Forkbomb??
Simon Santoro
Simon.Santoro at poste.it
Fri Mar 18 20:57:14 UTC 2005
Karl Hegbloom wrote:
> [Moved to ubuntu-users: Please reply there ONLY: Edit your headers.]
>
> On Fri, 2005-03-18 at 21:02 +0100, Simon Santoro wrote:
>
>>Michael Anckaert wrote:
>>
>>>Hello all,
>>>I just read an article on SecurityFocus about how forkbombs can still
>>>affect modern day distributions.
>>>The article states Debian isn't affected by the forkbomb and since
>>>Ubuntu is Debian based, I'm not worried a bit :-).
>>
>>I don't think this is really a bug. If you use ubuntu as a desktop
>>system, you should be able to use all the resources available to work
>>with your computer.
>>If you are using Ubuntu as a server and let users remotely log in and
>>execute commands, then, I presume, you are a good enough admin to know
>>how to ulimit the resources any given user has.
>
>
> What if you are a relatively clueless newbie, and you run a script
> written by someone else that fork bombs? That same newbie will have no
> clue as to what just happened to the computer. They are unlikely to
> have had a CPU meter (gkrellm) running, and will have no context for
> understanding.
If you are a relatively clueless newbie that executes scripts written by
other people you are screwed anyway. That script could rm -rf your ~,
send your firefox profile folder via email to someone else, or do a lot
worse than forkbomb your pc.
> I think that limiting the 'nproc' via /etc/security/limits.conf to 4068
> processes (as in Debian Woody) would be acceptable. That's way more
> processes than even the heaviest desktop user will really need, and will
> prevent the fork bomb DOS from being possible.
Personally I don't like someone else to decide what is best for me, like
how many processes I am allowed to run, how many cpu time, or cut down
on anything else on my machine. But if you think this is reasonable,
just go ahead. I can change it only for me ;)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20050318/af0aca0d/attachment.sig>
More information about the ubuntu-users
mailing list