Re: ITP memlockd

Fri, 09 Feb 2007 00:22:42 -0800 

On Friday 09 February 2007 10:43, Brian May <[EMAIL PROTECTED]> wrote:
> How much memory typically needs to be locked for this to be
> beneficial?

It's best to have the shell used by the sysadmin, the login chain (getty + 
login or sshd and the PAM stuff), some utilities (EG busybox), and all shared 
objects used by them.  But you can get by with a lot less.

I've attached a sample config file that causes just under 10M of RAM to be 
used.  No big deal on a machine with 256M of RAM that is likely to experience 
a DOS attack.

-- 
[EMAIL PROTECTED]
http://etbe.blogspot.com/          My Blog

http://www.coker.com.au/sponsorship.html Sponsoring Free Software development

/bin/bash
/lib/libncurses.so.5
/lib/tls/i686/cmov/libdl.so.2
/lib/tls/i686/cmov/libc.so.6
/usr/sbin/sshd
/lib/libwrap.so.0
/lib/libpam.so.0
/lib/tls/i686/cmov/libdl.so.2
/lib/libselinux.so.1
/lib/tls/i686/cmov/libresolv.so.2
/usr/lib/i686/cmov/libcrypto.so.0.9.8
/lib/tls/i686/cmov/libutil.so.1
/usr/lib/libz.so.1
/lib/tls/i686/cmov/libnsl.so.1
/lib/tls/i686/cmov/libcrypt.so.1
/usr/lib/libgssapi_krb5.so.2
/usr/lib/libkrb5.so.3
/usr/lib/libk5crypto.so.3
/lib/libcom_err.so.2
/usr/lib/libkrb5support.so.0
/lib/tls/i686/cmov/libc.so.6
/lib/ld-linux.so.2
/lib/libsepol.so.1
/bin/busybox
/lib/tls/i686/cmov/libm.so.6

Reply via email to