AF:
NF:0
PS:10
SRH:1
SFN:
DSR:
MID:
CFG:
PT:0
S:andy.sharp@lsi.com
RQ:
SSV:mhbs.lsil.com
NSV:
SSH:
R:<Maxim.Kozlovsky@lsi.com>
MAID:2
X-Sylpheed-Privacy-System:
X-Sylpheed-Sign:0
SCF:#mh/Mailbox/sent
RMID:#imap/LSI/INBOX	0	861DA0537719934884B3D30A2666FECC010E2CCF9F@cosmail02.lsi.com
X-Sylpheed-End-Special-Headers: 1
Date: Wed, 10 Mar 2010 17:49:22 -0800
From: Andrew Sharp <andy.sharp@lsi.com>
To: "Kozlovsky, Maxim" <Maxim.Kozlovsky@lsi.com>
Subject: Re: Please review 34835
Message-ID: <20100310174922.3fbdbf49@ripper.onstor.net>
In-Reply-To: <861DA0537719934884B3D30A2666FECC010E2CCF9F@cosmail02.lsi.com>
References: <861DA0537719934884B3D30A2666FECC010E2CCF23@cosmail02.lsi.com>
	<20100310153244.2536c30c@ripper.onstor.net>
	<861DA0537719934884B3D30A2666FECC010E2CCF65@cosmail02.lsi.com>
	<20100310161447.0fe26114@ripper.onstor.net>
	<861DA0537719934884B3D30A2666FECC010E2CCF9F@cosmail02.lsi.com>
Organization: LSI
X-Mailer: Sylpheed-Claws 2.6.0 (GTK+ 2.8.20; x86_64-pc-linux-gnu)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

On Wed, 10 Mar 2010 17:33:37 -0700 "Kozlovsky, Maxim"
<Maxim.Kozlovsky@lsi.com> wrote:

>  
> > [MK] Here is the man page exerpt:
> >       The soft limit is the value that the kernel enforces  for  the
> > corre- sponding  resource.   The  hard  limit  acts as a ceiling for
> > the soft limit: an unprivileged process may only set its soft limit
> > to a  value in the range from 0 up to the hard limit, and
> > (irreversibly) lower its hard  limit.
> 
> Yeah, I got the man page.  So a process can change it's limit to
> infinity [and beyond] at any time -- who knows what library routines,
> or existing daemons like samba, might do -- and children start at
> infinity rather than our limit. Is that the right thing to do?
> Perhaps rlimit_max should be queried and preserved?  If you're happy
> with it the way it is, go for it.  I'm just playing devil's advocate.
> [MK] 
> Root processes can do whatever they want, and all our processes are
> run as root. The children inherit the current limit from the parent,
> so unless the process specifically changes the limit as vsd/sdm/spm
> do, it will run at the limit set in PM. Library routines, unless they
> are malicious on purpose, will not modify the process limits. Samba
> does not do anything inappropriate with the limits either I checked
> that. 

Cool.  Anyway, I forgot to mention that it was a nice catch.  Explains
a lot.

