-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Randall R Schulz wrote: | I find it hard to believe an interactive user would need much more than | 100 processes. Logged in to a KDE session with the usual panoply of | gadgets running, I'm using only 43 processes. Perhaps some users with | special needs might, but they can be granted more. Well, maybe i'm not a normal user, but i don't use kde at all at the moment on my desktop and have around 125 processes running. And i'm not doing any multimedia stuff at all atm. So its not that easy to say 'noone will need more than around 100 processes'. The next problem is, even with only a few you can crash a box. Finetuneing the limits is hard if you want to do some 'general rules', some apps may need more then x meg of ram, so they won't work anymore. If you allow users to start maybe 100 processes with 16 meg ram each you'll need up to 1,6gb of ram for just one user to prevent him from bombing your box. If he eats up all your mem, your kernel will normaly start to kill processes. With the newer OOM Killer this may work better then it did in the last years because the OOM Killer just started to kill stuff, if you had an bad day, he would start with things like sshd... | The malicious script is utterly trivial. Robustly solving the problem | with out interfering with legitimate patterns of use is probably much | harder. the only bomb i can actually remember is this one: (:(){ :|:;};:) (kids, don't try this at home ;-) It looks so easy and kills so much ;-) | However, on my SuSE 9.1 system, unmodified w.r.t. to the pertinent | limits, I've three times had the system rendered useless and was forced | to press the hardware reset button (!) by a runaway process that | consumed so much memory that nothing else could happen. Well yeah, but the problem still exsist: where to set the limit to? Not every user will be able to set such limits, so you have to set them in a clever way. Take openoffice as a start, it needs much more cpu and ram then many many other apps. If you allow enough of mem/cpu to run openoffice, then you're maybe back to the original problem: your limits won't work for such a bomb. As said in other posts, if someone will bring your box down, he can do it (as long as he's a local user). Regards, Sven -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQFCPsQWQoCguWUBzBwRAvMWAJ9yTFnG9xpLhah3xnyuZAg5vH135wCeJAdp crT7JjVTk6XRLPddzK61Vkc= =coto -----END PGP SIGNATURE-----