Mailinglist Archive: opensuse-security (228 mails)

< Previous Next >
Re: [suse-security] Linux and forkbomb - with link
  • From: Bob Vickers <bobv@xxxxxxxxxxxxx>
  • Date: Mon, 21 Mar 2005 11:28:47 +0000 (GMT)
  • Message-id: <Pine.LNX.4.58.0503211114300.8780@xxxxxxxxxxxxxxxxxxx>
This article is somewhat misguided. Limiting the number of user processes
is an excellent idea, but provides no protection against a knowledgeable
hostile user. If one of your users wishes to make your service
unusable by hogging some resource then they will certainly find a way of
doing it. The solution is to take away their account.

Fortunately legitimate users very rarely wish to make the service
unusable. However, they may very well *accidentally* run a fork bomb (I
have done it myself) and for this reason it would be friendly of SuSE to
ensure that default setups always set a process limit (it doesn't have to
be very small).

Bob
==============================================================
Bob Vickers R.Vickers@xxxxxxxxxxxxx
Dept of Computer Science, Royal Holloway, University of London
WWW: http://www.cs.rhul.ac.uk/home/bobv

< Previous Next >