Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
10-17-2007, 04:52 PM
|
#1
|
Member
Registered: Apr 2007
Distribution: Gentoo
Posts: 337
Rep:
|
/etc/security/limits.conf
I've decided I'd set up some extremely basic security on my laptop (running Debian GNU/Linux - unstable); so I've decided to follow the "Securing Debian Manual", along with "Linux Security Howto" and anything which seemed of interest from LinuxSecurity. Long story short, most 'general' security guides recommend the configuration of the limits.conf file.
However, whilst I have no problem understand items such as "nproc", "maxlogins", I can't generalize for all the other items described in the limits.conf manual page.
Nothing a google search can't handle; however, even understanding what the items mean, I can't figure out proper limits. I'm the only person actually using the laptop, I don't run SSH on it (but I *might*, one day).
So what I'm basically humbly asking for is some `copy/paste` work of your /etc/security/limits.conf file.
|
|
|
10-20-2007, 03:55 AM
|
#2
|
Moderator
Registered: May 2001
Posts: 29,415
|
Quote:
Originally Posted by reverse
I can't figure out proper limits. I'm the only person actually using the laptop, I don't run SSH on it (but I *might*, one day).
|
Trial and error? Go with the defaults, then tweak values down one value a time until you hit a "weird" problem doing regular things. IIRC using SSH required nlogins to be $nlogins+1.
|
|
|
10-20-2007, 05:33 AM
|
#3
|
Member
Registered: Apr 2007
Distribution: Gentoo
Posts: 337
Original Poster
Rep:
|
Thanks for replying. I suppose I could go that route, problem is.. I don't have any 'defaults', the default limits.conf file is empty.
|
|
|
10-20-2007, 09:45 AM
|
#4
|
Moderator
Registered: May 2001
Posts: 29,415
|
If you 'ulimit -a' in a Bash shell, you get something like:
Code:
core file size (blocks, -c) 0
data seg size (kbytes, -d) unlimited
file size (blocks, -f) unlimited
max locked memory (kbytes, -l) unlimited
max memory size (kbytes, -m) unlimited
open files (-n) 1024
pipe size (512 bytes, -p) 8
stack size (kbytes, -s) 8192
cpu time (seconds, -t) unlimited
max user processes (-u) 4088
virtual memory (kbytes, -v) unlimited
|
|
|
10-20-2007, 04:10 PM
|
#5
|
Member
Registered: Apr 2007
Distribution: Gentoo
Posts: 337
Original Poster
Rep:
|
True enough, thanks.
|
|
|
All times are GMT -5. The time now is 04:16 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|