How to avoid forkbomb?
Ryan J. Cavicchioni
ryan at confabulator.net
Fri Mar 18 17:57:19 PST 2005
I apologize, I did not mention what version I was running. Here it is:
5.3-RELEASE-p5
Ryan J. Cavicchioni wrote:
> Hi,
>
> After reading this article:
> http://www.securityfocus.com/cgi-bin/sfonline/columnists-item.pl?id=308,
> I decided to give the forkbomb script a try which is below:
>
> #!/bin/sh
>
> $0 & $0 &
>
> The system was unresponsive for a couple minutes but then FreeBSD
> killed the script and the system was accessible.
>
> I started looking around for what my process limit was set at but I
> found a couple different values.
>
> ulimit -a outputs:
>
> core file size (blocks, -c) unlimited
> data seg size (kbytes, -d) 524288
> file size (blocks, -f) unlimited
> max locked memory (kbytes, -l) unlimited
> max memory size (kbytes, -m) unlimited
> open files (-n) 7264
> pipe size (512 bytes, -p) 1
> stack size (kbytes, -s) 65536
> cpu time (seconds, -t) unlimited
> max user processes (-u) 3632
>
>
> kern.maxproc is set to 4036
>
>
> /etc/login.conf reads:
>
> :maxproc=unlimited:\
>
> My questions are:
> Am I looking at the correct values?
> Which is the actual process limit?
> What would you recommend that I set it to in order to have my machine
> shrug off the fork bomb sooner?
> What would be a good process limit for a LAMP webserver?
> How would I set the process limits?
>
> Thanks in advance.
>
> - Ryan
>
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe at freebsd.org"
>
More information about the freebsd-questions
mailing list