Re: Shouldn't debian be configured better by default ?
On 7/11/99 Sami Dalouche wrote:
While I was cleaning my home directory, I saw this program that I compiled.
After that, I launched it and... My X became frozen and then crashed
( I executed the program in an Xterm). I think it's because it used
all the memory available...
I don't want to try but what could happen if I'd have run it from a console
? Whould the system crash ?
I find it surprising that this program caused this much damage...
I once tried to crash my Redhat GNU/Linux system with 96MB of real
ram and 64MB swap partition, so I had netscape 4.6 go to a keyserver
and search for `michael' (which this server will return a couple
thousand results in one complicated html page that ends up being
about 15MB in size) well after a long time watching netscape bloat up
eventually all memory was consumed all swap all real, any attempt to
run the smallest of utilities resulted in seg faults...
$ ps
Segmentation fault
:)
all i had to do was (slowly) hit the close box on netscape and it
went away and all was well and i kept on adding to a 50+ day uptime
iirc.
I think there is a way (or more than one) to be sure a user doesn't crash
the system by using all the memory available.
I've heard a bit about the /etc/limits file but it seems that it's a per
login configuration, which has a lot of disadvantages. I'd like to know if
there is a way to impose GLOBAL/per user limits. If a such {program ;
configuration file } exist, I'd like to know why debian shouldn't be
configured to impose quotas by default. I think it's very disapointing to
let every user crash the system by default :-((
Have you a better idea to avoid this kind of program to crash the system ?
i suspect /etc/limits is obsolete under potato because it uses PAM
and there is a pam_limits module that i think takes this over (i have
not checked i could be wrong) I have played with pam_limits and it
can be made to do what you want, however I am not sure what
reasonable values are to set for the various things you can limit
with it...
another option is ulimit (bash) which does the same things as
pam_limits except its not protected, a user can un ulimit all they
want.
what I think would be a good thing is getting the right pam_limit
values that are very generous but just enough to keep a single user
from crippling the system (and preventing the operator from accessing
the root account or using kill ($ kill -- segmentation fault :-) )
i think something like ext2fs' default 5% reserved blocks for root to
prevent someone from completely filling a filesystem. somehow keep
5% of memory available for use by root to take care of an obnoxious
user (or user accident)
it would be nice to hear from people about what a reasonable limit
is for the various limits in pam_limits.
Best Regards,
Ethan Benson
To obtain my PGP key: http://www.alaska.net/~erbenson/pgp/
Reply to: