Saturday, July 18, 2009

File descriptor limits on GNU/Linux


The application I'm working on at the moment (a document management system - more about that later) requires the ability to handle a large number of file-system files. In PHP, we make use of the DirectoryIterator class in the SPL and the ZipArchive library for iterating over directories and creating archives.

Linux limits the number of file descriptors that any one process (in this case PHP) may open. By default, in Debian and Ubuntu, this is set to 1024 - a number we frequently exceed. As a result we were encountering numerous "Too many open files" errors in PHP.

The file descriptor limit on your system can be found in the output of 
ulimit -a
:

[rob@rob-desktop] /# ulimit -a
core file size (blocks)  1000000
data seg size (kbytes)   unlimited
file size (blocks)       unlimited
max memory size (kbytes) unlimited
stack size (kbytes)      8192
cpu time (seconds)       unlimited
max user processes       unlimited
pipe size (512 bytes)    8
open files               1024

To increase the limit, edit /etc/security/limits.conf and add the following lines:

user        soft    nofile  limit
user        hard    nofile  limit

Where 
user
is the username (wildcard * accepted) and 
limit
is the new file limit.

Log out and back in and the new file descriptor limit will be set.


Posted by Rob Hofmeyr at 6:54 PM 1 comments

Firefox 3.5.1 released. Buffer overflow exploit fixed.


Those of you using Firefox, Firefox 3.5.1 was released on the 16th July. Among the issues fixed is the buffer overflow exploit present in the JIT Javascript compiler. See the exploit in action on milw0rm here.

In related news, it appears milw0rm is back from the dead, after facing an uncertain future:

Well, this is my goodbye header for milw0rm. I wish I had the time I did in the past to post exploits, I just don't :(. For the past 3 months I have actually done a pretty crappy job of getting peoples work out fast enough to be proud of, 0 to 72 hours (taking off weekends) isn't fair to the authors on this site. I appreciate and thank everyone for their support in the past.
Be safe, /str0ke

I guess the news spread pretty quick, and before long the server was down from the sheer number of hits. Back to normal now though it seems. Yay.

Follow str0ke on twitter


Posted by Rob Hofmeyr at 6:00 PM 0 comments
Subscribe to: Comments (Atom)