Local system security

Pete Zaitcev zaitcev at redhat.com
Wed Jan 5 23:59:51 UTC 2011

On Wed, 05 Jan 2011 16:13:25 -0500
Adam Jackson <ajax at redhat.com> wrote:

> But prevention of DoS on the part of local actors is just not a game you
> can win.  If nothing else, remember that the way Linux implements
> malloc() assumes you have infinite memory, which means you overcommit
> resources, which means failure happens.

As long as we say things like the first one, Oracle will continue to pretend
that Solaris is somehow more suitable to deploy Sunray... As for the second
one, look here (we ship with overcommit set to heuristic, which is Webkit
crashes in Rawhide):

-- Pete

More information about the devel mailing list