blob: 59dc9f74693304683f1d93c02545a02443f0b01a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<TITLE> [Mageia-dev] forkbomb protection
</TITLE>
<LINK REL="Index" HREF="index.html" >
<LINK REL="made" HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20forkbomb%20protection&In-Reply-To=%3C1354121598.89608.YahooMailClassic%40web122003.mail.ne1.yahoo.com%3E">
<META NAME="robots" CONTENT="index,nofollow">
<META http-equiv="Content-Type" content="text/html; charset=us-ascii">
<LINK REL="Previous" HREF="020384.html">
<LINK REL="Next" HREF="020382.html">
</HEAD>
<BODY BGCOLOR="#ffffff">
<H1>[Mageia-dev] forkbomb protection</H1>
<B>David Walser</B>
<A HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20forkbomb%20protection&In-Reply-To=%3C1354121598.89608.YahooMailClassic%40web122003.mail.ne1.yahoo.com%3E"
TITLE="[Mageia-dev] forkbomb protection">luigiwalser at yahoo.com
</A><BR>
<I>Wed Nov 28 17:53:18 CET 2012</I>
<P><UL>
<LI>Previous message: <A HREF="020384.html">[Mageia-dev] [changelog] [RPM] cauldron core/release ocaml-xtmpl-0.3-5.mga3
</A></li>
<LI>Next message: <A HREF="020382.html">[Mageia-dev] forkbomb protection
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#20381">[ date ]</a>
<a href="thread.html#20381">[ thread ]</a>
<a href="subject.html#20381">[ subject ]</a>
<a href="author.html#20381">[ author ]</a>
</LI>
</UL>
<HR>
<!--beginarticle-->
<PRE>I saw an article this morning on LinuxToday that reminded me of the famous shell forkbomb that most of you are probably aware of (I became aware of it several years ago from someone's e-mail signature on a mailing list):
<A HREF="http://cyberarms.wordpress.com/2012/11/26/an-eleven-character-linux-denial-of-service-attack-how-to-defend-against-it/">http://cyberarms.wordpress.com/2012/11/26/an-eleven-character-linux-denial-of-service-attack-how-to-defend-against-it/</A>
This also reminded me that we don't have protection against this out of the box in Mageia.
I checked on Fedora, and it turns out they do, as described here:
<A HREF="https://bugzilla.redhat.com/show_bug.cgi?id=432903">https://bugzilla.redhat.com/show_bug.cgi?id=432903</A>
Their pam package has a /etc/security/limits.d/90-nproc.conf file that has:
# Default limit for number of user's processes to prevent
# accidental fork bombs.
# See rhbz #432903 for reasoning.
*        soft    nproc    1024
As the last comment on the bug says, it's a bit confusing that it's in limits.d/ and not the limits.conf file itself, and in fact I'm not sure what is responsible for processing limits.d/* as limits.conf says nothing about it (Fedora's is the exact same as ours).  Anyway, one way or another it would be nice to have this limit set by default on Mageia, IMHO.  WDYT?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/mageia-dev/attachments/20121128/e9d18012/attachment.html>
</PRE>
<!--endarticle-->
<HR>
<P><UL>
<!--threads-->
<LI>Previous message: <A HREF="020384.html">[Mageia-dev] [changelog] [RPM] cauldron core/release ocaml-xtmpl-0.3-5.mga3
</A></li>
<LI>Next message: <A HREF="020382.html">[Mageia-dev] forkbomb protection
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#20381">[ date ]</a>
<a href="thread.html#20381">[ thread ]</a>
<a href="subject.html#20381">[ subject ]</a>
<a href="author.html#20381">[ author ]</a>
</LI>
</UL>
<hr>
<a href="https://www.mageia.org/mailman/listinfo/mageia-dev">More information about the Mageia-dev
mailing list</a><br>
</body></html>
|
