Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 7 Aug 1997 23:05:31 -0700 (PDT)
From:      Tom Samplonius <tom@sdf.com>
To:        David Nugent <davidn@labs.usn.blaze.net.au>
Cc:        Alan Batie <batie@aahz.jf.intel.com>, hackers@freebsd.org
Subject:   Re: login classes 
Message-ID:  <Pine.BSF.3.95q.970807225546.187B-100000@misery.sdf.com>
In-Reply-To: <199708080421.OAA00454@labs.usn.blaze.net.au>

next in thread | previous in thread | raw e-mail | index | archive | help

On Fri, 8 Aug 1997, David Nugent wrote:

> >  Since daemon hasn't logged in, or been
> >  executed by something that can set the resource limits?
> 
> You're confusing logins with login classes, I think. :-)

  I'm assuming that the login process was the only thing that set the
resource limits from that users login class.  I had no idea that init set
these as well.  I was also surprised about cron, so I'll have to upgrade
some boxes.

  Do you have a comprehensive list of things that are setting the login
class?

> >  Also, the issue here is that Alan probably wants smsh NOT to have the
> >  limits of daemon, but of that user.  Lot of users screw up, and put junk
> >  in their .forward file, and when they get mail they end of chewing up CPU,
> >  and/or RAM.
> 
> Hmm. Then there's the other tack that mail delivery will unnecessarily
> fail because user resources are generally lower than the daemon class.

  Hmm, does mail delivery really require a lot of resources?

...
> There are arguments both ways. Personally I rely on the current behaviour,
> as procmail in particular tends to consume a lot of memory with large
> messages; more memory than I allow for shell users.

  I don't like procmail, I wish there was a simple filter that just looked
a headers, rather than scanning the entire message.  It also doesn't
support more "modern" mailbox types.

> The only other area I am aware of where there is a 'hole' is at(1),
> which is on the todo list. Other things keep cropping up and get
> higher on the list. :)

  Hmmm, doesn't wu-ftpd allow users to exec via "SITE EXEC"?  wu-ftpd
isn't installed by default, but you have to vigilant.  I guess this is
kinda of ports issue...

> Regards,
> David


Tom




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95q.970807225546.187B-100000>