Increase default nofile ulimit

John Moser john.r.moser at gmail.com
Mon Jun 9 11:37:31 UTC 2014


On 06/09/2014 07:10 AM, Robie Basak wrote:
> AIUI, there are security implications for raising this limit system-wide
> by default, since applications that use select() are often broken and
> will become vulnerable with a higher limit.
>
> See
> https://lists.ubuntu.com/archives/ubuntu-devel/2010-September/031446.html
>
> for the previous discussion.
That looks like a glibc bug from 2010.  Is that still relevant?  If so,
why has this not been fixed?

The simple fix is to replace the 1024 spec with the result of
getrlimit() for the hard limit; however, Linux supplies a non-POSIX
function to raise the hard limit of an arbitrary process.  Likewise, the
limit may be excessively large, thus wasteful of memory.

I am certain the glibc developers are competent to dynamically grow the
buffer when full, and could write such code within a four year time
span.  Whether they have or not is a different matter, but ... that's
the question.  Have they?





More information about the Ubuntu-devel-discuss mailing list