From owner-freebsd-questions Fri Mar 12 8: 2:35 1999 Delivered-To: freebsd-questions@freebsd.org Received: from granite.sentex.net (granite.sentex.ca [199.212.134.1]) by hub.freebsd.org (Postfix) with ESMTP id 9C0C1155A4 for ; Fri, 12 Mar 1999 08:02:32 -0800 (PST) (envelope-from mike@sentex.net) Received: from leaverite (leaverite.sentex.ca [209.112.4.36]) by granite.sentex.net (8.8.8/8.6.9) with SMTP id LAA26827 for ; Fri, 12 Mar 1999 11:02:13 -0500 (EST) Message-Id: <3.0.5.32.19990312110628.00b8f5d0@staff.sentex.ca> X-Sender: mdtpop@staff.sentex.ca X-Mailer: QUALCOMM Windows Eudora Light Version 3.0.5 (32) Date: Fri, 12 Mar 1999 11:06:28 -0500 To: questions@freebsd.org From: Mike Tancsa Subject: reasonable user limits to prevent abuse Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Just wondering what most people are setting as hard limits for their shell users. What would be a reasonable amount for users to do what they need, but prevent them from causing DOS attacks via fork bombs or eating up memory. Is % limit -h cputime unlimited filesize unlimited datasize 8192 kbytes stacksize 4096 kbytes coredumpsize unlimited memoryuse 10240 kbytes memorylocked 10240 kbytes maxproc 15 openfiles 64 too restrictive, or overly restrictive ? ---Mike ------------------------------------------------------------------------ Mike Tancsa, tel 01.519.651.3400 Network Administrator, mike@sentex.net Sentex Communications www.sentex.net Cambridge, Ontario Canada To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message