[Bug 237715] maxproc needs a default value
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Mon May 6 00:26:33 UTC 2019
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=237715
sigsys at gmail.com changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |sigsys at gmail.com
--- Comment #1 from sigsys at gmail.com ---
It's hard to pick a sensible default though. OpenBSD has default (per
architecture) rlimits, which I think is a good idea, but they often have to be
changed.
There's kern.maxprocperuid which can default to something calculated based on
hardware resources. It's set a bit lower than maxproc as it is, but not enough
to protect the system in most cases it seems.
A process count limit alone only protects you against accidental fork bombs.
And then again, it probably only protects other users from it, it's pretty hard
to recover your session when you can't spawn more processes.
I guess that's the reason it hasn't been done already, it's not a good
protection by itself and setting a whole bunch of resource limits is too
difficult (and required to set very low per-process limits to be effective
before rctl).
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list