https://bugzilla.mindrot.org/show_bug.cgi?id=3822
Damien Miller <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #1 from Damien Miller <[email protected]> --- IMO the places where this is most necessary are 1) the listener process (i.e. sshd) and 2) the authentication phase, as both of these are the most time-sensitive steps of the connection. Maybe the compile-time could be made more granular to allow it to apply to the listener only, or the listener+auth phase or everything. I think it's always going to be possible to create some configuration of PAM modules or session runtime behaviour (e.g. opening a gazillion forwardings) that blows over the memlock limit, so if I were in your shoes of having to pick a build configuration for everyone, then I'd have it apply only to the listener. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
