From owner-freebsd-hackers  Thu Oct 23 09:23:02 1997
Return-Path: <owner-freebsd-hackers>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id JAA07568
          for hackers-outgoing; Thu, 23 Oct 1997 09:23:02 -0700 (PDT)
          (envelope-from owner-freebsd-hackers)
Received: from crh.cl.msu.edu (crh.cl.msu.edu [35.8.1.24])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id JAA07560
          for <freebsd-hackers@FreeBSD.ORG>; Thu, 23 Oct 1997 09:22:58 -0700 (PDT)
          (envelope-from henrich@crh.cl.msu.edu)
Received: (from henrich@localhost)
	by crh.cl.msu.edu (8.8.5/8.8.5) id MAA10511;
	Thu, 23 Oct 1997 12:22:55 -0400 (EDT)
Message-ID: <19971023122255.43108@crh.cl.msu.edu>
Date: Thu, 23 Oct 1997 12:22:55 -0400
From: Charles Henrich <henrich@crh.cl.msu.edu>
To: Guy Helmer <ghelmer@cs.iastate.edu>
Cc: freebsd-hackers@FreeBSD.ORG
Subject: Re: CHILD_MAX no longer valid in 2.2.5-RELEASE?
References: <19971023104527.34841@crh.cl.msu.edu> <Pine.HPP.3.96.971023101746.2752E-100000@popeye.cs.iastate.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.84
In-Reply-To: <Pine.HPP.3.96.971023101746.2752E-100000@popeye.cs.iastate.edu>; from Guy Helmer on Thu, Oct 23, 1997 at 10:33:26AM -0500
X-Operating-System: FreeBSD 2.2.2-RELEASE
X-PGP-Fingerprint: 1024/F7 FD C7 3A F5 6A 23 BF  76 C4 B8 C9 6E 41 A4 4F
Sender: owner-freebsd-hackers@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

On the subject of Re: CHILD_MAX no longer valid in 2.2.5-RELEASE?, Guy Helmer stated:

> There ought to be a couple of pointers to this use of the daemon entry in
> login.conf in init(8)'s man page and LINT (assuming CHILD_MAX stays in) --
> I suppose that means I ought to make diffs and write a gnats report :-) 

Perhaps.  Now I'd like to get up on my soapbox and bitch about this login.conf
business.  For some assinine reason the defaults for login.conf for system
processes (including BOOT!).  This bit me big time when trying to fsck a large
raid array, the fsck failed with out of memory.

What remotely possible, conceivable reason would you ever want to limit root
and its ilk from having free run of the system?  This seems like a very
dangerous policy that can in dire system cases lock the administrators out of
the system.  I would strongly suggest the defaults in login conf is everything
is wide open, and its up to the sysadmin to fix it.  In 90 percent of the
FreeBSD installations out there, (my guess), this is appropriate, and only in
the ISP multi-user-login case is the current defaults usefull.

-Crh

       Charles Henrich     Michigan State University     henrich@msu.edu

                         http://pilot.msu.edu/~henrich