Re: ITP memlockd
On Friday 09 February 2007 10:43, Brian May <bam@snoopy.debian.net> wrote:
> How much memory typically needs to be locked for this to be
> beneficial?
It's best to have the shell used by the sysadmin, the login chain (getty +
login or sshd and the PAM stuff), some utilities (EG busybox), and all shared
objects used by them. But you can get by with a lot less.
I've attached a sample config file that causes just under 10M of RAM to be
used. No big deal on a machine with 256M of RAM that is likely to experience
a DOS attack.
--
russell@coker.com.au
http://etbe.blogspot.com/ My Blog
http://www.coker.com.au/sponsorship.html Sponsoring Free Software development
/bin/bash
/lib/libncurses.so.5
/lib/tls/i686/cmov/libdl.so.2
/lib/tls/i686/cmov/libc.so.6
/usr/sbin/sshd
/lib/libwrap.so.0
/lib/libpam.so.0
/lib/tls/i686/cmov/libdl.so.2
/lib/libselinux.so.1
/lib/tls/i686/cmov/libresolv.so.2
/usr/lib/i686/cmov/libcrypto.so.0.9.8
/lib/tls/i686/cmov/libutil.so.1
/usr/lib/libz.so.1
/lib/tls/i686/cmov/libnsl.so.1
/lib/tls/i686/cmov/libcrypt.so.1
/usr/lib/libgssapi_krb5.so.2
/usr/lib/libkrb5.so.3
/usr/lib/libk5crypto.so.3
/lib/libcom_err.so.2
/usr/lib/libkrb5support.so.0
/lib/tls/i686/cmov/libc.so.6
/lib/ld-linux.so.2
/lib/libsepol.so.1
/bin/busybox
/lib/tls/i686/cmov/libm.so.6
Reply to: