Subject: Re: Fork bomb protection patch
To: Havard Eidnes <he@netbsd.org>
From: Greg A. Woods <woods@weird.com>
List: tech-kern
Date: 12/05/2002 16:11:07
[ On Thursday, December 5, 2002 at 08:43:56 (+0100), Havard Eidnes wrote: ]
> Subject: Re: Fork bomb protection patch
>
> > The real fun is doing it on a slow async console terminal with sticky
> > keys and only one free process slot to work in.  Been there, done that,
> > didn't even really break a sweat (though I sure wouldn't want to have to
> > be doing it that way every day! :-)
> 
> Now, so you think because it's been hard in the past, and you suffered
> through it but managed to deal, it should continue to be hard?  Sorry,
> I don't get it.

Huh?  No I'm saying it _was_NOT_ that hard then and that I did not
suffer, even with only one reserved process slot.  With ten reserved
slots, and a hook to prevent the console from being spammed by silly
warning messages, it's going to be downright trivial to resolve this
situation!

A really big SLART to the head of the superluser who thinks otherwise!  :-)

> Sure, it's not an end to all local DoS attacks, but IMHO it deals with
> this particular and, I dare say, not entirely uncommon instance.

As Roland said, I can't remember when I last witnessed a fork-bomb done
outside of a purposeful test, let alone did it accidentally to myself....

-- 
								Greg A. Woods

+1 416 218-0098;            <g.a.woods@ieee.org>;           <woods@robohack.ca>
Planix, Inc. <woods@planix.com>; VE3TCP; Secrets of the Weird <woods@weird.com>