Subject: Re: Fork bomb protection patch
To: None <woods@weird.com>
From: Havard Eidnes <he@netbsd.org>
List: tech-kern
Date: 12/05/2002 08:43:56
> The real fun is doing it on a slow async console terminal with sticky=
> keys and only one free process slot to work in. Been there, done tha=
t,
> didn't even really break a sweat (though I sure wouldn't want to have=
to
> be doing it that way every day! :-)
Now, so you think because it's been hard in the past, and you suffered
through it but managed to deal, it should continue to be hard? Sorry,
I don't get it.
> > if he can get at the required
> > CPU resources,
> =
> That's _really_ _NOT_ a problem if the various parts of the system wo=
rk
> together properly.
Please send code if you think this needs improvement.
> That's clearly the wrong solution to the problem.
Au contraire. That's a simple and elegant solution to the fork bomb
problem.
Sure, it's not an end to all local DoS attacks, but IMHO it deals with
this particular and, I dare say, not entirely uncommon instance.
Regards,
- H=E5vard