24 Jun
2009
24 Jun
'09
1:21 a.m.
On Tue, 2009-06-23 at 15:19 -0700, Fernando Lopez-Lezcano wrote:
On Tue, 2009-06-23 at 16:27 -0400, Paul Davis wrote:
> On Tue, Jun 23, 2009 at 4:15 PM, Fernando
> Lopez-Lezcano<nando(a)ccrma.stanford.edu> wrote:
> > Hmmm, did Lennart specifically answer the issue of the clone bomb? I
> > can't remember and the thread is looong (I had a couple of points that I
> > made that seemed to be valid and never got a confirmation reply)...
>
> i believe he claimed the watchdog deals with this.
This is what I think is the relevant part of his answer:
On Mon, 2009-06-22 at 17:26 +0200, Lennart Poettering
wrote:
What SCHED_RESET_ON_FORK fixes is that a process cannot fork() (as in
process) to evade the kill() of a supervisor process.
Without this flag you always have a race where the killer process
would have a hard time killing a process that is duplicating itself
exponentially.
What matter is that to put an end to the thread bomb process all we
need to do is one call to kill().
Hmmm, so fork bombs are more difficult (impossible?) to eradicate without
the SCHED_RESET_ON_FORK patch), thread bombs are done with one kill
one way or the other, would that be correct?
And the watchdog deals with both.
-- Fernando