On Sat, 22 Feb 1997, Trevor Johnson wrote:
> While logging in via ssh (versions 1.2.17 and 1.2.12) under Linux 2.0, I
> found that limits weren''t being set (as shown by the output of
"limit"
> (tcsh) or "ulimit -a" (bash). Since /etc/profile,
/etc/csh.cshrc, and
> /etc/limits were ignored, I made /etc/sshrc and put "ulimit"
statements in
> it. However, I was unable to limit the number of processes this way,
> leaving the system vulnerable to fork bombs. Installing lshell (available
> at http://sunsite.unc.edu/pub/Linux/system/admin/login/lshell-2.01.tar.gz)
> corrected the problem.
According to the man page, /etc/sshrc might not be an effective place to
put limits.
9. If $HOME/.ssh/rc exists, runs it (with the user''s
shell); else if /etc/sshrc exists, runs it (with
/bin/sh); otherwise runs xauth. The "rc" files are
given the X11 authentication protocol and cookie in
standard input.
This sounds to me like if a user has a $HOME/.ssh/rc, it will be run
instead of /etc/sshrc. I have not tested this though.
[mod: Moreover, aren''t the limits normally a maximum, where you
can''t
go above? If as a user you "impose" yourself with a limit, you can
always set it back. I just verified that on my system under ssh, the
limits are the same as when I login normally, but I normally don''t use
limits, so I don''t know if I have to turn something to make login set
some limits. -- REW]
------------------------------------------------------------------
Jon Lewis <jlewis@fdt.net> | Unsolicited commercial e-mail will
Network Administrator | be proof-read for $199/hr.
________Finger jlewis@inorganic5.fdt.net for PGP public key_______