On 5/18/07, Anand Jahagirdar <[EMAIL PROTECTED]> wrote:
Hello All I tried to execute a program which creates 8152 process.( i=0; while( i<14) i++ fork(); ) with ulimit 8200. This program created 8152 processes and then stopped and came back to command prompt. this proves that my machine do have sufficient resources to create 8000 processes.I found one more interesting thing on the same machine having FC6 distribution and Linux Kernel 2.6.18. i have set "ulimit -u 100". after setting this limit i tried to execute fork bombing program with guest account. after executing it expected result:- guest uesr should not able to fork another single process when it reaches to 100 processes count. actual result :- kernel allow me to create another processes without giving error. due to this i tried to execute same fork bombing program on another terminal with guest account and this fork bombing attack killed the box completely and machine needed reboot.
I think if you want resource limiting per _UID_ (and not per _process_ as you did), you should use PAM module pam_limits.so. You can edit those limits using the file /etc/security/limits.conf Regards, -- Ahmed S. Darwish http://darwish-07.blogspot.com - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
