Local system security
Gregory Maxwell
gmaxwell at gmail.com
Wed Jan 5 21:38:17 UTC 2011
On Wed, Jan 5, 2011 at 4:13 PM, Adam Jackson <ajax at redhat.com> wrote:
> But prevention of DoS on the part of local actors is just not a game you
> can win. If nothing else, remember that the way Linux implements
> malloc() assumes you have infinite memory, which means you overcommit
> resources, which means failure happens. You can write code that
[snip]
# echo 2 > /proc/sys/vm/overcommit_memory
# echo 0 > /proc/sys/vm/overcommit_ratio
:)
(and good luck with that!)
More information about the devel
mailing list