reassign 472629 libpam-modules thanks Le mardi 25 mars 2008 à 13:33 +0100, Josselin Mouette a écrit : > Currently, the default value for RLIMIT_MEMLOCK (defined in > include/linux/resource.h) is 32 KiB, because this value is enough for > GnuPG. > > However this value is not enough for gnome-keyring-daemon, which will > store both SSH and GnuPG keys, plus user passwords for various kinds of > resources. Upstream authors recommend to provide a limit of at least 256 > KiB for RLIMIT_MEMLOCK for the keys to remain securely in memory. > > Given the amount of memory in current machines, I think 256 KiB is still > a very reasonable value. Could you please increase the default in the > kernel? Looking at the reactions on the LKML, it looks like the kernel developers will sooner or later remove this limitation in a way that forces distributors to set it in userspace, so we’re better off starting to do it right now. Which leaves pam_limits.so and its configuration file /etc/security/limits.conf. Steve, would you agree to start setting this default in the PAM package? Cheers, -- .''`. : :' : We are debian.org. Lower your prices, surrender your code. `. `' We will add your hardware and software distinctiveness to `- our own. Resistance is futile.
Attachment:
signature.asc
Description: Ceci est une partie de message =?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=