[apparmor] [Merge] lp:~talkless/apparmor/fix_traceroute_tcp into lp:apparmor
Seth Arnold
seth.arnold at canonical.com
Wed Jul 5 21:04:30 UTC 2017
On Mon, Jul 03, 2017 at 04:59:36PM -0000, Vincas Dargis wrote:
> sudo sysctl net.core.wmem_max=8388608
> sudo sysctl net.core.wmem_default=8388608
>
> It no longer asks for net_admin.
Hrm, I wonder if these defaults make sense to apply to e.g. Ubuntu or
Debian as a whole, just to avoid this silly net_admin that every process
wants these days.
net_admin grants a lot of power, but just growing these windows is surely
a denial of service attack vector at the worst.
Thanks
--
https://code.launchpad.net/~talkless/apparmor/fix_traceroute_tcp/+merge/326260
Your team AppArmor Developers is requested to review the proposed merge of lp:~talkless/apparmor/fix_traceroute_tcp into lp:apparmor.
More information about the AppArmor
mailing list