Fork bomb protection not working : Amount of processes not limited

Posted by d_inevitable on Ask Ubuntu See other posts from Ask Ubuntu or by d_inevitable
Published on 2012-03-23T21:42:11Z Indexed on 2012/03/23 23:39 UTC
Read the original article Hit count: 421

Filed under:
|
|
|

I just came to realize that my system is not limiting the amount of processes per user properly thus not preventing a user from dring a fork-bomb and crashing the entire system:

user@thebe:~$ cat /etc/security/limits.conf | grep user
user        hard    nproc   512
user@thebe:~$ ulimit -u
1024
user@thebe:~$ :(){ :|:& };:
[1] 2559
user@thebe:~$ ht-bash: fork: Cannot allocate memory
-bash: fork: Cannot allocate memory
-bash: fork: Cannot allocate memory
-bash: fork: Cannot allocate memory
-bash: fork: Cannot allocate memory
-bash: fork: Cannot allocate memory
-bash: fork: Cannot allocate memory
-bash: fork: Cannot allocate memory
...
Connection to thebe closed by remote host.

Is this a bug or why is it ignoring the limit in limits.conf and why is not applying the limit that ulimit -n claims it to be?

PS: I really don't think the memory limit is hit before the process limit. This machine has 8GB ram and it was using only 4% of it at the time when I dropped the fork bomb.

© Ask Ubuntu or respective owner

Related posts about 11.10

Related posts about process