Re: [patch 016/104] epoll: introduce resource usage limits

[Chris Adams]

Once upon a time, Davide Libenzi  <davidel@xxxxxxxxxxxxxxx> said:
>I already gave you my opinion on such code. There is no need for it. If 
>your servers are loaded, in the same way you bump NFILES (and likely 
>even other default configs), you bump up max_user_instances:

The flip side of that is this could just be added to the list of limits
you set on a multi-user system if you don't want $LUSER to DoS your
server (such as max procs, cpu time, virtual memory, etc.).  I don't
think this is a security issue on single-user systems or servers with
only privileged access.

Admins of multi-user systems are used to having to manage limits (see
pam_limits for example).  Admins of single-user or privileged servers
(e.g. mail or non-shared web servers) are not for the most part (postfix
doesn't open 1025 files in a single process).

-- 
Chris Adams <cmadams@xxxxxxxxxx>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/