On Mon, Jan 17, 2000 at 06:10:29PM -0500, kutek@cybercomm.net wrote:
>
>
> recently there was discussion on bugtraq about sshd not respecting limits.
>
> this surprised me greatly, since i had assumed i had this covered in my
> /etc/initscript.
>
> i was wrong.
>
> the question is: why is this done at the app level, rather than enforced
> by the kernel?
They are. But since sshd is started with root-privileges (and root usually
has no resource limits) this is almost certainly a bug in sshd not setting
the appropriate resource levels for the user. Note that you can set some
resource levels in the GCOS field of /etc/passwd, depending on your libc
and login program. Quoting passwd(5) on Debian/Linux:
...
The comment field is used by various system utilities,
such as finger(1). Three additional values may be present
in the comment field. They are
pri= - set initial value of nice
umask= - set initial value of umask
ulimit= - set initial value of ulimit
These fields are separated from each other and from any
other comment field by a comma.
...
Yours,
Dominik
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Jan 23 2000 - 21:00:17 EST