hello, isn't there a limit on the number of processes, size of memory that you set in pam.conf ? I actually limited it to around 5 or something to a user ( aka me !) and found i could not login :) regards omicron On Thu, 26 Apr 2001, Roman Drahtmueller wrote:
This is untested, but my reading of the manpages leads me to believe that this trivial fork bomb would be stopped dead by a simple inclusion of `ulimit -Hu 100` in /etc/profile .
� propos /etc/profile: is it *always* sure, that limits set in this file will be applied, or can a user avoid its execution by other means (changing defaultshell, at- or cron-job, ...) ? Peter
It is _not_ ensured.
For cron and at you'd need to run the respective daemons with the limits already. They inherit their limit to their children.
Also, if you run a command like this:
ssh remotehost -l remoteuser do_nasty_things
then /etc/profile isn't read as well. So the whole thing is a bit tricky to come by. As Sebastian pointed out already: userdel is your friend. If that doesn't work with your business model, user very restrictive methods to get rid of such people. Real BOFHs know some methods...
Thanks, Roman.
-- ****** omicron Mail:omicron@omicron.dyndns.org (Sridhar N) www:omicron.symonds.net pubkeys:omicron.symonds.net/pubkeys C O G I T O E R G O S U M ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~