On Wed, Dec 04, 2002 at 10:07:35AM +0100, Jaromir Dolecek wrote:
> Hi,
> following is a deal with common forkbomb attacks. The change
> is based on FreeBSD kern_fork.c change in rev.1.132. Please
> let me know if you'd see anything obviously wrong in the
> patch; I'll commit the change later today otherwise.
> 
> Changes:
> * leave 10 processes for root-only use
>   - 1 is not enough to get through sshd login nowadays (as pointed
>     out by Bang Jun-Young), and it makes it easier for root
>     to handle the problem
> * use ratecheck() to limit the 'table full' messages to once per 10s 
>   - this is to reduce spam to syslogd and thus log/console; this
>     is still useful even through syslogd normally doesn't actually
>     log the repeated messages
> * make process sleep for 0.5s if the system table is full
>   or when the user reaches their process number limit
>   - this is to not hog the system with huge number of CPU-hungry
>     looping processes

It worked like a champ. Thanks!

Jun-Young

-- 
Bang Jun-Young <junyoung@netbsd.org>