grsecurity forums


https://forums.grsecurity.net/

VmData exceeded data ulimit: should be forbidden?

https://forums.grsecurity.net/viewtopic.php?f=3&t=4477

Page 1 of 1

VmData exceeded data ulimit: should be forbidden?

PostPosted: Sat May 14, 2016 1:23 pm
by Carlos Carvalho
I got this in the logs with 4.5.4-201605112030.patch:

kernel: : mmap: pure-ftpd (65643): VmData 8425472 exceed data ulimit 8388608. Will be forbidden soon.

I don't understand what it means but it sounds like a resource overstep. "Will be forbidden soon" may take longer than one might expect. Should grsec deal with this?

Re: VmData exceeded data ulimit: should be forbidden?

PostPosted: Sat May 14, 2016 4:20 pm
by spender
In 4.5 for whatever reason, upstream Linux decided to reinterpret completely what various resource limits are supposed to apply to, essentially setting up any application setting these limits itself to be broken unless modified (so much for not breaking userland). So of course what I anticipated when this change went through is starting to happen. Unless they revert it, you'll need to update to newer versions of that software that can detect the kernel version and set its resource limits appropriately. The log you see is their current warning -- it'll be turned into an actual denial in some unknown future kernel version.

-Brad
All times are UTC - 5 hours [ DST ]
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/