fork bomb attack
Carlos Rodrigues
carlos.efr at mail.telepac.pt
Sat Mar 19 19:04:07 UTC 2005
Dave Jones wrote:
> If we set strict ulimits by default we'd have people writing articles like
> "Fedora is teh suck, I can't malloc more than xMB in a single process"
> What's fit for one configuration may not be for another.
> One size most definitly does not fit all.
The BSDs didn't seem vulnerable to this issue, and I don't see people
going around in circles screaming about it. So, they seem to have chosen
some "one size fits almost all" limits.
Maybe those could be chosen for Fedora/RedHat too, and let people with a
need for huge numbers of processes increase them. Those kind of people
should also know how to do "man ulimit".
When one advocates in favor of unix-like systems (as opposed to Windows
systems) mentioning "convenience vs. security", it is embarassing to be
given counter-examples like fork-bombs.
--
Carlos Rodrigues
url: http://tudo-sobre-nada.blogspot.com
More information about the fedora-devel-list
mailing list