[rsbac] RES
Jens Kasten
igraltist at rsbac.org
Mon Jan 17 10:40:00 CET 2011
Hi list,
I set up the follow for RES:
attr_set_user RES $user res_max fsize 250000 # user won t create file
more than 1G (block size = 4096)
attr_set_user RES $user res_max stack 100000 # user stack won t get
bigger than 100 KB
attr_set_user RES $user res_max nofile 1024 # user won t open more
than 1024 fds at a time
attr_set_user RES $user res_min core -1 # user will coredump by
default
attr_set_user RES $user res_max nproc 200 # user won t start more
than 200 process
attr_set_user RES $user res_max as 100000000 # user s process won t
get bigger than 100MB
Then I call the python script ps-jail and I get:
Jan 17 10:31:43 jaschtschik kernel: ps-jail[21077]: segfault at
3c0639ebf18 ip 000002be1843366c sp 000003c0639ebf20 error 6 in
libpython2.6.so.1.0[2be1832e000+173000]
Should the RES module not simply stop it if the script need more
resources?
Grüsse
Jens
More information about the rsbac
mailing list