Comments on: How to: Prevent a fork bomb by limiting user process

By: Adam Ziaja

Adam Ziaja — Sat, 14 Jan 2012 01:08:12 +0000

vivek fail… soft don’t give warning, soft work same as hard, but can do something, you know what?:)

By: Anna

Anna — Fri, 13 Jan 2012 21:42:32 +0000

What does the forkbom then do if you set this configuration? It still can get executed right? Then it will call it self 300 times and then just stop? Or…?!

By: kazem

kazem — Mon, 17 Oct 2011 13:35:03 +0000

Hello,
the limit.conf settings affected SSH sessions only can it be used to control services processes like apache – mysql …etc to limit apache user or mysql user ‘s processes ?
thank you

By: Nilesh

Nilesh — Mon, 27 Jun 2011 15:22:30 +0000

Thanks for the tip!
One step further, to make the server secure :)

By: vinterkind

vinterkind — Tue, 10 May 2011 08:26:40 +0000

How did you measure those limits ?
Are they memory-based ?

In Debian 6 I needed to add the pam_limits.so Module into my session-file.
e.g. session required pam_limits.so conf=/etc/security/limits.conf

then the bomb depleted its resources..
Have fun!

By: TimeWeaver

TimeWeaver — Wed, 02 Mar 2011 20:49:40 +0000

This doesn’t work for daemon processes (redhat linux). The nproc limits are ignored if the parent of the original forking process is 1. Does anybody have a way around that?

By: MtK

MtK — Mon, 01 Nov 2010 17:55:15 +0000

Hey,
for me I never got ulimit to work on any of my Centos installation.
my last test was today on a fresh installation of Centos 5.5 64bit:
# ulimit -u
32768
# ulimit -u 30
# ulimit -u
30

and I could still run a fork bomb as a non-root user.

By: David BM

David BM — Mon, 16 Aug 2010 17:14:45 +0000

Thanks, really useful. Good job.

By: Mike Pearce

Mike Pearce — Tue, 02 Mar 2010 21:21:53 +0000

if I set:
@student hard nproc 50

does this mean that each member of the “student” group will be able to run up to 50 processes, or the maximum number of processes is 50 for any member of the “student” group, i.e. if I have 2 students logged in (that share the same student group) their combined max proc is still 50.

By: Felipe

Felipe — Sat, 22 Aug 2009 04:52:17 +0000

When i use “cpulimit” program, with apropriate options, i get this error:

Segmentation fault (core dumped)

An core dump file is created when i run cpulimit for limit apache (httpd).

My server is an Core2Quad 64 Bits…maybe cause i’m using 64 Bits?

Thanks!

By: divine

divine — Fri, 14 Aug 2009 12:15:23 +0000

Can i do it for root user

root hard nproc 50

By: Stefan Apke

Stefan Apke — Tue, 11 Aug 2009 17:25:10 +0000

@Samuel Huckins: Hmmm?
Kubuntu-9.04-alternate-amd64 (encr. ~dir.):
sudo vi /etc/security/limits.conf [i] ... #@student - maxlogins 4 lider hard nproc 300

# End of file
[ESC] [:][w][q][!]
Reboot!
Konsole (KDE):
lider@xbox:~$ :(){ :|:& };: [1] 3606 lider@xbox:~$ bash: fork: Resource temporarily unavailable bash: fork: Resource temporarily unavailable ... bash: fork: Resource temporarily unavailable #after a while - nothing bad happend - there were enough resources for [^][c]

[1]+ Terminated : | : lider@xbox:~$

After that I became too saucy and tried:
lider hard nproc 50
That was a bad idea! Cause in KDE really nothing worked (motto: “Come in and don’t go out any more!”). And I’m not sure if I typed in the Magic SysRq too quickly or if I gave in the wrong types. But: my XServer was *hardly* broken and my *whole* audio-system was totally crashed. I have not had such a heavy break-down in more than 10 years Linux-experience! No chance to fix the problems totally in 2-3 hours! But: I tested it on a pure testing-disc and it didn’t matter for me. If it had been my working-station, my last hair would have faded to grey.

By: Samuel Huckins

Samuel Huckins — Thu, 11 Jun 2009 02:20:00 +0000

@Robert Delahunt: While I am on Ubuntu 9.04, your suggestion was the only one that worked. For me setting hard and soft limits for users in /etc/security/limits/conf had no effect. I had to place ulimit -u NUM in /etc/profile for it to stick. Thanks!

By: Robert Delahunt

Robert Delahunt — Sun, 04 Jan 2009 14:56:35 +0000

I don’t see any info for doing it without PAM, so here’s some info (for us Slackware people, etc, and others not using PAM):

Put this in /etc/profile.conf:

ulimit -u 100

where this is the limit of processes anyone can run. Be warned that it could cause problems if you don’t know how many typical processes you run, so play with ps aux | wc -l and other stuff to check how many you would need. Cheers!

By: Joshi

Joshi — Wed, 03 Dec 2008 18:41:20 +0000

hi Sergei,

i think this can be done via:
apt-get install cpulimit

cheers
joshi

By: Sergei Vasilyev

Sergei Vasilyev — Thu, 14 Aug 2008 13:09:15 +0000

I wonder how to limit number of used cpu cores per user or per user process in case when process is multithreaded and server has multiply number of CPU.

By: ATOzTOA

ATOzTOA — Wed, 30 Jan 2008 04:19:52 +0000

Tried the Fork BOmb… Worked perfectly :)

By: sandoz

sandoz — Mon, 17 Dec 2007 14:03:14 +0000

Actually soft limits work like hard limits except, that the user can change them up to the hard limit.

Say:
@student soft nproc 30 @student hard nproc 50

@students can run 30 process. After that starting processes will fail. But an
ulimit -Su 50
will make it possible for them to run 50 processes, in that shell until the next logout.

To make changes work, the user has to logout and login again. All user already logged in are able to work as before.

sandoz

By: MaoP

MaoP — Sun, 09 Dec 2007 08:39:22 +0000

man ulimit
google linux sysctl limit proccess

By: mastrboy

mastrboy — Sat, 08 Dec 2007 23:50:38 +0000

is there a way to activate these settings on a running system? Currently i have not found any other solution that to reboot to make the settings active :(

(using debian etch)