From owner-cvs-all Mon Feb 18 19:15:39 2002 Delivered-To: cvs-all@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id CBD4A37B416; Mon, 18 Feb 2002 19:15:28 -0800 (PST) Received: (from silby@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g1J3FSV14877; Mon, 18 Feb 2002 19:15:28 -0800 (PST) (envelope-from silby) Message-Id: <200202190315.g1J3FSV14877@freefall.freebsd.org> From: Mike Silbersack Date: Mon, 18 Feb 2002 19:15:28 -0800 (PST) To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/sys/kern kern_fork.c X-FreeBSD-CVS-Branch: HEAD Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG silby 2002/02/18 19:15:28 PST Modified files: sys/kern kern_fork.c Log: A few misc forkbomb defenses: - Leave 10 processes for root-only use, the previous value of 1 was insufficient to run ps ax | more. - Remove the printing of "proc: table full". When the table really is full, this would flood the screen/logs, making the problem tougher to deal with. - Force any process trying to fork beyond its user's maximum number of processes to sleep for .5 seconds before returning failure. This turns 2000 rampaging fork monsters into 2000 harmlessly snoozing fork monsters. Reviewed by: dillon, peter MFC after: 1 week Revision Changes Path 1.132 +5 -2 src/sys/kern/kern_fork.c To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message