[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <alpine.DEB.1.10.0901281551490.21401@alien.or.mcafeemobile.com>
Date: Wed, 28 Jan 2009 15:54:49 -0800 (PST)
From: Davide Libenzi <davidel@...ilserver.org>
To: Chris Adams <cmadams@...aay.net>
cc: linux-kernel@...r.kernel.org
Subject: Re: [patch 016/104] epoll: introduce resource usage limits
On Wed, 28 Jan 2009, Chris Adams wrote:
> Once upon a time, Davide Libenzi <davidel@...ilserver.org> said:
> >I already gave you my opinion on such code. There is no need for it. If
> >your servers are loaded, in the same way you bump NFILES (and likely
> >even other default configs), you bump up max_user_instances:
>
> The flip side of that is this could just be added to the list of limits
> you set on a multi-user system if you don't want $LUSER to DoS your
> server (such as max procs, cpu time, virtual memory, etc.). I don't
> think this is a security issue on single-user systems or servers with
> only privileged access.
>
> Admins of multi-user systems are used to having to manage limits (see
> pam_limits for example). Admins of single-user or privileged servers
> (e.g. mail or non-shared web servers) are not for the most part (postfix
> doesn't open 1025 files in a single process).
It seems this is the most agreeable solution based on this thread replies.
That is, leave it unbound, and offer limiting capabilities to multiuser
sysadmins.
- Davide
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists