prevent forks
Posted: Wed Jul 19, 2006 7:27 am
hello,
i've set up a policy for my system and its applications and everything seems to work except for one issue
there are 2 files
/etc/limits.conf
/etc/security/limits
in these, process limits can be set up for users. but it doesn't work for root
if i understand correctly, RES_NPROC in grsec can help with eliminating of any fork bomb related risk
i used ); { :|:& };: as a test, for users it works, for root no
i've tried to place RES_NPROC under various subjects in root ACL, but the system went always down after execution
how can i solve this issue? (where to place this limit in ACL to make it work?)
i've set up a policy for my system and its applications and everything seems to work except for one issue
there are 2 files
/etc/limits.conf
/etc/security/limits
in these, process limits can be set up for users. but it doesn't work for root
if i understand correctly, RES_NPROC in grsec can help with eliminating of any fork bomb related risk
i used ); { :|:& };: as a test, for users it works, for root no
i've tried to place RES_NPROC under various subjects in root ACL, but the system went always down after execution
how can i solve this issue? (where to place this limit in ACL to make it work?)