Hogfly, ammo, thankyou.

I have already discovered pam_limits. While it was not obvious immediately (for instance googling for "Fork bomb" and "Linux" gives you lots of src code for fork bombs and the like).

pam_limits is a godsend, it does lots of good stuff.

As I'm running Slackware on my shell server which doesn't have PAM, I had build PAM, and rebuild sshd to use it (having uninstalled the old one).

Now users get strict process limits, and if they try to create a fork bomb it still works, but it no longer consumes all resources. This is good.