LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 08-12-2005, 03:15 PM   #1
webserve
LQ Newbie
 
Registered: Aug 2005
Posts: 2

Rep: Reputation: 0
User proces limit


Hi,

I'am a little n00b :P thats speak not so good english


I'am using slackware 10.1 but i want a limit on a user proces
now i was searching google but they say about


/etc/security/limits.conf

This file is not exits ??

please help must i install something


Greetz webserve
 
Old 08-12-2005, 05:40 PM   #2
Matir
Moderator
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 118Reputation: 118
From what I hear, Slackware doesn't use pam, which is responsible for handling limits.conf. You'll need to install PAM in order to use it.
 
Old 08-12-2005, 06:27 PM   #3
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 22,978
Blog Entries: 11

Rep: Reputation: 879Reputation: 879Reputation: 879Reputation: 879Reputation: 879Reputation: 879Reputation: 879
Not exactly a security question, and it can be done
without PAM, Pat doesn't include it for a reason ;)

Have a read of
man bash
/ulimit


Cheers,
Tink
 
Old 08-12-2005, 06:47 PM   #4
Matir
Moderator
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 118Reputation: 118
Tinkster: What is the reason it's not included? Do you know?

I personally like PAM quite a bit.
 
Old 08-12-2005, 07:05 PM   #5
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 22,978
Blog Entries: 11

Rep: Reputation: 879Reputation: 879Reputation: 879Reputation: 879Reputation: 879Reputation: 879Reputation: 879
Quote:
Originally posted by Matir
Tinkster: What is the reason it's not included? Do you know?

I personally like PAM quite a bit. :)
Anderson?
/me ducks

Quote:
Slackware 9.1 ChangeLog.txt entry dated
Tue Sep 23 21:57:32 PDT 2003
In record time, this is Slackware 9.1 release candidate 2. :-)
gnome/gal2-1.99.10-i486-1.tgz: Upgraded to gal-1.99.10.
gnome/gdm-2.4.4.2-i486-1.tgz: Upgraded to gdm-2.4.4.2.
gnome/gnome-applets-2.4.1-i486-1.tgz: Upgraded to gnome-applets-2.4.1.
n/openssh-3.7.1p2-i486-1.tgz: Upgraded to openssh-3.7.1p2.
This fixes security problems with PAM authentication. It also includes
several code cleanups from Solar Designer. Slackware does not use PAM and is
not vulnerable to any of the fixed problems.
Please indulge me for this brief aside (as requests for PAM are on the rise):
If you see a security problem reported which depends on PAM, you can be
glad you run Slackware. I think a better name for PAM might be SCAM, for
Swiss Cheese Authentication Modules, and have never felt that the small
amount of convenience it provides is worth the great loss of system
security. We miss out on half a dozen security problems a year by not
using PAM, but you can always install it yourself if you feel that
you're missing out on the fun. (No, don't do that)
OK, I'm done ranting here. :-)
I suppose this is still a:
(* Security fix *)
In short, Pat's happy to live without the flexibility of
PAM in order to avoid the existing or up-coming exploits.
I can't comment on the validity of that point of view since
I haven't followed PAMs security history over the last 2 years,
but I've always lived by and prospered under the credo of
"In Pat We Trust". :)


Cheers,
Tink
 
Old 08-12-2005, 07:15 PM   #6
Matir
Moderator
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 118Reputation: 118
I think with the ever-growing usage of PAM it will become even more secure and stable. Additionally, migrating a full network to LDAP authentication would be nearly impossible without PAM, as I understand it.

However, I respect Pat and his reasoning. To each their own.
 
Old 08-12-2005, 07:25 PM   #7
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 22,978
Blog Entries: 11

Rep: Reputation: 879Reputation: 879Reputation: 879Reputation: 879Reputation: 879Reputation: 879Reputation: 879
Quote:
Additionally, migrating a full network to LDAP
authentication would be nearly impossible without PAM,
as I understand it.
It may be impossible (even though I don't think of many
things as impossible without having tried), but then one
could, for instance, use NIS/NIS+ instead. ;)


Cheers,
Tink
 
Old 08-12-2005, 07:52 PM   #8
Matir
Moderator
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 118Reputation: 118
lol. Not even all services neccessarily work with NIS/NIS+.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
limit user access Pacux Slackware 10 10-17-2005 06:52 AM
user limit problems paulmer2003 Linux - Software 0 02-14-2005 08:04 PM
User quota limit ust Linux - General 1 12-16-2004 06:55 AM
limit user HD space pezplaya Linux - General 3 04-26-2004 05:36 PM
How can I limit my ftp user to just one directory mtn356 Linux - Software 1 10-28-2003 02:45 PM


All times are GMT -5. The time now is 04:55 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration