[tech] Process ulimits on Mussel and Martello
Duncan Sargeant
dunc+wheel at dunc.org
Tue Feb 1 22:34:22 WST 2011
Proper engineer practice calls for you to use a fork bomb to refine the
limit to a suitable value ... *grin*
,dunc
On 1 February 2011 14:42, David Adam <zanchey at ucc.gu.uwa.edu.au> wrote:
> So a certain genius who will remain nameless decided to see if a forkbomb
> would work on Mussel. Apparently this is no longer deserving of an account
> locking, but as it's not the first time in recent years I decided it was
> probably time we did something about it.
>
> /etc/security/limits.conf on Mussel and Martello has been set with a soft
> limit of 4096 processes on all user accounts. getrlimit(2) informs me that
> on Linux this enforces a limit of 4096 threads per real UID. That's still
> enough to build Mozilla Firefox and run my screen session, and it's a soft
> limit anyway so if you're really struggling you can just bump it up with
> `ulimit -u onezillion` or whatever.
>
> 4096 was a number I pulled out of the air; there is little to no science
> behind it and is not intended to stand up to malicious attacks. There are
> still at least a thousand ways of exhausting resources on multiuser Linux
> systems anyway.
>
> David Adam
> UCC Wheel Member
> zanchey at ucc.gu.uwa.edu.au
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.ucc.gu.uwa.edu.au/pipermail/tech/attachments/20110201/8a59acf0/attachment.htm
More information about the tech
mailing list