I know of /etc/limits ...is that the place to put a limit of a users processors/programs, is limited to. And if so, what is rough average for browsing, playing tunes, basically a general desktop.

I created a /etc/profile.d/ulimit.sh file containing the following:
If you have a real multiuser setup and allow users to choose their own shells you should also create the equivalent ulimit.csh file with the appropriate c-shell command instead (I believe c shells use limit instead of ulimit...`limit maxproc 300` might work but I have no experience with those shells). I use a lightweight window manager and I haven't encountered problems with 300 processes per user, but you may with the heavier stuff (though I occasionally run KDE without problems as well).
under a heavy session would give you a starting point as to how many processes is reasonable. I could probably get away with 100 but 300 is enough to provide adequate freedom while limiting the impact of fork bombs so I'm content.

1 members found this post helpful.

Thanks for the reply T3slider, would you also consider limiting root?

I believe that will limit root already since it does not discriminate based on uid, but root will always have the ability to increase the max processes if needed by running ulimit in the shell (regular users cannot increase the limit above the hard limit). I guess the following would work to restrict it to regular users:
Of course, then a fork bomb running as root would bring the system to its knees...but any fork bomb could just adjust the max processes runnable by root before executing so it's irrelevant.

1 members found this post helpful.