Mailinglist Archive: opensuse-security (228 mails)

< Previous Next >
Re: [suse-security] Linux and forkbomb - with link
  • From: Rainer Duffner <rainer@xxxxxxxxxxxxxxx>
  • Date: Mon, 21 Mar 2005 15:42:28 +0100
  • Message-id: <423EDD54.8070700@xxxxxxxxxxxxxxx>
Randall R Schulz wrote:

Yes. That's my point. It's not an easy problem to solve for exactly the reason that there's just a continuum of legitimate needs which eventually become pathological (at different points for systems with different hardware capacity). What exactly characterizes pathological demand or load?

The "limits" are mostly to stop *server*-processes from going berserk (e.g. apache) - or shell-users (anybody remember the shell-accounts one got at university before the Windoze-desease spread?).

The limits work quite well on shell-only accounts (no X). But with X (and qt apps have just been getting bigger and more power-hungry - so limits are of not much use and I can see why SuSE dropped them alltogether (can you say "support-nightmare"?).

On my FreeBSD-box, it looks like this:
Resource limits (current):
cputime infinity secs
filesize infinity kb
datasize 524288 kb
stacksize 65536 kb
coredumpsize infinity kb
memoryuse infinity kb
memorylocked infinity kb
maxprocesses 3618
openfiles 7236
sbsize infinity bytes
vmemoryuse infinity kb

But of course, that's comparing apples with oranges (or penguins with daemons)....


~ Rainer Duffner - rainer@xxxxxxxxxxxxxxx ~
~ Freising - Munich - Germany ~
~ Unix - Linux - BSD - OpenSource - Security ~
~ ~

< Previous Next >