Forkbomb??
John Ruschmeyer
jruschme at gmail.com
Sun Mar 20 12:52:48 UTC 2005
On Sun, 2005-03-20 at 11:05 +0100, Simon Santoro wrote:
> Karl Hegbloom wrote:
> Whatever. I don't really care. As sad before, I can always change it for
> me. I still think it is impossible to save a clueless user that executes
> scripts on his local machine from untrusted sources, and thus, cutting
> down the number of procs my computer is allowed to execute at one time
> is useless and limits my available resources for no real security gain.
Maybe we do need to protect the clueless user, though not necessarily
against scripts from untested sources. Let's take the example of the
badly written factoring script which uses forks and massive numbers of
multiple processes. Do we really want Snuffy to crash his box just
because he chose the wrong algorithm (or implemented it badly)?
This started as a system security issue, but probably has reliability
aspects.
Personally, I like the compromise of a soft limit with a large, but not
unreasonable number. It's an air bag against accidents, but can always
be overridden by those who need to.
<<<John>>>
More information about the ubuntu-users
mailing list