testing/pam
SHA256
6
0
Fork 0
forked from pool/pam
Code Pull Requests Activity

Accepting request 242966 from home:bmwiedemann:branches:Linux-PAM

Browse Source 
limit number of processes to 700 by default to harden against fork-bombs

OBS-URL: https://build.opensuse.org/request/show/242966
OBS-URL: https://build.opensuse.org/package/show/Linux-PAM/pam?expand=0&rev=141
This commit is contained in:
Tomáš Chvátal
2014-12-25 17:01:00 +00:00
committed by Git OBS Bridge
parent 9b92f7495c
commit bdcad7ea0f
3 changed files with 23 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
pam-limit-nproc.patch Normal file
View File

@@ -0,0 +1,15 @@
Index: Linux-PAM-1.1.8/modules/pam_limits/limits.conf
===================================================================
--- Linux-PAM-1.1.8.orig/modules/pam_limits/limits.conf
+++ Linux-PAM-1.1.8/modules/pam_limits/limits.conf
@@ -47,4 +47,10 @@
#ftp hard nproc 0
#@student - maxlogins 4
+# harden against fork-bombs
+* hard nproc 800
+* soft nproc 700
+root hard nproc 900
+root soft nproc 850
+
# End of file