Comment 1 for bug 14505
Revision history for this message
| Martin Pitt (pitti) wrote Re: Consider setting more restrictive default ulimits | #1 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
7020100
(Get the code!)
(In reply to comment #0)
> /etc/security/
> * hard nproc 2048
This would prevent the easiest class of forkbombs from DoS'ing the computer, but
alone this really achieves not much more. In addition you need to limit the
number of logins, the memory, cpu time, etc. to provide a halfway effective DoS
protection.
Especially the maximum amount of allowed memory should be restricted dynamically
and depending on the size of available RAM; limits.conf does not offer this
functionality unfortunately.