limits.conf devastatingly broken? (was: Preventing fork bombs? <br> ulimit complet

Mailing List

Home

Linux - General Red Hat Linux discussion list

Enterprise Linux 3 - Discussion of Red Hat Enterprise Linux 3 (Taroon)

Red Hat Linux 9 - Discussion of Red Hat Linux 9 (Shrike)

Installation - Getting started with Red Hat Linux

Red Hat Linux 7.3 - Discussion of Red Hat Linux 7.3 (Valhalla)

Red Hat Linux 8.0 - Discussion of Red Hat Linux 8.0 (Psyche)

Red Hat Linux 7.2 - Discussion of Red Hat Linux 7.2 (Enigma)

Red Hat Linux 7.1 - Discussion of Red Hat Linux 7.1 (Seawolf)

Apache Web Server

Oracle database, Microsoft SQL server ...

Subjects

•	application/x mplayer2 plugin
•	RPM error: db4 error(16) from dbenv >remove: Device or resource busy
•	Command stream end of file while reading
•	X Windows problem (xauth)
•	Upgrading openoffice 1 1 rpm
•	FTP: connection refused
•	FTP: connection refused
•	mount: /dev/cdrom: is not a valid block device
•	Dell Precision 650, RedHat 9, no sound
•	how to trace the cause resulting in the crash of bind server
•	Virus on the list
•	UNINSTALL RPM MYSQL
•	usb pen drives: mounting as a user
•	broadcom network interface
•	make mrproper
•	sendmail configuration on redhat
•	Couldn 't open PID file /var/run/named/named pid Permission denied
•	Promise 378 controller
•	kernel 2 6 and /dev/sound/mixer not found
•	Problem using up2date
•	mrtg step by step howto/configuration for a newbie?
•	Compiling and Installing Kernel 2 6
•	Can 't locate module ppp0, can 't locate module ppp compress 21
•	HOW I CAN MAKE BOOTABLE FLOPPY DISKET
•	Lotus Notes under Wine
•	/etc/security/limits conf question
•	Intel E/1000 driver
•	Command stream end of file while reading
•	rpm database corrupt
•	qla2300 modules

limits.conf devastatingly broken? (was: Preventing fork bombs?
ulimit complet

2003-12-30 - By Jason Tackaberry

Back
On Mon, 2003-12-29 at 20:33, Jason Tackaberry wrote:
> Since this is a system where users are given shell access, I 'm applying
> appropriate ulimits on login. However, having tested with a trivial
> fork bomb (while (1) fork()), ulimits are proving to be broken -- the
> system still drags, and root gets out of memory errors (unacceptable!).

Further to my email yesterday, I have discovered
/etc/security/limits.conf, and have added the following lines:

@(protected) hard nproc 10
@(protected) hard cpu 1
@(protected) hard as 10240

When I log in as a student and execute the trivial fork bomb, now
instead of root getting out-of-memory errors, everything seems to block
until eventually the kernel starts killing _all_ userspace processes
(even root ones -- services start dying left and right). I can 't log in
at the console, and am forced to reboot the server.

This is a desperate call for help. I refuse to believe that one lowly
user can bring down a properly configured RHEL with a stupid
while(1)fork(). I 've _got_ to be doing something wrong, but I just
don 't know what.

Best,
Jason.

limits.conf devastatingly broken? (was: Preventing fork bombs? ulimit complet

limits.conf devastatingly broken? (was: Preventing fork bombs?
ulimit complet