On Thu, Apr 06, 2006 at 12:00:28AM +0200, Jonathan Glaschke wrote:
(...)
> prevent one user of the login class "default" to stop my hole system.
>
> Would it be nice to change this per default to achieve the ideal of
> being "secure by default"?
>
> Has such a high kern.maxfiles disadvantages?
>
> Did i miss something?
>
(...)
Well, it's not a security hole, it's a default behaviour ;)
You could also complain, that we don't have disk quota per default and
users can DoS(tm) system.
Nevertheles, i've run into this problem on one of my servers - on
others, those settings are sufficient.
- Lukasz Sztachanski
--
0x058B7133 // 16AB 4EBC 29DA D92D 8DBE BC01 FC91 9EF7 058B 7133
http://entropy.pl
