[tor-bugs] #20879 [Applications/Tor Browser Sandbox]: Set rlimits in the containers.
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Dec 29 04:54:04 UTC 2016
#20879: Set rlimits in the containers.
----------------------------------------------+-------------------------
Reporter: yawning | Owner: yawning
Type: enhancement | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser Sandbox | Version:
Severity: Normal | Resolution:
Keywords: sandbox-security | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
----------------------------------------------+-------------------------
Comment (by cypherpunks):
Replying to [comment:5 yawning]:
> Just as a note, changed these to work around:
>
> * #20970 (`RLIMIT_STACK` is set to 8 MiB)
> * #20979 (`RLIMIT_NPROC` is left untouched)
>
> Once I switch to setting the rlimits on a per container basis, these can
re-added.
I think there are websites for browser benchmarking. You could probably
test the acceptable limits by going to those websites and trying the
various benchmarks with different resource limits set to get at least an
idea of the upper limit, past which increasing it is useless.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20879#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list