LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 10-17-2007, 03:52 PM   #1
reverse
Member
 
Registered: Apr 2007
Distribution: Gentoo
Posts: 337

Rep: Reputation: 30
/etc/security/limits.conf


I've decided I'd set up some extremely basic security on my laptop (running Debian GNU/Linux - unstable); so I've decided to follow the "Securing Debian Manual", along with "Linux Security Howto" and anything which seemed of interest from LinuxSecurity. Long story short, most 'general' security guides recommend the configuration of the limits.conf file.

However, whilst I have no problem understand items such as "nproc", "maxlogins", I can't generalize for all the other items described in the limits.conf manual page.

Nothing a google search can't handle; however, even understanding what the items mean, I can't figure out proper limits. I'm the only person actually using the laptop, I don't run SSH on it (but I *might*, one day).

So what I'm basically humbly asking for is some `copy/paste` work of your /etc/security/limits.conf file.
 
Old 10-20-2007, 02:55 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,994
Blog Entries: 54

Rep: Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745
Quote:
Originally Posted by reverse View Post
I can't figure out proper limits. I'm the only person actually using the laptop, I don't run SSH on it (but I *might*, one day).
Trial and error? Go with the defaults, then tweak values down one value a time until you hit a "weird" problem doing regular things. IIRC using SSH required nlogins to be $nlogins+1.
 
Old 10-20-2007, 04:33 AM   #3
reverse
Member
 
Registered: Apr 2007
Distribution: Gentoo
Posts: 337

Original Poster
Rep: Reputation: 30
Thanks for replying. I suppose I could go that route, problem is.. I don't have any 'defaults', the default limits.conf file is empty.
 
Old 10-20-2007, 08:45 AM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,994
Blog Entries: 54

Rep: Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745
If you 'ulimit -a' in a Bash shell, you get something like:
Code:
core file size        (blocks, -c) 0
data seg size         (kbytes, -d) unlimited
file size             (blocks, -f) unlimited
max locked memory     (kbytes, -l) unlimited
max memory size       (kbytes, -m) unlimited
open files                    (-n) 1024
pipe size          (512 bytes, -p) 8
stack size            (kbytes, -s) 8192
cpu time             (seconds, -t) unlimited
max user processes            (-u) 4088
virtual memory        (kbytes, -v) unlimited
 
Old 10-20-2007, 03:10 PM   #5
reverse
Member
 
Registered: Apr 2007
Distribution: Gentoo
Posts: 337

Original Poster
Rep: Reputation: 30
True enough, thanks.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
interpretate limits.conf in crontab 223 Linux - General 6 10-05-2007 01:27 AM
limits are not working (limits.conf) PkerC Red Hat 3 06-22-2006 10:14 AM
meaning of /etc/security/limits.conf commands marceluda Linux - Security 1 05-11-2006 11:01 AM
/etc/security/limits.conf documentation? crazyeddie740 Linux - Security 1 06-19-2004 03:02 AM
Wierd PAM limits.conf behavior Kostko Linux - Software 0 08-26-2003 05:55 AM


All times are GMT -5. The time now is 11:43 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration