How can you tell the difference between something like a heavily loaded web server and a fork bomb? In both cases you have a non-root user spawning a number of processes. Is it the job of the distro maintainers to make a judgment on what the user's system can handle? Default process, memory use, and other limits can be set to target what your "typical" modern computer can handle, but your old 486 may still buckle under the load before the limits are reached.

You either have to train users to tweak the limits for their environment, or to set them in the first place. I agree that you want to set certain parameters out of the box, but I think it's more complex than just picking a number out of thin air and applying it as a limit. Besides process limits are not as much of a concern to those running servers that only administrators log in to, or, likewise, desktop users. You don't want to antagonize the bulk of your customers by creating restrictions that may cause them problems.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/308/30966#30966