max connections per control group (cgroup)
Lennart Poettering
mzqohf at 0pointer.de
Thu Aug 14 07:54:56 PDT 2014
On Thu, 14.08.14 15:41, Alban Crequy (alban.crequy at collabora.co.uk) wrote:
> In this case however, I think it is safe because executing a setuid
> program (or using pkexec) would not change the cgroup of the process,
> so the limit should be correctly enforced.
It's not unthinkable that this might be available eventually. For
example su/sudo -s/pkexec might open a new PAM session which results in
a cgroup change... I'd be careful with dismissing this so easily...
Lennart
--
Lennart Poettering, Red Hat
More information about the dbus
mailing list