d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Limit maxprocperuid to 9/10 maxproc, and limit maxfilesperproc to 9/10

Browse Source 
maxfiles.  This should make local resource exhaustion attacks easier
to handle with a non-tweaked setup.

MFC after:	3 days
This commit is contained in:
Mike Silbersack 2001-12-13 20:00:45 +00:00
parent 7118b0c4c3
commit ebacce5e99
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
sys/kern/subr_param.c
View File

@ -150,8 +150,8 @@ init_param2(int physpages)
TUNABLE_INT_FETCH("kern.maxproc", &maxproc);
maxfiles = MAXFILES;
TUNABLE_INT_FETCH("kern.maxfiles", &maxfiles);
maxprocperuid = maxproc - 1;
maxfilesperproc = maxfiles;
maxprocperuid = (maxproc * 9) / 10;
maxfilesperproc = (maxfiles * 9) / 10;
/*
* Cannot be changed after boot.