From owner-freebsd-arch@FreeBSD.ORG  Mon Apr 13 08:47:56 2015
Return-Path: <owner-freebsd-arch@FreeBSD.ORG>
Delivered-To: arch@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 14D08BC3
 for <arch@freebsd.org>; Mon, 13 Apr 2015 08:47:56 +0000 (UTC)
Received: from ipmail06.adl6.internode.on.net (ipmail06.adl6.internode.on.net
 [150.101.137.145])
 by mx1.freebsd.org (Postfix) with ESMTP id 9693D76A
 for <arch@freebsd.org>; Mon, 13 Apr 2015 08:47:54 +0000 (UTC)
X-IronPort-RLcust: INSIDEinternodeSR75
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A2CTCAA7gCtVPDdrLXlcgwyBLoZCrEwIBnuYLAKBMU0BAQEBAQEHAQEBATg7hB8BAQEDATocIwULCw4KFgEXOQoUBhOIIgfMAAEBAQEBBQEBAQEBAQEBARmGEIUbhCQlMwcSAYMEgRYFiy2FX4gCgg2HGI1UhCEuMYEDAQcXgSEBAQE
Received: from ppp121-45-107-55.lns20.adl6.internode.on.net (HELO
 midget.dons.net.au) ([121.45.107.55])
 by ipmail06.adl6.internode.on.net with ESMTP; 13 Apr 2015 18:12:43 +0930
Received: from [10.0.2.26] ([10.0.2.26]) (authenticated bits=0)
 by midget.dons.net.au (8.15.1/8.14.9) with ESMTPSA id t3D8gW2M016612
 (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
 Mon, 13 Apr 2015 18:12:40 +0930 (CST)
 (envelope-from darius@dons.net.au)
Subject: Re: default file descriptor limit ?
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2070.6\))
Content-Type: text/plain; charset=us-ascii
From: "O'Connor, Daniel" <darius@dons.net.au>
In-Reply-To: <20150413083159.GN1394@zxy.spb.ru>
Date: Mon, 13 Apr 2015 18:12:31 +0930
Content-Transfer-Encoding: quoted-printable
Message-Id: <C9314079-B968-4A09-AD49-B2045521BFF3@dons.net.au>
References: <78759.1428912996@critter.freebsd.dk>
 <79209.1428913320@critter.freebsd.dk> <20150413083159.GN1394@zxy.spb.ru>
To: Slawa Olhovchenkov <slw@zxy.spb.ru>
X-Mailer: Apple Mail (2.2070.6)
X-Spam-Score: -2.899 () ALL_TRUSTED,BAYES_00,URIBL_BLOCKED
X-Scanned-By: MIMEDefang 2.75 on 10.0.2.1
Cc: arch@freebsd.org, Poul-Henning Kamp <phk@phk.freebsd.dk>
X-BeenThere: freebsd-arch@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: Discussion related to FreeBSD architecture <freebsd-arch.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-arch>,
 <mailto:freebsd-arch-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-arch/>
List-Post: <mailto:freebsd-arch@freebsd.org>
List-Help: <mailto:freebsd-arch-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
 <mailto:freebsd-arch-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Apr 2015 08:47:56 -0000


> On 13 Apr 2015, at 18:01, Slawa Olhovchenkov <slw@zxy.spb.ru> wrote:
> May be now time to introduce new login class, for desktop users, with
> reduced limits for open files and some regionals settings. And modify
> bsdinstall to support this. And may be some Gnome/KDE tools for
> creating users (I am don't use KDE/Gnome).
>=20
> Base login class ('default') don't touching, don't have limits and
> have locale "C", used for system startup and daemons.

The question is: What is the upside of having such a large limit?

The downside is apparent - it's not the memory usage but the time wasted =
when running secure software since you can't use closefrom because it's =
not portable and so libraries/ports/etc don't use it (or more =
realistically Linux doesn't have it).

Other limits like max processes scaling with memory makes sense but =
maxfiles should probably scale more slowly (or maybe even not at all..)

--
Daniel O'Connor
"The nice thing about standards is that there
are so many of them to choose from."
 -- Andrew Tanenbaum
GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C