[rsbac] RES

Jens Kasten igraltist at rsbac.org
Mon Jan 17 10:40:00 CET 2011


Hi list,

I set up the follow for RES:

attr_set_user RES $user res_max fsize 250000   # user won t create file
more than 1G (block size = 4096)
attr_set_user RES $user res_max stack 100000   # user stack won t get
bigger than 100 KB
attr_set_user RES $user res_max nofile 1024    # user won t open more
than 1024 fds at a time
attr_set_user RES $user res_min core -1        # user will coredump by
default
attr_set_user RES $user res_max nproc 200      # user won t start more
than 200 process
attr_set_user RES $user res_max as 100000000   # user s process won t
get bigger than 100MB


Then I call the python script ps-jail and I get:
Jan 17 10:31:43 jaschtschik kernel: ps-jail[21077]: segfault at
3c0639ebf18 ip 000002be1843366c sp 000003c0639ebf20 error 6 in
libpython2.6.so.1.0[2be1832e000+173000]

Should the RES module not simply stop it if the script need more
resources?

Grüsse
Jens








More information about the rsbac mailing list