[arch-dev-public] Fwd: limits.conf and fork bombing
-------- Original-Nachricht -------- Betreff: limits.conf and fork bombing Datum: Tue, 5 Jun 2012 13:15:26 +0200 Von: M0Rf30 <morf3089@gmail.com> An: tpowa@archlinux.org Could you insert a string into /etc/security/limits.conf to prevent a fork bombing attack? An example: * hard nproc 300 Thanks Best Regards Gianluca Boiano
On Tue, Jun 05, 2012 at 02:23:34PM +0200, Tobias Powalowski wrote:
-------- Original-Nachricht -------- Betreff: limits.conf and fork bombing Datum: Tue, 5 Jun 2012 13:15:26 +0200 Von: M0Rf30 <morf3089@gmail.com> An: tpowa@archlinux.org
Could you insert a string into /etc/security/limits.conf to prevent a fork bombing attack? An example: * hard nproc 300 Thanks Best Regards Gianluca Boiano
Yeah, we've seen this before... https://bugs.archlinux.org/task/25690 d
Am 05.06.2012 14:26, schrieb Dave Reisner:
On Tue, Jun 05, 2012 at 02:23:34PM +0200, Tobias Powalowski wrote:
-------- Original-Nachricht -------- Betreff: limits.conf and fork bombing Datum: Tue, 5 Jun 2012 13:15:26 +0200 Von: M0Rf30<morf3089@gmail.com> An: tpowa@archlinux.org
Could you insert a string into /etc/security/limits.conf to prevent a fork bombing attack? An example: * hard nproc 300 Thanks Best Regards Gianluca Boiano
Yeah, we've seen this before...
https://bugs.archlinux.org/task/25690
d
Isn't this a task for the administrator of the computer? I don't see a reason, why we should add one for default in one of our packages. Daniel
On Tuesday 05 June 2012 14:32:37 Daniel Isenmann wrote:
Isn't this a task for the administrator of the computer? I don't see a reason, why we should add one for default in one of our packages. I agree with Daniel (and with Gaetan's opinion).
-1 -- Andrea
Le 2012-06-05 08:32, Daniel Isenmann a écrit :
Am 05.06.2012 14:26, schrieb Dave Reisner:
On Tue, Jun 05, 2012 at 02:23:34PM +0200, Tobias Powalowski wrote:
-------- Original-Nachricht -------- Betreff: limits.conf and fork bombing Datum: Tue, 5 Jun 2012 13:15:26 +0200 Von: M0Rf30<morf3089@gmail.com> An: tpowa@archlinux.org
Could you insert a string into /etc/security/limits.conf to prevent a fork bombing attack? An example: * hard nproc 300 Thanks Best Regards Gianluca Boiano
Yeah, we've seen this before...
https://bugs.archlinux.org/task/25690
d
Isn't this a task for the administrator of the computer? I don't see a reason, why we should add one for default in one of our packages.
Daniel +1 To do nothing. This is definitely an admin task.
On 2012/6/5 Stéphane Gaudreault <stephane@archlinux.org> wrote:
Le 2012-06-05 08:32, Daniel Isenmann a écrit :
Am 05.06.2012 14:26, schrieb Dave Reisner:
On Tue, Jun 05, 2012 at 02:23:34PM +0200, Tobias Powalowski wrote:
-------- Original-Nachricht -------- Betreff: limits.conf and fork bombing Datum: Tue, 5 Jun 2012 13:15:26 +0200 Von: M0Rf30<morf3089@gmail.com>
Could you insert a string into /etc/security/limits.conf to prevent a fork bombing attack? An example: * hard nproc 300 Thanks Best Regards Gianluca Boiano
Yeah, we've seen this before...
https://bugs.archlinux.org/task/25690
d
Isn't this a task for the administrator of the computer? I don't see a reason, why we should add one for default in one of our packages.
Daniel +1 To do nothing. This is definitely an admin task.
I agree. 300 is a ridiculously low limit and here my shell has a default limit of 24070 processes without me doing anything. Rémy.
participants (6)
-
Andrea Scarpino
-
Daniel Isenmann
-
Dave Reisner
-
Rémy Oudompheng
-
Stéphane Gaudreault
-
Tobias Powalowski