Re: [Jailkit-users] Prevent Fork Bombs on Jailed Python Interpreter

[Gregory Piñero]

On 10/25/07, Gregory Piñero <address@hidden> wrote:
> > This is usually done by setting values in limits.conf (to be found in /etc
> > or /etc/security). The file comes with good comments and a few examples. So
> > there is some basis there to work from.
> > Remember that a normal shell session via jailkit already uses a few
> > processes, so don't go setting the number too strictly. On the other hand,
> > memory should probably be guarded more closely.
> >

I have a script run by root that launches six of these:
jk_chrootlaunch -u jailtest -g jailtest -j /srv/jail_for_python/ -x
/srv/jail_for_python/usr/bin/python2.4 exec_worker.py

So I tried adding this to limits.conf:
jailtest        hard    nproc   1

But I'm still allowed to start the 6 processes.

Any ideas?

-Greg