On Jul 13, 2018, at 8:58 PM, Warren Young wrote:
>
> On Jul 13, 2018, at 7:09 PM, Richard Hipp wrote:
>>
>> So, if you want to use the rate limiting feature on
>> Linux, you will need /proc mounted in your chroot jail. I wish there
>> were a better way…
>
> That’s actually one of the older
On Jul 13, 2018, at 7:09 PM, Richard Hipp wrote:
>
> So, if you want to use the rate limiting feature on
> Linux, you will need /proc mounted in your chroot jail. I wish there
> were a better way…
That’s actually one of the older features of cgroups. Maybe take a look?
As a defense against DoS attacks, Fossil has a feature were it refuses
to run certain expense web pages (ex: creating new tarballs) if the
system load averages is too high. Fossil uses the getloadavg()
interface to compute this. On Linux, getloadavg() requires that /proc
be mounted. So, if you
On 7/13/18, Warren Young wrote:
>
> chroot() might even be strong enough given the tight scoping.
Just checking to make sure you know: If you launch Fossil as root, it
will automatically put itself into a chroot jail in the directory
containing the repository, then change its userid and groupid
4 matches
Mail list logo