[plug] UNIX - RISKS

Leon Brooks leon at brooks.smileys.net
Tue Feb 23 15:29:18 WST 1999


Paul Repacholi wrote:
> There is no limit on the number of process creations
> inetd running as root can create. Zip, nadda, nil.

So run it as, say, inetd, set /etc/limits, and suid or sgid any children
that need it (some are anyway). BTW, for a home user, there is a limit:
the speed of the modem line.

Apache normally runs as "nobody" or something like "wwwuser" and fields
incoming connects directly (ie not through inetd). Apache also has
config directives to limit such things. So do most FTP daemons and
probably sendmail.

-- 
"Freedom of speech in Usenet means that when you shout 'Fire!' in a
crowded
theatre, half the crowd stands up and shouts, 'Wrong theatre!'"


More information about the plug mailing list