pgeorges <[EMAIL PROTECTED]> writes:
> Anon Sricharoenchai a écrit :
> >
> > I have tested the "fork" and so called "copy-on-write" operation by
> > invoking the following command (as a normal user, not superuser).
> >
> > perl -e '$| = 1; sub s1() { system("free -t | tail -1") } s1(); for ($i =
> > 0; $i<10_000_000; $i++) { $a[$i] = 0 } s1(); if (\!fork()) { s1(); for ($i
> > = 0; $i<scalar(@a); $i+=300) { $a[$i] = 0 } s1() } else { wait() }'
>
> > How can I protect this crash ?
>
> You may protect from 'out of memory' linux crash by setting limits on
> memory/time for processes with the ulimit command (ugly turnaround).
Here's what I put in my /etc/profile
-=-=-=-=-
# fuck them all except root and me
if [ "$UID" != "0" ] && [ "$UID" != "576" ]
then
ulimit -t 1
ulimit -u 5
ulimit -v 5000
ulimit -s 1000
ulimit -n 15
ulimit -f 1000
ulimit -d 1000
ulimit -l 1000
ulimit -m 500
fi
-=-=-=-=-
It prevents from smiling faces coming on your host and killing your
machine by a simple:
#include <stdlib.h>
void main() {while(1) fork();}
--
Guillaume Cottenceau -- Distribution Developer for MandrakeSoft
http://us.mandrakesoft.com/~gc/
