Glynn Clements on Tue, Aug 04, 1998 at 04:19:50PM +0100:
> The usual way to guard against fork bombs is to limit the number of
> processes per user with `ulimit -Hu'.
Yeah, I've tried it, but it has to be unacceptably low to limit forkbomb
CPU usage to something reasonable to allow ready recovery.
> Also, root can increase his scheduling priority. Adding `nice -n -10'
> to root's ~/.profile may make it easier to gain control of an
> overloaded system.
Well, nice requires a command, so I would have to invoke another
instance of bash, or have login use a different string. If I prepended
root's entry in passwd with the nice command, then would this only
affect the login shell (which is what I want)?
> > Another question...killing the forkbombs with "for P in `pidof
> > forkbomb`; do kill -KILL $P; done" works but "killall forkbomb" does not
> > (ie, it just respawns itself around the kills). Why is this?
>
> Probably just fluke. If any more processes are forked after the
> evaluation of `pidof forkbomb', the loop won't catch them.
It's not a fluke, it is reproducible and consistent.
--
Scott
