and seems like generally sensible (more sensible than not doing so), so done
in generic code rather than compat glue only
Change proposed in PR kern/18767 by Emmanuel Dreyfus.
- leave 5 processes for root-only use, the previous value of 1
was unsufficient to execute additional commands once logged, and
perhaps also not enough to actually login remotely with recent (open)sshd
- protect the log of "proc: table full" with ratecheck(), so that
the message is only logged once per 10 seconds; though syslogd normally
doesn't pass the repeated messages through, this avoids flooding
syslogd and potentially also screen/logs
- If the process hits either system limit of number of processes in system,
or user's limit of same, force the process to sleep for 0.5 seconds
before returning failure. This turns 2000 rampaging fork monsters into
2000 harmlessly snoozing fork monsters.
The sleep is intentionally uninterruptible by signals.
These are not intended as ultimate protection agains fork-bombs.
Determined attacker can eat CPU differently than via repeating
fork() calls. But this is good enough to help protect against
programming mistakes or simple-minded tests.
Based on FreeBSD kern_fork.c change in revision 1.132 by
Mike Silbersack <silby at FreeBSD org>
Change also discussed on tech-kern@NetBSD.org, thread
'Fork bomb protection patch'.
strcmp() by performing path name length comparison first. In the test
with Mozilla, the number was reduced to 1068 from 7182 (yes, we saved
6114 strcmp()!).
config.cache depends upon 'include/.stamp configure config.h.in defs.mk.in'
and runs configure. Forcebly remove config.cache before running configure.
This change means that config.cache is (still) retained between "make clean"
(but not "make cleandir") runs, but is flushed if configure or config.h.in
is changed, as the cache may contain incorrect information in that case.
- -f, which allows to restrict edquota to only one quota-enabled filesystem
- -s and -h, which allows to set soft and hard limits respectively, without
the need to edit a file.
to read sector 18, and fallback to 1.44MB drive geometry if that fails.
This allows to boot from 1.44MB floppy disk in 2.88MB drive.
Tested with 2.88MB drive in IBM PS/2 model 95 donated
by 'Yokotashi' <lhc at kanal ucw cz> and Pavel Cahyna
<pavel.cahyna at st ms mff cuni cz>
Bump biosboot version.
Fixes PR kern/3418 by Keith Moore.
Change okayed by Frank van den Linden.
