Limiting number of processes: /etc/security/limits.conf vs. /etc/ld.so.preload
Within a multiuser environment, we are currently enforcing a per user process limit of 40(e.g. also for fcgi processes). This is done via ld.so.preload, that forces the loading of a custom shared library that has been written in C. This library overrides the functions for creating child processes and enforces the process limit.
It works but I'm wondering what are the advantages of this solution and is it better or worse than using limits enforced by pam_limits and /etc/security/limits.conf.
What do you think? I think that this solution might be a lot faster.