Fork bombing a Linux machine as a non-root user

Scot L. Harris webid at cfl.rr.com
Mon Mar 21 16:44:22 UTC 2005 

On Mon, 2005-03-21 at 11:23, Aleksandar Milivojevic wrote:
> David Curry wrote:
> > Discussion in this thread frequently reflected an unwarranted, 
> > underlying assumption.   Namely, that linux/unix experts are intalling 
> > the OS, know how the system will be used, and act immediately after 
> > installation to reset default installation resource limits to 
> > appropriate levels. It is obvious to me from thread discussion that that 
> > assumption is invalid.  Rather the discussion suggests many/some 

Yes the assumption is invalid now that Linux is beginning to make
inroads onto the desktop world.  Having some kind of limit is IMHO
preferable to having no limit.  It is better to have a user process fail
than to have the entire system fail.  Those that need more resources can
raise the limits.  Selecting a reasonable ulimit based on the systems
available resources should not be difficult and should cover 90% of the
user base.  The other 10% are probably tweaking their systems due to the
types of things they use them for anyway.  

>   Linux does not protect user space 
> processes from each other.  

That statement is incorrect.  Linux and Unix in general have done a
better job of this than Windows ever did.  I think what you mean is that
without setting appropriate ulimits there is nothing to keep a user
process from using all available resources on a system.  This in turn
can impact other users since they may not be able to get resources from
the system as needed and ultimately it can impact the entire system if
the kernel is unable to get resources as well.

As Linux becomes more main stream the assumption has to be that users
won't have the expertise to tune a system.  As such reasonable defaults
and limits should be put in place to protect the user and the system. 
Those that have requirements that exceed these limits should be in the
10% range if the defaults and limits are well selected.

-- 
Scot L. Harris
webid at cfl.rr.com

DEC diagnostics would run on a dead whale.
		-- Mel Ferentz

More information about the users mailing list