[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Jailkit-users] Prevent Fork Bombs on Jailed Python Interpreter

From: Gregory Piñero
Subject: Re: [Jailkit-users] Prevent Fork Bombs on Jailed Python Interpreter
Date: Fri, 26 Oct 2007 00:49:11 -0400

On 10/25/07, Gregory Piñero <address@hidden> wrote:
> I have a script run by root that launches six of these:
> jk_chrootlaunch -u jailtest -g jailtest -j /srv/jail_for_python/ -x
> /srv/jail_for_python/usr/bin/python2.4 exec_worker.py
> So I tried adding this to limits.conf:
> jailtest        hard    nproc   1
> But I'm still allowed to start the 6 processes.

Ok, here's the latest.  I think limits.conf only works for logged in
users, not for my special jail user.

So I found this nifty tool which seems to work

Here's how I call it:
sudo jk_chrootlaunch -u jailtest -g jailtest -j /srv/jail_for_python/
--exec /srv/jail_for_python/softlimit -- -p 1 -m 12000000
/usr/bin/python2.4 exec_worker.py

I put softlimit in the jail with permissions root:root -rwx--x--x


reply via email to

[Prev in Thread] Current Thread [Next in Thread]