Re: forkbombing Linux distributions

From: Max Kellermann
Date: Wed Mar 23 2005 - 10:00:02 EST

Next message: Natanael Copa: "Re: forkbombing Linux distributions"
Previous message: Jan Engelhardt: "Re: error while implementing kill()"
In reply to: Natanael Copa: "Re: forkbombing Linux distributions"
Next in thread: Natanael Copa: "Re: forkbombing Linux distributions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2005/03/23 15:44, Natanael Copa <mlists@xxxxxxxxxx> wrote:
> Yes, but if
> RLIMIT_NPROC is per user and RLIMIT_CPU is per proc
>
> the theoretical CPU limit per user is RLIMIT_NPROC * RLIMIT_CPU. So if
> you half the RLIMIT_NPROC you will half the theoretical maximum CPU
> limit per user.
>
> Same with memory.

It's even worse with RLIMIT_CPU. Imagine a process forks
RLIMIT_NPROC-1 child processes. These consume all their CPU time, get
killed with SIGXCPU, and the parent process spawns new child processes
again with fresh RLIMIT_CPU counters (the parent process idled
meanwhile, consuming none of its assigned CPU cycles). Again and
again.

You see, RLIMIT_CPU is worthless in its current implementation.

Max

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Natanael Copa: "Re: forkbombing Linux distributions"
Previous message: Jan Engelhardt: "Re: error while implementing kill()"
In reply to: Natanael Copa: "Re: forkbombing Linux distributions"
Next in thread: Natanael Copa: "Re: forkbombing Linux distributions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]