From owner-freebsd-hackers Mon Apr 10 0:48:17 2000 Delivered-To: freebsd-hackers@freebsd.org Received: from mail.uni-bielefeld.de (mail.uni-bielefeld.de [129.70.4.90]) by hub.freebsd.org (Postfix) with ESMTP id 275F037B810 for ; Mon, 10 Apr 2000 00:47:09 -0700 (PDT) (envelope-from bfischer@Techfak.uni-bielefeld.de) Received: from frolic.no-support.loc (ppp36-81.hrz.uni-bielefeld.de) by mail.uni-bielefeld.de (Sun Internet Mail Server sims.3.5.1999.05.24.18.28.p7) with ESMTP id <0FSS008I9IY9Y5@mail.uni-bielefeld.de> for freebsd-hackers@freebsd.org; Mon, 10 Apr 2000 09:46:59 +0200 (MET DST) Received: (from bjoern@localhost) by frolic.no-support.loc (8.9.3/8.9.3) id JAA00797 for freebsd-hackers@freebsd.org; Mon, 10 Apr 2000 09:44:36 +0200 (CEST envelope-from bjoern) Date: Mon, 10 Apr 2000 09:44:36 +0200 From: Bjoern Fischer Subject: efficiency of maxproc hardlimit To: freebsd-hackers@freebsd.org Message-id: <20000410094436.A778@frolic.no-support.loc> MIME-version: 1.0 X-Mailer: Mutt 1.0i Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: quoted-printable Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hello, up till now I was convinced that a proper /etc/login.conf provides enough protection against silly dos efforts like fork bombs. Well, while a hard maxproc of 64 protects very well against echo '#!/bin/sh a & a &' > a; chmod 755 a; ./a but it fails to prevent that this main(){fork();main();} leaves the machine in an unusable state (it does ping back, one may break into the kernel debugger, but no io). Any way to prevent this (without harming the user)? Bj=F6rn PS: Please no dispute about overcommittment or my-fork-bomb-is-better-than-yours. --=20 -----BEGIN GEEK CODE BLOCK----- GCS d--(+) s++: a- C+++(-) UB++++OSI++++$ P+++(-) L---(++) !E W- N+ o>+ K- !w !O !M !V PS++ PE- PGP++ t+++ !5 X++ tv- b+++ D++ G e+ h-- y+=20 ------END GEEK CODE BLOCK------ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message