forkbomb attack

Chris Snook csnook at
Fri Nov 30 14:52:23 UTC 2007

Zhukov Pavel wrote:
> why modern fedora affected by simple forkbomb attack?

Because it's hard to set static defaults that are reasonable for both a low-end 
laptop and a 16-core server with 128 GB of RAM.  Theoretically we could 
configure the defaults in limits.conf dynamically at installation time, but no 
one has ever cared enough to write the code and test it on the wide range of 
hardware and software configurations required to get it right.

Personally, I find the current settings work just fine.  The only way I can 
forkbomb my old 384 MB, 1-core powerbook is with a synthetic forkbomb, and the 
fix for it is "don't do that".  It survives an accidental forkbomb, such as 
those caused by foolish application handler settings.  If you're running 
arbitrary code from untrusted users, a forkbomb is the least of your problems. 
On my 2-core, 2 GB systems, which is a reasonable minimum target for interactive 
servers allowing logins by semi-trusted users, I can't even synthetically 
forkbomb the box without root privileges.  The most I can do is lock up my X 
server, which is cured by a remote ssh and a kill.  This might be what's 
happening to you.

If you think there's something really wrong, please open a bug with specifics.

	-- Chris

More information about the fedora-list mailing list