]> git.ipfire.org Git - thirdparty/systemd.git/commit
projects / thirdparty / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 775f042) | patch
journald: set a lower size limit for FDs from unpriv processes
authorLuca Boccassi <luca.boccassi@gmail.com>
Thu, 5 Feb 2026 00:39:35 +0000 (00:39 +0000)
committerLennart Poettering <lennart@poettering.net>
Mon, 9 Feb 2026 12:51:59 +0000 (13:51 +0100)
commite67b008fa35d92937b07c6b3903419cd42ef9103
treee79d44b6cb8be833119ca11721aed74ed075ba67tree
parent775f04293d5d65dbaa19008571437046ac9b1af7commit | diff
journald: set a lower size limit for FDs from unpriv processes

Unprivileged processes can send 768M in a FD-based message to journald,
which will be malloc'ed in one go, likely causing memory issues.
Set the limit for unprivileged users to 24M.

Allow coredumps as an exception, since we always allowed storing
up to the 768M max core files in the journal.

Reported on yeswehack.com as #YWH-PGM9780-48
docs/ENVIRONMENT.md diff | blob | blame | history
src/journal/journald-native.c diff | blob | blame | history
src/shared/journal-importer.h diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.