PSQL / Apache process memory cpu limits (prevent DOS)

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

As part of securing my Linux machine, i would like to impose limits on
PSQL database and Apache web server daemons (and others) from
consuming excessive memory, cpu, disk IO and child processes.

Basically i would like to prevent a DOS attack by way of limiting the
amount of memory cpu disk and processes daemons such as Apache and

Preferably i would like to set the limits *external* to the daemon.
For example: the OS itself prevents the daemons from consuming
excessive resources. (e.g. not limiting the amount of child processes
from within Apache)

The security ideology that i am following is, if someone attempts a
buffer overflow that goes wrong, and the PSQL daemon begins to
increase memory consumption, i would not like it to consume all memory
available to my machine (as an example).

AFAIK xinetd is a TCP wrapper daemon that can prevent excessive tcp
connections (processes etc etc) - but i would like to include memory
consumption, disk io as well.

Any thoughts about if this is the correct path to take, how i could
accomplish this ideology, would be greatly appreciated.

Thanks in advance

Re: PSQL / Apache process memory cpu limits (prevent DOS) wrote:
Quoted text here. Click to load it

man ulimit

Site Timeline