Date: Thu, 09 Nov 2023 08:54:22 +0100 From: Alexander Leidinger <Alexander@Leidinger.net> To: freebsd-arch@freebsd.org Subject: Any particular reason we don't have sshd oomprotected by default? Message-ID: <8b9484ba83e373ece0e322e14c924da6@Leidinger.net>
next in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --=_c0696647e76353b3b51420dd4c3878ba Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; format=flowed Hi, We have syslogd oomprotected by default (/etc/defaults/rc.conf). Is there a particular reason we don't have sshd protected the same way? Any objections if I would commit such a change (sshd_oomprotect=YES in defaults/rc.conf)? I was also thinking about which other daemon we should protect by default, but apart from the need to make sure important logs are written to find issues which may have caused the oom trigger, and the need to be able to login to such a troubled system, I didn't see any other service as such critical (we could argue about ntpd, but I send to be on the "may be protected" (not for my use cases) and not to be on the "has to be protected" side) to include it in this proposal. Bye, Alexander. -- http://www.Leidinger.net Alexander@Leidinger.net: PGP 0x8F31830F9F2772BF http://www.FreeBSD.org netchild@FreeBSD.org : PGP 0x8F31830F9F2772BF --=_c0696647e76353b3b51420dd4c3878ba Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc; size=833 Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEER9UlYXp1PSd08nWXEg2wmwP42IYFAmVMkDsACgkQEg2wmwP4 2IbMmw/+KfSo+UBe1QKGjgx1z/Ba/JLs7NzYi12nlVqFFWuLsIn0Tv/sMWvzoIQ/ 5NNFpGmlz58tg0hHTPzBlqwnd7ScQZDHJRqhIfDathIGlFhuJjuHD7HCCwXsbJu5 e90sS3pHMf2IlY0xp47A9BFYwjNNCIkpHaIDjsrO2ravMu7ZSK14nhF+9hNuBeNQ npXohY5Ky7E+s7AhYo2zr8Z8UtyjcvFxaCe84AzyxxW/wKtQNCl0qNOpzNL/OvBg 20l4/VQe3y7ii1chhphbzopPzzlSf9n5KT7RRbR2rSC15Tenws1fW28at+vKmsvH kKbvy5kFlhJi5n194Pk3hOS/QeEeH2i6j0CViYwNbEwUHijvcbnSF8mQn8vcrld/ LXzhNU0/HmjRfZmsEvQ6W6jaP2h7p1M2re8vNGMa3GE8cOJANwcUs+jPQCdUnK6p lvLALw/k2E68OG1aL3gzktbxQhXZRFMVQrEgiGQNaNDT+nxA6SJa/M+HNtqSc99z 6afXonid5tTfJ5ejqXYBt6GpncbR3303tAcTFZM3GwAZ8CqAj6xHwBN38+519xMj 2uAZXIUdDEZETIrfjUHsMz7x/EuOJczVg+sIRP0AxvwtHqUmK0jO1OHw7AIKbRl0 +S6HyAHyP/qQjN1X2DGdjanWVyfOCZl7Yl6lrKhywGryq/VH/LM= =Rvod -----END PGP SIGNATURE----- --=_c0696647e76353b3b51420dd4c3878ba--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8b9484ba83e373ece0e322e14c924da6>