John,
Do you mean to do away with limits in GNU linux on the basis that it is
weak security ?
Nobody I know has ever claimed it was anything but weak security. As you
point
out as security goes, it does not get you very far beyond keeping yr
box(es) a little
under control when they are at the
I really did not intend my suggestion to be a thermonuclear device.
I take yr comments seriously though; you have a point. That said, the
(perhaps weak) rationale behind introducing "group negation" in the
`pam_limits`
syntax is certainly not muddying waters, but rather change default
values for
Lately I've been exploring how to harden an Ubuntu OS against possible
external attacks.
I am still at the level of basic recipes, but I noticed one tiny thing,
that I consider unwieldy...
Looking at "limits" for users on a system, I noticed that to configure
the pam_limits module |/etc/securi
