]> git.ipfire.org Git - thirdparty/systemd.git/commit
projects / thirdparty / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 62aca3d) | patch
journald: set a lower size limit for FDs from unpriv processes
authorLuca Boccassi <luca.boccassi@gmail.com>
Thu, 5 Feb 2026 00:39:35 +0000 (00:39 +0000)
committerLuca Boccassi <luca.boccassi@gmail.com>
Thu, 26 Feb 2026 10:24:31 +0000 (10:24 +0000)
commitd33dbbc6133632f8541af219907cb95bd14ad9ec
tree4a539ae864aa9c7eac350c338a339288998acbf8tree | snapshot
parent62aca3d5479671e41273f3699af758d80664714ecommit | diff
journald: set a lower size limit for FDs from unpriv processes

Unprivileged processes can send 768M in a FD-based message to journald,
which will be malloc'ed in one go, likely causing memory issues.
Set the limit for unprivileged users to 24M.

Allow coredumps as an exception, since we always allowed storing
up to the 768M max core files in the journal.

Reported on yeswehack.com as #YWH-PGM9780-48

(cherry picked from commit e67b008fa35d92937b07c6b3903419cd42ef9103)
docs/ENVIRONMENT.md diff | blob | blame | history
src/journal/journald-native.c diff | blob | blame | history
src/shared/journal-importer.h diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.