This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH 1/2] Set default stack size from program environment
- From: Siddhesh Poyarekar <siddhesh dot poyarekar at gmail dot com>
- To: Roland McGrath <roland at hack dot frob dot com>
- Cc: Andreas Schwab <schwab at suse dot de>, Siddhesh Poyarekar <siddhesh at redhat dot com>, libc-alpha at sourceware dot org
- Date: Tue, 5 Mar 2013 19:27:27 +0530
- Subject: Re: [PATCH 1/2] Set default stack size from program environment
- References: <20130115100110.GL7894@spoyarek.pnq.redhat.com><20130117000752.EFE8D2C0BC@topped-with-meat.com><20130117014821.GX7894@spoyarek.pnq.redhat.com><mvm1udk5iul.fsf@hawking.suse.de><20130117082311.GB25252@spoyarek.pnq.redhat.com><mvmwqvc43jy.fsf@hawking.suse.de><20130117083500.GC25252@spoyarek.pnq.redhat.com><mvm4nig2o6p.fsf@hawking.suse.de><20130301210246.F2EB82C0B3@topped-with-meat.com>
On 2 March 2013 02:32, Roland McGrath <roland@hack.frob.com> wrote:
> It's worse in some regards and better in others. Anything overly
> coarse-grained like system-wide configuration when it can be local
> per-user or per-process/inherited configuration is worse for the
> issues of user choice and flexibility. Conversely, anything only
> changeable by privileged administrator action rather than inherited
> from something casually fungible like the environment is better for
> the issue of security hardening.
How about something like this:
1. A /etc/pthreads.conf with hard limits for stack sizes. Its absence
means that RLIMIT_STACK is in play
2. A per-user .pthreads.conf with user-level overrides for stack sizes
(default_stack_size=1024K) and/or program-level overrides
(default_stack_size=/usr/bin/foo:2M)
3. An environment variable for process-level overrides.
That way we include stuff that everyone hates; the magic environment
variable that you hate and the configuration files that Carlos hates
and of course, slower start-up time which I'm sure *everyone* will
hate ;) However, it would IMO do a better job of providing
administrative-level adjustment of stack sizes that I attempted
before.
--
http://siddhesh.in