>I know offering shell account services is dangerous because of all the
>script and warez kiddies. Blocking warez could be as simple as using
>What are some ways, if any, to prevent abuse on systems.
>For example: for (;;) fork();
>I am not sure of all the problems that occur with offering shell accounts.
>Would anyone be willing to share problems they face and possible solutions
Setting proper ulimits for each user.
On FreeBSD each user is in a separate login class, (you can control which
login classes people are in by using pw, man 8 pw)
By default on FreeBSD /etc/login.conf holds information about the different
ulimits by default, so for example
# Default users login
:path=/bin /usr/bin /usr/local/bin\
This sets some default values, cputime, memorylock, max processes, etc.
man 5 login.conf for more details.