| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 20 May 2009 06:36:04 +0200 From: Willy Tarreau <w@....eu> To: Henrique de Moraes Holschuh <hmh@....eng.br> Cc: Alan Cox <alan@...rguk.ukuu.org.uk>, Andrea <andrea256it@...oo.it>, linux-kernel@...r.kernel.org Subject: Re: super root shell/mode/api On Mon, May 18, 2009 at 01:12:31PM -0300, Henrique de Moraes Holschuh wrote: > On Mon, 18 May 2009, Alan Cox wrote: > > Your distribution failed to configure your system sensibly in that case. > > Linux has supported a strict overcommit mode for some years, and in that > > mode a process isn't permitted to drive the system so far out of memory > > it locks up or hangs. > > Err... strict overcommit is vm.overcommit_memory=2, right? That means no > overcommit at all (as far as the documentation goes, anyway). exactly > Which distros enable that by default? I don't know if mainline distros do this, but some distros dedicated to embedded systems have been using that for ages, almost since Alan published his first overcommit patch a long time ago. It's the only way to reach very long uptimes on servers, as it also protects you against your own mistakes (eg: stupid actions such as "vi access.log" when the file is larger than memory). Willy -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists