From owner-freebsd-stable Tue Sep 21 16:47:27 1999 Delivered-To: freebsd-stable@freebsd.org Received: from luna.lyris.net (luna.shelby.com [207.90.155.6]) by hub.freebsd.org (Postfix) with ESMTP id 9357514E10 for ; Tue, 21 Sep 1999 16:47:24 -0700 (PDT) (envelope-from kip@lyris.com) Received: from luna.shelby.com by luna.lyris.net (8.9.1b+Sun/SMI-SVR4) id QAA18136; Tue, 21 Sep 1999 16:47:09 -0700 (PDT) Received: from (luna.shelby.com [207.90.155.6]) by luna.shelby.com with SMTP (MailShield v1.50); Tue, 21 Sep 1999 16:47:09 -0700 Date: Tue, 21 Sep 1999 16:47:09 -0700 (PDT) From: Kip Macy X-Sender: kip@luna To: Bryan Talbot Cc: stable@FreeBSD.ORG Subject: Re: kern.maxfiles and kern.maxfilesperproc In-Reply-To: <4.2.0.58.19990921163209.00a49f00@ekimaphost> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-SMTP-HELO: luna X-SMTP-MAIL-FROM: kip@lyris.com X-SMTP-RCPT-TO: btalbot@ucsd.edu,stable@FreeBSD.ORG X-SMTP-PEER-INFO: luna.shelby.com [207.90.155.6] Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG You are correct -- what one really needs is a per user limit on files -- there may already be something to that effect, although I do not know of it. On Tue, 21 Sep 1999, Bryan Talbot wrote: > At 04:23 PM 9/21/99 , Kip Macy wrote: > >Thanks. Although having maxfiles == maxfilesperproc might make sense for > >special cases e.g. a machine completely dedicated to one process -- It is > >dangerous at best for the general case. Any malicious program can make a > >machine running FreeBSD non-functional. The default should be set with the > >average user in mind, namely protecting him from himself. > > > > > > -Kip > > > But adjusting maxfilesperproc > maxfiles won't protect you from a malicious > process or user any more than having maxfilesperproc == maxfiles. Just > fork() or run two (or more) processes that open all the file handles. Same > result, right? > > -Bryan > > > ===================================================================== > IMPORTANT NOTICE: According to certain suggested versions of the > Grand Unified Theory, the primary particles constituting this > message may decay to nothingness within the next Four Hundred > Million Years. > ===================================================================== > "I think not!" said Descartes, who promptly disappeared. > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-stable" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message