[lxc-devel] process number limit

[William Dauchy]

Hi Robert,

On Sun, May 12, 2013 at 10:15 PM, Robert Gierzinger
<robert.gierzinger at gmx.at> wrote:
> Is there anything planned to restrict exhaustive process generation in a
> guest or any other means to defend against fork bombs?

In recent kernels (such as 3.9.x) you have
`memory.kmem.limit_in_bytes` which could be use for that purpose.
see
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/plain/Documentation/cgroups/memory.txt

Regards,
--
William