Kyle Moffett <mrlinuxman@xxxxxxx> wrote: > One vaguely related question: Is there presently any way to adjust the > per-user max-key-data limit? There's no reason there can't be. It just needs a policy deciding. Do we have: (1) One control for all. (2) One control for all non-root users; no quotas on root. (3) One control for root, one control for all non-root users. (3) Separate controls for all users. Should this be a ulimit? Should a non-root user be able to adjust their own quotas within limits set by root? How should the quota be accessed? The obvious way is to have /proc or /sys controls. Non-root quotas tend to be transitory. When the user_struct pinning them goes out of scope, they tend to disappear. How do we recover the settings, if at all? David -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
