David Walser wrote: > I saw an article this morning on LinuxToday that reminded me of the famous > shell forkbomb that most of you are probably aware of (I became aware of it several years ago from someone's e-mail signature on a mailing list): > http://cyberarms.wordpress.com/2012/11/26/an-eleven-character-linux-denial-of-service-attack-how-to-defend-against-it/ > > This also reminded me that we don't have protection against this out of the > box in Mageia. > > I checked on Fedora, and it turns out they do, as described here: > https://bugzilla.redhat.com/show_bug.cgi?id=432903 > > Their pam package has a /etc/security/limits.d/90-nproc.conf file that has: > # Default limit for number of user's processes to prevent > # accidental fork bombs. > # See rhbz #432903 for reasoning. > > * soft nproc 1024 > > As the last comment on the bug says, it's a bit confusing that it's in > limits.d/ and not the limits.conf file itself, and in fact I'm not sure what is responsible for processing limits.d/* as limits.conf says nothing about it (Fedora's is the exact same as ours). Anyway, one way or another it would be nice to have this limit set by default on Mageia, IMHO. WDYT?
I added this exactly as Fedora has in pam-1.1.6-4.mga3. Let me know if it causes problems or doesn't work.
