Re: enabling mlock for non-root

Markus Gutschke (
31 Aug 1996 11:18:43 +0200

Robert Bihlmeyer <> writes:
> The max locked-in-memory size is governed by a resource limit
> (RLIMIT_MEMLOCK). The default limit is 4 pages, which should suffice
> for security-applications. RT programs that need more mlock-able
> space, would be run under root anyway, and root, as usual, can raise
> or lower limits ad lib.

There should be a system-wide limit on the total amount of mlock'ed
pages and/or a limit on the total amount of pages that a user can
mlock at any given time. If you do not enforce these limits, then
launching a denial of service attack is possible by forking off lots
of processes that perform mlock. Of course, this is partly remedied by
the limit on the amount of user processess.