've got such situation on our free shellbox set up in the > university - some newbies were kidding with old while(1) fork(); > attack. Finnaly they got hit by memory limits set up for each > user, but anyway they were taking a lot of processor time. I > prefer to limit some uid's ability to do many forks in some > short period - like 'no more than 200 forks in 10 seconds' or > smthng like this. Lock them out of the box for a while. If they do it again ban them forever. The students will learn pretty quickly not to do such things. This means less work for you, and no need to continuously maintain diffs against the kernel sources. IMO it's a *very,very* bad thing to introduce changes into the kernel that might introduce unintended side effects when the problem can be solved administratively. cheers, mike makonnen To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200202030754.g137saC40573>