On 10/8/18 2026 UTC, Zebediah Figura wrote:
On 08/10/18 2000 UTC, John Reiser wrote:
> Allowing 1M open files per unprivileged process is too many.
>
> Megabytes of RAM are precious. A hard limit of 1M open files per process
> allows each process to eat at least 256MB (1M * sizeof(struct file)
> [linux/fs.h]) of RAM. If a single user is allowed 1000 processes,
> then that's 256GB of RAM, which is a Denial-of-Service attack.
>
> Yes, 4096 open files is not enough. Raise it to 65536.
>
Correct me if I'm wrong, but wouldn't this be capped by the system-wide
limit (i.e. it would hit ENFILE) before presenting a problem?
That means that a different DoS can happen even sooner,
at (ENFILE / 1M) processes. No other process could open() a file.