Subject: Re: Fork bomb protection patch
To: None <tech-kern@netbsd.org>
From: Greg A. Woods <woods@weird.com>
List: tech-kern
Date: 12/07/2002 16:47:34
[ On Saturday, December 7, 2002 at 02:03:41 (+0100), der Mouse wrote: ]
> Subject: Re: Fork bomb protection patch
>
> I'm not really convinced it's worthwhile trying to use technical means
> to render the OS immune to malicious (as opposed to accidental or idly
> curious) forkbomb DoS attacks.

hear! hear!

If admins don't have big enough clue stick and other management and
operational controls to deal with malicious "attacks" by trusted users
then they have much more serious problems than any of us can solve in a
technical forum like this.

As for the accidental fork-bomb DoS, well let's everyone who hasn't yet
"man setrlimit; man login.conf" and get on with more interesting things
that haven't already been hashed to death pretty much every fall since
timesharing systems were first used by students.....

(When I was a student our very few allowed processes were limited to no
more than ~30 million instructions each (30 CPU seconds on a VAX 11/780)! :-)

-- 
								Greg A. Woods

+1 416 218-0098;            <g.a.woods@ieee.org>;           <woods@robohack.ca>
Planix, Inc. <woods@planix.com>; VE3TCP; Secrets of the Weird <woods@weird.com>