fork bomb

namit · 12-05-2005, 11:15 AM

How do i stop fork bomb from happening

jtshaw · 12-05-2005, 12:16 PM

The easiest way is to not let users run executables from there home directory or write files to any other directory. This way they can never create or provide executables above what you've provided.

namit · 12-05-2005, 12:27 PM

but how do i do this?

Capt_Caveman · 12-05-2005, 11:13 PM

You can also use ulimit and the limits.conf file to define set limits. There are a number of "stupid command line tricks" that can be used to forkbomb a system, so you might want to use them as well. Take a look at this thread on the subject also:

http://www.linuxquestions.org/questi...d.php?t=338560

tkedwards · 12-06-2005, 04:48 PM

Example limits.conf file:

Code:

*                hard    as             1000000 #each user limited to 1,000,000kb total memory usage
*                hard    stack            32000 #each user's stack limited to ~32mb
%                hard    as             1300000 #total memory usage for all users cannot exceed 1,300,000kb
*                hard    nproc           300 #each user limited to 300 processes
#Mandriva2006 defaults:
*               -       rt_priority     0
*               -       nice            0
@audio          -       rt_priority     50
@audio          -       nice            -10

This is from my AthlonXP 2000 (1664mhz) machine with 750MB RAM, adjust to your hardware specs if necessary. You can verify that its working by logging out and loggining back in and running

Code:

ulimit -a

. You need to logout and log back in to your X session as well for these limits to take effect.