[tech] Process ulimits on Mussel and Martello
Adrian Woodley
Adrian at Diskworld.com.au
Thu Feb 3 13:42:50 WST 2011
Heaven help us if medical doctors start using engineering practice.
On 02/01/11 22:34, Duncan Sargeant wrote:
> Proper engineer practice calls for you to use a fork bomb to refine
> the limit to a suitable value ... *grin*
>
> ,dunc
>
> On 1 February 2011 14:42, David Adam <zanchey at ucc.gu.uwa.edu.au
> <mailto:zanchey at ucc.gu.uwa.edu.au>> wrote:
>
> So a certain genius who will remain nameless decided to see if a
> forkbomb
> would work on Mussel. Apparently this is no longer deserving of an
> account
> locking, but as it's not the first time in recent years I decided
> it was
> probably time we did something about it.
>
> /etc/security/limits.conf on Mussel and Martello has been set with
> a soft
> limit of 4096 processes on all user accounts. getrlimit(2) informs
> me that
> on Linux this enforces a limit of 4096 threads per real UID.
> That's still
> enough to build Mozilla Firefox and run my screen session, and
> it's a soft
> limit anyway so if you're really struggling you can just bump it
> up with
> `ulimit -u onezillion` or whatever.
>
> 4096 was a number I pulled out of the air; there is little to no
> science
> behind it and is not intended to stand up to malicious attacks.
> There are
> still at least a thousand ways of exhausting resources on
> multiuser Linux
> systems anyway.
>
> David Adam
> UCC Wheel Member
> zanchey at ucc.gu.uwa.edu.au <mailto:zanchey at ucc.gu.uwa.edu.au>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.ucc.gu.uwa.edu.au/pipermail/tech/attachments/20110203/9de423e2/attachment.htm
More information about the tech
mailing list