Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 143917 - proposed patch for hardened-sources
Summary: proposed patch for hardened-sources
Status: RESOLVED CANTFIX
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Hardened (show other bugs)
Hardware: All Linux
: High enhancement (vote)
Assignee: The Gentoo Linux Hardened Team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-08-14 12:15 UTC by Sergio Bevilacqua
Modified: 2007-04-29 15:46 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
kernel patch (kernel.diff,1.84 KB, patch)
2006-08-14 12:15 UTC, Sergio Bevilacqua 		Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Sergio Bevilacqua 2006-08-14 12:15:08 UTC 
i suggest some optimization for hardened-sources kernel series.
all of these optimizations are just increases of the default kernel parameters

i use these optimizations on my production-systems
Comment 1 Sergio Bevilacqua 2006-08-14 12:15:47 UTC 
Created attachment 94261 [details, diff]
kernel patch
Comment 2 Sergio Bevilacqua 2006-08-14 12:18:09 UTC 
these changes are documenter in the book "securing and optimizing linux" vol.3 by Gerhard Mourani
Comment 3 solar (RETIRED) gentoo-dev 2006-08-14 12:42:48 UTC 
With 2.4.x these old changes used to be needed (when running an ircd) but with 
2.6.x I'm not so sure..

What can you not do via the ulimit command?
ulimit -n 8192 ; 
ulimit -OPTS ...
Comment 4 Sergio Bevilacqua 2006-11-19 14:25:55 UTC 
only changes in include/linux/limits.h can be do via ulimit
not changes in include/linux/posix_types.h and include/linux/sem.h
Comment 5 Christian Heim (RETIRED) gentoo-dev 2007-04-29 15:46:26 UTC 
(In reply to comment #4)
> only changes in include/linux/limits.h can be do via ulimit
> not changes in include/linux/posix_types.h and include/linux/sem.h

If you really need to change them, please do it locally. This isn't really a patch that belongs into the hardened patchset.