Subject: Re: Fork bomb protection patch
To: der Mouse <mouse@Rodents.Montreal.QC.CA>
From: Thor Lancelot Simon <tls@rek.tjls.com>
List: tech-kern
Date: 12/07/2002 13:24:59
On Sat, Dec 07, 2002 at 07:16:38AM +0100, der Mouse wrote:
> > In practice, users on timesharing systems seldom need more than 10 or
> > 15 simultaneous processes
>
> I submit that this either is no longer true or refers to a type of use
> that is no longer common.
I submit that, generally, even -- or perhaps especially -- today, machines
do not run graphical desktops for more than one, or at most a few, users
at a time. And "forkmonsters" and the like are simply not a problem on
desktop machines with small numbers of simultaneous users; or, if they are,
we're seeing sysadmin incompetence at work again, because it's trivial
to arrange for whoever's logged in on the X display (or displays) to have
higher resource limits while having the sensible, low limits for those
not running desktop environments that use huge numbers of processes.
FWIW, I just did a small survey on the five timesharing hosts at Panix
(which run NetBSD) and on the main CS department server at Stevens (which
runs Irix). It averages out to just under 2 processes per user, with the
maximum for any single user being 7 -- and that guy's using remote X.
Thor