[
https://issues.apache.org/jira/browse/DAEMON-270?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Mladen Turk resolved DAEMON-270.
--------------------------------
Resolution: Won't Fix
Won't fix until you came up with some patch that would solve this issue without
affecting security.
> JSVC process capability issue
> -----------------------------
>
> Key: DAEMON-270
> URL: https://issues.apache.org/jira/browse/DAEMON-270
> Project: Commons Daemon
> Issue Type: Bug
> Components: Jsvc
> Affects Versions: 1.0.11
> Environment: Linux centos 6.3, jdk1.7, tomcat
> Reporter: Raintung Li
>
> For jsvc, start fork process to start JVM, then downgrade the process
> capability to 0.
> Is it really requirement? or any concern?
> For my test env, it happen can't start more threads in the java.
> After the check, it is limited by "ulimit -u" max process for user. It is
> very interesting things, actually it doesn't control threads by this
> attribute in the normal process.
> Downgrade the process capability cause this issue. Max threads number should
> be control by env memory, kernel max threads parameter, stack size.
> For my suggestion, could remove downgrade the process capability, only
> inherit the parent's process capability and add some "read/netbind/setuid.."
> extra privilege if don't have.
>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
