On Mar 2, 2023, at 03:35, Roberto Ragusa wrote:
>
> On 2/27/23 13:44, Richard W.M. Jones wrote:
>
>> It turns out that the default open file limit (1024!) is too low. To
>> change this and fix the problem:
>> # systemctl edit httpd
> This low limit can be an issue for many processes.
> I do
On Thu, Mar 2, 2023 at 2:35 AM Roberto Ragusa wrote:
>
> On 2/27/23 13:44, Richard W.M. Jones wrote:
>
> > It turns out that the default open file limit (1024!) is too low. To
> > change this and fix the problem:
> >
> ># systemctl edit httpd
> This low limit can be an issue for many processe
On 2/27/23 13:44, Richard W.M. Jones wrote:
It turns out that the default open file limit (1024!) is too low. To
change this and fix the problem:
# systemctl edit httpd
This low limit can be an issue for many processes.
I don't understand why it is still so low in modern machines.
I've rai
On Mon, Feb 27, 2023 at 11:42:49AM -0500, Jeffrey Walton wrote:
> Hi Rich,
>
> > [although it's way more
> > complicated than it needs to be, why isn't HTTP/2 the default out of
> > the box?]
>
> HTTP/2 is insecure out-of-the-box. Remember CRIME and BREACH? The
> protocol requires compression, an
Hi Rich,
> [although it's way more
> complicated than it needs to be, why isn't HTTP/2 the default out of
> the box?]
HTTP/2 is insecure out-of-the-box. Remember CRIME and BREACH? The
protocol requires compression, and compression is a known attack
vector. From the abstract of RFC 7450:
This
Do a lsof -p and it will list out the files.
It may be a file handle leak.
I have seen leaks from failure to close a file when a process is done.
There can be leaks if a process uses an anonymous memory allocation
trick that relies on file handles, and there are probably others.
The lsof output
