* user limits for 'security'?
@ 2001-06-25 19:26 LA Walsh
2001-06-25 19:42 ` LA Walsh
0 siblings, 1 reply; 2+ messages in thread
From: LA Walsh @ 2001-06-25 19:26 UTC (permalink / raw)
To: Linux Kernel Mailing List
I've seen some people saying that user-limits are an essential part of a
secure system to prevent local DoS attacks. Given that, should
a system call like 'fork' return -EPERM if the user has reached their
limit?
My local manpage (SuSE 7.2 system) says this under fork:
ERRORS
EAGAIN fork cannot allocate sufficient memory to copy the
parent's page tables and allocate a task structure
for the child.
-----
Should the man page be updated to reflect that EAGAIN is returned
when the user has reached their limit? From a user-monitoring point
of view, it might be security relevant to know if a EAGAIN is being
returned because the system really is low on resources or if it
is a user hitting their limit.
--
The above thoughts and | I know I don't know the opinions
writings are my own. | of every part of my company. :-)
L A Walsh, law at sgi.com | Sr Eng, Trust Technology
01-650-933-5338 | Core Linux, SGI
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2001-06-25 19:45 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2001-06-25 19:26 user limits for 'security'? LA Walsh
2001-06-25 19:42 ` LA Walsh
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.