Sending a signal to the process group kills all fork bombs in my experience.
A signal to the process group also kills what we call "comets", a process that forks then exits. You can never catch a PID to kill the comet directly. They can even be hard to detect on a busy system. lastcomm process logs are often the only way to see one.
The other requirement is process limits on users. Fork bombs will make a system unusable if there are no limits.
I don't really see the need for this patch in the kernel. The current facilities of process groups and user process limits solve all the problems that I've seen.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds