Posted Mar 31, 2011 23:31 UTC (Thu) by mrons (subscriber, #1751)
Parent article: Fighting fork bombs
I administer a system shared by comp sci students and see a lot of fork bombs.
Sending a signal to the process group kills all fork bombs in my experience.
A signal to the process group also kills what we call "comets", a process that forks then exits. You can never catch a PID to kill the comet directly. They can even be hard to detect on a busy system. lastcomm process logs are often the only way to see one.
The other requirement is process limits on users. Fork bombs will make a system unusable if there are no limits.
I don't really see the need for this patch in the kernel. The current facilities of process groups and user process limits solve all the problems that I've seen.