subject:"\[Xen\-devel\] \[PATCH v4 5\/6\] tools\/dm

Re: [Xen-devel] [PATCH v4 5/6] tools/dm_depriv: Add first cut RLIMITs

2018-11-06 Thread Ian Jackson

George Dunlap writes ("[PATCH v4 5/6] tools/dm_depriv: Add first cut RLIMITs"): > Limit the ability of a potentially compromised QEMU to consume system > resources. Key limits: > - RLIMIT_FSIZE (file size): 256KiB > - RLIMIT_NPROC (after uid changes to a unique uid) ... > Suggested-by: Ross Lage

Re: [Xen-devel] [PATCH v4 5/6] tools/dm_depriv: Add first cut RLIMITs

2018-11-06 Thread George Dunlap

; Ian Jackson >> ; Wei Liu ; George Dunlap >> >> Subject: [Xen-devel] [PATCH v4 5/6] tools/dm_depriv: Add first cut RLIMITs >> >> Limit the ability of a potentially compromised QEMU to consume system >> resources. Key limits: >> - RLIMIT_F

Re: [Xen-devel] [PATCH v4 5/6] tools/dm_depriv: Add first cut RLIMITs

2018-11-06 Thread Paul Durrant

> -Original Message- > From: Xen-devel [mailto:xen-devel-boun...@lists.xenproject.org] On Behalf > Of George Dunlap > Sent: 05 November 2018 18:07 > To: xen-devel@lists.xenproject.org > Cc: Anthony Perard ; Ian Jackson > ; Wei Liu ; George Dunlap > > Subject

[Xen-devel] [PATCH v4 5/6] tools/dm_depriv: Add first cut RLIMITs

2018-11-05 Thread George Dunlap

Limit the ability of a potentially compromised QEMU to consume system resources. Key limits: - RLIMIT_FSIZE (file size): 256KiB - RLIMIT_NPROC (after uid changes to a unique uid) Probably unnecessary limits but why not: - RLIMIT_CORE: 0 - RLIMIT_MSGQUEUE: 0 - RLIMIT_LOCKS: 0 - RLIMIT_MEMLOC

Re: [Xen-devel] [PATCH v4 5/6] tools/dm_depriv: Add first cut RLIMITs

Re: [Xen-devel] [PATCH v4 5/6] tools/dm_depriv: Add first cut RLIMITs

Re: [Xen-devel] [PATCH v4 5/6] tools/dm_depriv: Add first cut RLIMITs

[Xen-devel] [PATCH v4 5/6] tools/dm_depriv: Add first cut RLIMITs

4 matches

Site Navigation

Mail list logo

Footer information