On Wed, Jan 07, 2015 at 11:52:48AM +0100, Bernhard M. Wiedemann wrote:
On 2014-12-30 09:38, Ludwig Nussel wrote:
==== pam ==== Subpackages: pam-32bit pam-devel
- limit number of processes to 700 to harden against fork-bombs Add pam-limit-nproc.patch
This change of mine caused some trouble for a Tumbleweed/chromium user with many tabs, which each use a separate process. ps ax|wc only showed ~350 when the limit was reached (maybe threads are counted too)
Should we increase the default limits? We need to document it anyway, part of which is https://bugzilla.suse.com/show_bug.cgi?id=911678
I still wonder why zypper up replaced his file, since the pam.spec has %config(noreplace) %{_sysconfdir}/security/limits.conf
Maybe cause it was unmodified? Cheers, Lars -- Lars Müller [ˈlaː(r)z ˈmʏlɐ] Samba Team + SUSE Labs SUSE Linux, Maxfeldstraße 5, 90409 Nürnberg, Germany