(not CCing security, since it's not a security bug and it's too late to verify if they should be on cc. Will do later.)
Anand Jahagirdar <[EMAIL PROTECTED]> wrote: > This patch Warns the administrator about the fork bombing attack > (whenever any user is crossing its process limit). I have used > printk_ratelimit function in this patch. This function helps to > prevent flooding of syslog and prints message as per the values set by > root user in following files:- > > 1) /proc/sys/kernel/printk_ratelimit:- This file contains value for, > how many times message should be printed in syslog. [...] I'm wondering: Can these ratelimits be used to tell real forkbombs from normal oops-i-hit-the-limits? I imagine if you have your private ratelimit, that might just do the trick. Beware: I have no idea on how much such an extra ratelimit would cost, and if having that ratelimit-based detector would actually be a gain. -- Ever notice how fast Windows runs? Neither did I. Friß, Spammer: [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
