LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 10-17-2007, 04:52 PM   #1
reverse
Member
 
Registered: Apr 2007
Distribution: Gentoo
Posts: 337

Rep: Reputation: 30
/etc/security/limits.conf


I've decided I'd set up some extremely basic security on my laptop (running Debian GNU/Linux - unstable); so I've decided to follow the "Securing Debian Manual", along with "Linux Security Howto" and anything which seemed of interest from LinuxSecurity. Long story short, most 'general' security guides recommend the configuration of the limits.conf file.

However, whilst I have no problem understand items such as "nproc", "maxlogins", I can't generalize for all the other items described in the limits.conf manual page.

Nothing a google search can't handle; however, even understanding what the items mean, I can't figure out proper limits. I'm the only person actually using the laptop, I don't run SSH on it (but I *might*, one day).

So what I'm basically humbly asking for is some `copy/paste` work of your /etc/security/limits.conf file.
 
Old 10-20-2007, 03:55 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
Quote:
Originally Posted by reverse View Post
I can't figure out proper limits. I'm the only person actually using the laptop, I don't run SSH on it (but I *might*, one day).
Trial and error? Go with the defaults, then tweak values down one value a time until you hit a "weird" problem doing regular things. IIRC using SSH required nlogins to be $nlogins+1.
 
Old 10-20-2007, 05:33 AM   #3
reverse
Member
 
Registered: Apr 2007
Distribution: Gentoo
Posts: 337

Original Poster
Rep: Reputation: 30
Thanks for replying. I suppose I could go that route, problem is.. I don't have any 'defaults', the default limits.conf file is empty.
 
Old 10-20-2007, 09:45 AM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
If you 'ulimit -a' in a Bash shell, you get something like:
Code:
core file size        (blocks, -c) 0
data seg size         (kbytes, -d) unlimited
file size             (blocks, -f) unlimited
max locked memory     (kbytes, -l) unlimited
max memory size       (kbytes, -m) unlimited
open files                    (-n) 1024
pipe size          (512 bytes, -p) 8
stack size            (kbytes, -s) 8192
cpu time             (seconds, -t) unlimited
max user processes            (-u) 4088
virtual memory        (kbytes, -v) unlimited
 
Old 10-20-2007, 04:10 PM   #5
reverse
Member
 
Registered: Apr 2007
Distribution: Gentoo
Posts: 337

Original Poster
Rep: Reputation: 30
True enough, thanks.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
interpretate limits.conf in crontab 223 Linux - General 6 10-05-2007 02:27 AM
limits are not working (limits.conf) PkerC Red Hat 3 06-22-2006 11:14 AM
meaning of /etc/security/limits.conf commands marceluda Linux - Security 1 05-11-2006 12:01 PM
/etc/security/limits.conf documentation? crazyeddie740 Linux - Security 1 06-19-2004 04:02 AM
Wierd PAM limits.conf behavior Kostko Linux - Software 0 08-26-2003 06:55 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 04:16 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration