Allowing 1M open files per unprivileged process is too many.
Megabytes of RAM are precious. A hard limit of 1M open files per process
allows each process to eat at least 256MB (1M * sizeof(struct file)
[linux/fs.h]) of RAM. If a single user is allowed 1000 processes,
then that's 256GB of RAM, which is a Denial-of-Service attack.
Yes, 4096 open files is not enough. Raise it to 65536.