{"id":241,"date":"2016-02-22T17:11:54","date_gmt":"2016-02-22T15:11:54","guid":{"rendered":"http:\/\/www.systemcodegeeks.com\/?p=241"},"modified":"2016-02-15T14:18:25","modified_gmt":"2016-02-15T12:18:25","slug":"using-rlimit-and-why-you-should","status":"publish","type":"post","link":"https:\/\/www.systemcodegeeks.com\/shell-scripting\/bash\/using-rlimit-and-why-you-should\/","title":{"rendered":"Using rlimit (And Why You Should)"},"content":{"rendered":"<p>I\u2019ve been going through some old notes and came across a reminder of <a href=\"http:\/\/www.unix.com\/man-page\/linux\/0\/prlimit\/\">setrlimit(2)<\/a>.<\/p>\n<p>This is a C system call that allows an application to specify resource limitations on a number of important parameters:<\/p>\n<ul>\n<li><b>RLIMIT_AS<\/b> \u2013 The maximum size of the process\u2019s virtual memory (address space) in bytes.<\/li>\n<li><b>RLIMIT_CORE<\/b> \u2013 Maximum size of core file.<\/li>\n<li><b>RLIMIT_CPU<\/b> \u2013 CPU time limit in seconds.<\/li>\n<li><b>RLIMIT_DATA<\/b> \u2013 The maximum size of the process\u2019s data segment (initialized data, uninitialized data, and heap).<\/li>\n<li><b>RLIMIT_FSIZE<\/b> \u2013 The maximum size of files that the process may create.<\/li>\n<li><b>RLIMIT_MEMLOCK<\/b> \u2013 The maximum number of bytes of memory that may be locked into RAM.<\/li>\n<li><b>RLIMIT_MSGQUEUE<\/b> \u2013 Specifies the limit on the number of bytes that can be allocated for POSIX message queues for the real user ID of the calling process.<\/li>\n<li><b>RLIMIT_NICE<\/b> \u2013 Specifies a ceiling to which the process\u2019s nice value can be raised using setpriority(2) or nice(2).<\/li>\n<li><b>RLIMIT_NOFILE<\/b> \u2013 Specifies a value one greater than the maximum file descriptor number that can be opened by this process.<\/li>\n<li><b>RLIMIT_NPROC<\/b> \u2013 The maximum number of processes (or, more precisely on Linux, threads) that can be created for the real user ID of the calling process.<\/li>\n<li><b>RLIMIT_RSS<\/b> \u2013 Specifies the limit (in pages) of the process\u2019s resident set (the number of virtual pages resident in RAM).<\/li>\n<li><b>RLIMIT_RTPRIO<\/b> \u2013 Specifies a ceiling on the real-time priority that may be set for this process using sched_setscheduler(2) and sched_setparam(2).<\/li>\n<li><b>RLIMIT_RTTIME<\/b> \u2013 Specifies a limit (in microseconds) on the amount of CPU time that a process scheduled under a real-time scheduling policy may consume without making a blocking system call.<\/li>\n<li><b>RLIMIT_SIGPENDING<\/b> \u2013 Specifies the limit on the number of signals that may be queued for the real user ID of the calling process.<\/li>\n<li><b>RLIMIT_STACK<\/b> \u2013 The maximum size of the process stack, in bytes.<\/li>\n<\/ul>\n<p>The limits for all programs are specified in configuration files (\/etc\/security\/limits.conf and \/etc\/security\/limits.d), or can be set in an individual shell and its processes via the \u2018ulimit\u2019 shell function. Under Linux the current resource limits for a process are visible at \/proc\/[pid]\/limits.<\/p>\n<p>The limits can also be set programmatically, via setrlimit(2). Any process can give itself more restrictive limits. Any privileged process (running as root or with the correct capability) can give itself more permissive limits.<\/p>\n<p>I believe most systems default to unlimited or very high limits and it is the responsibility of the application to specify tighter limits. Better secured systems will do the reverse \u2013 they\u2019ll have much tighter restrictions and use a privileged loader to grant more resources to specific programs.<\/p>\n<h2>Why do we care?<\/h2>\n<p>Security in depth.<\/p>\n<p>First, people make mistakes. Setting reasonable limits keeps a runaway process from taking down the system.<\/p>\n<p>Second, attackers will take advantage of any opportunity they can find. A buffer overflow isn\u2019t an abstract concern \u2013 they are real and often allow an attacker to execute arbitrary code. Reasonable limits may be enough to sharply curtail the damage caused by an exploit.<\/p>\n<p>Here are some concrete examples:<\/p>\n<p>First, setting <b>RLIMIT_NPROC<\/b> to zero means that the process cannot fork\/exec a new process \u2013 an attacker cannot execute arbitrary code as the current user. (Note: the man pages suggests this may limit the total number of processes for the user, not just in this process and its children. This should be double-checked.) It also prevents a more subtle attack where a process is repeatedly forked until a desired PID is acquired. PIDs should be unique but apparently some kernels now support a larger PID space than the traditional pid_t. That means legacy system calls may be ambiguous.<\/p>\n<p>Second, setting <b>RLIMIT_AS<\/b>, <b>RLIMIT_DATA<\/b>, and <b>RLIMIT_MEMLOCK<\/b> to reasonable values prevents a process from forcing the system to thrash by limiting available memory.<\/p>\n<p>Third, setting <b>RLIMIT_CORE<\/b> to a reasonable value (or disabling core dumps entirely) has historically been used to prevent denial of service attacks by filling the disk with core dumps. Today core dumps are often disabled to ensure sensitive information such as encryption keys are not inadvertently written to disk where an attacker can later retrieve them. Sensitive information should also be memlock()ed to prevent it from being written to the swap disk.<\/p>\n<h2>What about java?<\/h2>\n<p>Does this impact java?<\/p>\n<p>Yes.<\/p>\n<p>The standard classloader maintains an open \u2018file handle\u2019 for every loaded class. This can be thousands of open file handles for application servers. I\u2019ve seen real-world failures that were ultimately tracked down to hitting the <b>RLIMIT_NOFILE<\/b> limit.<\/p>\n<p>There are three solutions. The first is to increase the number of permitted open files for everyone via the limits.conf file. This is undesirable \u2013 we want applications and users to have enough resources to do their job but not much more.<\/p>\n<p>The second is to increase the number of permitted open files for just the developers and application servers. This is better than the first option but can still let a rogue process cause a lot of damage.<\/p>\n<p>The third is to write a simple launcher app that sets a higher limit before doing an exec() to launch the application server or developer\u2019s IDE. This ensures that only the authorized applications get the additional resources.<\/p>\n<p>(Java\u2019s SecurityManager can also be used to limit resource usage but that\u2019s beyond the scope of this discussion.)<\/p>\n<h2>Sample code<\/h2>\n<p>Finally some sample code from the prlimit man page. The setrlimit version is similar.<\/p>\n<pre class=\" brush:php\">#define _GNU_SOURCE\r\n#define _FILE_OFFSET_BITS 64\r\n#include &lt;stdio.h&gt;\r\n#include &lt;time.h&gt;\r\n#include &lt;stdlib.h&gt;\r\n#include &lt;unistd.h&gt;\r\n#include &lt;sys\/resource.h&gt;\r\n\r\n#define errExit(msg)\tdo { perror(msg);  exit(EXIT_FAILURE); } while (0)\r\n\r\nint\r\nmain(int argc, char *argv[])\r\n{\r\n    struct rlimit old, new;\r\n    struct rlimit *newp;\r\n    pid_t pid;\r\n\r\n    if (!(argc == 2 || argc == 4)) {\r\n        fprintf(stderr, \"Usage: %s  [&lt;new-soft-limit&gt; &lt;new-hard-limit&gt;]\\n\", argv[0]);\r\n        exit(EXIT_FAILURE);\r\n     }\r\n\r\n     pid = atoi(argv[1]);        \/* PID of target process *\/\r\n\r\n     newp = NULL;\r\n     if (argc == 4) {\r\n         new.rlim_cur = atoi(argv[2]);\r\n         new.rlim_max = atoi(argv[3]);\r\n         newp = \u2260w;\r\n     }\r\n\r\n     \/* Set CPU time limit of target process; retrieve and display previous limit *\/\r\n     if (prlimit(pid, RLIMIT_CPU, newp, &amp;old) == -1)\r\n         errExit(\"prlimit-1\");\r\n         printf(\"Previous limits: soft=%lld; hard=%lld\\n\",\r\n             (long long) old.rlim_cur, (long long) old.rlim_max);\r\n\r\n    \/* Retrieve and display new CPU time limit *\/\r\n    if (prlimit(pid, RLIMIT_CPU, NULL, &amp;old) == -1)\r\n           errExit(\"prlimit-2\");\r\n           printf(\"New limits: soft=%lld; hard=%lld\\n\",\r\n              (long long) old.rlim_cur, (long long) old.rlim_max);\r\n\r\n    exit(EXIT_FAILURE);\r\n}<\/pre>\n<h2>Usage in practice<\/h2>\n<p>It should not be hard to write a function that sets limitations as part of the program startup, perhaps as the final step in program initialization but before reading anything provided by the user. In many cases we can just take the existing resource usage and add just enough to cover what we\u2019ll need to support the user\u2019s request. E.g., perhaps two additional file handles, one for input and one for output.<\/p>\n<p>In other cases it\u2019s harder to identify good limits but there are three approaches.<\/p>\n<p>The first is to focus on what\u2019s critical. E.g., many applications know that they should never launch a subprocess so <b>RLIMIT_NPROC<\/b> can be set to zero. (Again, after verifying that this is the limit of processes under the current process, not all processes for the user.) They know that the should never need to open more than a handful of additional files so <b>RLIMIT_NOFILE<\/b> can be set to allow a few more open files but no more. Even these modest restrictions can go a long way towards limiting damage.<\/p>\n<p>The second is to simply pick some large value that you are sure will be adequate for limits on memory or processor usage. Maybe 100 MB is an order of magnitude too large \u2013 but it\u2019s an order of magnitude smaller than it was before. This approach can be especially useful for subprocesses in a boss\/worker architecture where the amount of resources required by any individual worker can be well-estimated.<\/p>\n<p>The final approach requires more work but will give you the best numbers. During development you\u2019ll add a little bit of additional scaffolding:<\/p>\n<ul>\n<li>Run the program as setuid root but immediately change the effective user to an unprivileged user.<\/li>\n<li>Set a high hard limit and low soft limit.<\/li>\n<li>Check whether the soft limit is hit on every system call. (You should already checking for errors.)<\/li>\n<li>On soft limit hits change the effective user to root, bump the soft limit, restore the original effective user, and retry the operation.<\/li>\n<li>Log it every time you must bump the soft limit. Variant \u2013 have an external process poll the \/proc\/[pid]\/limits file.<\/li>\n<\/ul>\n<p>With good functional and acceptance tests you should have a solid idea about the resources required by the program. You\u2019ll still want to be generous with the final resource limits but it should give you a good \u2018order of magnitude\u2019 estimate for what you need, e.g., 10 MB vs 2 GB.<\/p>\n<h2>On a final note: disk quotas<\/h2>\n<p>We\u2019ve been discussing resource limitations on an individual process but sometimes the problem is resource exhaustion over time. Specifically disk usage \u2013 an application could inadvertently cause a denial of service attack by filling the disk.<\/p>\n<p>There\u2019s an easy solution to this \u2013 enabling disk quotas. We normally think of disk quotas as being used to make sure users on a multi-user system play well together but they can also be used as a security measure to constrain compromised servers.<\/p>\n<div class=\"attribution\">\n<table>\n<tbody>\n<tr>\n<td><span class=\"reference\">Reference: <\/span><\/td>\n<td><a href=\"http:\/\/invariantproperties.com\/?p=1645\">Using rlimit (And Why You Should)<\/a> from our <a href=\"http:\/\/www.systemcodegeeks.com\/join-us\/scg\/\">SCG partner<\/a> Bear Giles at the <a href=\"http:\/\/invariantproperties.com\/\">Invariant Properties<\/a> blog.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>I\u2019ve been going through some old notes and came across a reminder of setrlimit(2). This is a C system call that allows an application to specify resource limitations on a number of important parameters: RLIMIT_AS \u2013 The maximum size of the process\u2019s virtual memory (address space) in bytes. RLIMIT_CORE \u2013 Maximum size of core file. &hellip;<\/p>\n","protected":false},"author":11,"featured_media":185,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[19],"tags":[],"class_list":["post-241","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-bash"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Using rlimit (And Why You Should) - System Code Geeks - 2026<\/title>\n<meta name=\"description\" content=\"I\u2019ve been going through some old notes and came across a reminder of setrlimit(2). This is a C system call that allows an application to specify resource\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.systemcodegeeks.com\/shell-scripting\/bash\/using-rlimit-and-why-you-should\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Using rlimit (And Why You Should) - System Code Geeks - 2026\" \/>\n<meta property=\"og:description\" content=\"I\u2019ve been going through some old notes and came across a reminder of setrlimit(2). This is a C system call that allows an application to specify resource\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.systemcodegeeks.com\/shell-scripting\/bash\/using-rlimit-and-why-you-should\/\" \/>\n<meta property=\"og:site_name\" content=\"System Code Geeks\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/systemcodegeeks\" \/>\n<meta property=\"article:published_time\" content=\"2016-02-22T15:11:54+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.systemcodegeeks.com\/wp-content\/uploads\/2016\/01\/bash-logo.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"150\" \/>\n\t<meta property=\"og:image:height\" content=\"150\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Bear Giles\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@systemcodegeeks\" \/>\n<meta name=\"twitter:site\" content=\"@systemcodegeeks\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Bear Giles\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.systemcodegeeks.com\/shell-scripting\/bash\/using-rlimit-and-why-you-should\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.systemcodegeeks.com\/shell-scripting\/bash\/using-rlimit-and-why-you-should\/\"},\"author\":{\"name\":\"Bear Giles\",\"@id\":\"https:\/\/www.systemcodegeeks.com\/#\/schema\/person\/01ab8791fbb81655c747119d2f9b589b\"},\"headline\":\"Using rlimit (And Why You Should)\",\"datePublished\":\"2016-02-22T15:11:54+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.systemcodegeeks.com\/shell-scripting\/bash\/using-rlimit-and-why-you-should\/\"},\"wordCount\":1438,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.systemcodegeeks.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.systemcodegeeks.com\/shell-scripting\/bash\/using-rlimit-and-why-you-should\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.systemcodegeeks.com\/wp-content\/uploads\/2016\/01\/bash-logo.jpg\",\"articleSection\":[\"BASH\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.systemcodegeeks.com\/shell-scripting\/bash\/using-rlimit-and-why-you-should\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.systemcodegeeks.com\/shell-scripting\/bash\/using-rlimit-and-why-you-should\/\",\"url\":\"https:\/\/www.systemcodegeeks.com\/shell-scripting\/bash\/using-rlimit-and-why-you-should\/\",\"name\":\"Using rlimit (And Why You Should) - System Code Geeks - 2026\",\"isPartOf\":{\"@id\":\"https:\/\/www.systemcodegeeks.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.systemcodegeeks.com\/shell-scripting\/bash\/using-rlimit-and-why-you-should\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.systemcodegeeks.com\/shell-scripting\/bash\/using-rlimit-and-why-you-should\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.systemcodegeeks.com\/wp-content\/uploads\/2016\/01\/bash-logo.jpg\",\"datePublished\":\"2016-02-22T15:11:54+00:00\",\"description\":\"I\u2019ve been going through some old notes and came across a reminder of setrlimit(2). This is a C system call that allows an application to specify resource\",\"breadcrumb\":{\"@id\":\"https:\/\/www.systemcodegeeks.com\/shell-scripting\/bash\/using-rlimit-and-why-you-should\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.systemcodegeeks.com\/shell-scripting\/bash\/using-rlimit-and-why-you-should\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.systemcodegeeks.com\/shell-scripting\/bash\/using-rlimit-and-why-you-should\/#primaryimage\",\"url\":\"https:\/\/www.systemcodegeeks.com\/wp-content\/uploads\/2016\/01\/bash-logo.jpg\",\"contentUrl\":\"https:\/\/www.systemcodegeeks.com\/wp-content\/uploads\/2016\/01\/bash-logo.jpg\",\"width\":150,\"height\":150},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.systemcodegeeks.com\/shell-scripting\/bash\/using-rlimit-and-why-you-should\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.systemcodegeeks.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Shell Scripting\",\"item\":\"https:\/\/www.systemcodegeeks.com\/category\/shell-scripting\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"BASH\",\"item\":\"https:\/\/www.systemcodegeeks.com\/category\/shell-scripting\/bash\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Using rlimit (And Why You Should)\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.systemcodegeeks.com\/#website\",\"url\":\"https:\/\/www.systemcodegeeks.com\/\",\"name\":\"System Code Geeks\",\"description\":\"Operating System Developers Resource Center\",\"publisher\":{\"@id\":\"https:\/\/www.systemcodegeeks.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.systemcodegeeks.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.systemcodegeeks.com\/#organization\",\"name\":\"Exelixis Media P.C.\",\"url\":\"https:\/\/www.systemcodegeeks.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.systemcodegeeks.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.systemcodegeeks.com\/wp-content\/uploads\/2022\/06\/exelixis-logo.png\",\"contentUrl\":\"https:\/\/www.systemcodegeeks.com\/wp-content\/uploads\/2022\/06\/exelixis-logo.png\",\"width\":864,\"height\":246,\"caption\":\"Exelixis Media P.C.\"},\"image\":{\"@id\":\"https:\/\/www.systemcodegeeks.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/systemcodegeeks\",\"https:\/\/x.com\/systemcodegeeks\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.systemcodegeeks.com\/#\/schema\/person\/01ab8791fbb81655c747119d2f9b589b\",\"name\":\"Bear Giles\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.systemcodegeeks.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/c4e8f47b520b4147cb7f173f9d78cf8862974fdeeff4baea9d6a632cf7b1b54c?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/c4e8f47b520b4147cb7f173f9d78cf8862974fdeeff4baea9d6a632cf7b1b54c?s=96&d=mm&r=g\",\"caption\":\"Bear Giles\"},\"sameAs\":[\"http:\/\/invariantproperties.com\/\"],\"url\":\"https:\/\/www.systemcodegeeks.com\/author\/bear-giles\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Using rlimit (And Why You Should) - System Code Geeks - 2026","description":"I\u2019ve been going through some old notes and came across a reminder of setrlimit(2). This is a C system call that allows an application to specify resource","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.systemcodegeeks.com\/shell-scripting\/bash\/using-rlimit-and-why-you-should\/","og_locale":"en_US","og_type":"article","og_title":"Using rlimit (And Why You Should) - System Code Geeks - 2026","og_description":"I\u2019ve been going through some old notes and came across a reminder of setrlimit(2). This is a C system call that allows an application to specify resource","og_url":"https:\/\/www.systemcodegeeks.com\/shell-scripting\/bash\/using-rlimit-and-why-you-should\/","og_site_name":"System Code Geeks","article_publisher":"https:\/\/www.facebook.com\/systemcodegeeks","article_published_time":"2016-02-22T15:11:54+00:00","og_image":[{"width":150,"height":150,"url":"https:\/\/www.systemcodegeeks.com\/wp-content\/uploads\/2016\/01\/bash-logo.jpg","type":"image\/jpeg"}],"author":"Bear Giles","twitter_card":"summary_large_image","twitter_creator":"@systemcodegeeks","twitter_site":"@systemcodegeeks","twitter_misc":{"Written by":"Bear Giles","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.systemcodegeeks.com\/shell-scripting\/bash\/using-rlimit-and-why-you-should\/#article","isPartOf":{"@id":"https:\/\/www.systemcodegeeks.com\/shell-scripting\/bash\/using-rlimit-and-why-you-should\/"},"author":{"name":"Bear Giles","@id":"https:\/\/www.systemcodegeeks.com\/#\/schema\/person\/01ab8791fbb81655c747119d2f9b589b"},"headline":"Using rlimit (And Why You Should)","datePublished":"2016-02-22T15:11:54+00:00","mainEntityOfPage":{"@id":"https:\/\/www.systemcodegeeks.com\/shell-scripting\/bash\/using-rlimit-and-why-you-should\/"},"wordCount":1438,"commentCount":0,"publisher":{"@id":"https:\/\/www.systemcodegeeks.com\/#organization"},"image":{"@id":"https:\/\/www.systemcodegeeks.com\/shell-scripting\/bash\/using-rlimit-and-why-you-should\/#primaryimage"},"thumbnailUrl":"https:\/\/www.systemcodegeeks.com\/wp-content\/uploads\/2016\/01\/bash-logo.jpg","articleSection":["BASH"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.systemcodegeeks.com\/shell-scripting\/bash\/using-rlimit-and-why-you-should\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.systemcodegeeks.com\/shell-scripting\/bash\/using-rlimit-and-why-you-should\/","url":"https:\/\/www.systemcodegeeks.com\/shell-scripting\/bash\/using-rlimit-and-why-you-should\/","name":"Using rlimit (And Why You Should) - System Code Geeks - 2026","isPartOf":{"@id":"https:\/\/www.systemcodegeeks.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.systemcodegeeks.com\/shell-scripting\/bash\/using-rlimit-and-why-you-should\/#primaryimage"},"image":{"@id":"https:\/\/www.systemcodegeeks.com\/shell-scripting\/bash\/using-rlimit-and-why-you-should\/#primaryimage"},"thumbnailUrl":"https:\/\/www.systemcodegeeks.com\/wp-content\/uploads\/2016\/01\/bash-logo.jpg","datePublished":"2016-02-22T15:11:54+00:00","description":"I\u2019ve been going through some old notes and came across a reminder of setrlimit(2). This is a C system call that allows an application to specify resource","breadcrumb":{"@id":"https:\/\/www.systemcodegeeks.com\/shell-scripting\/bash\/using-rlimit-and-why-you-should\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.systemcodegeeks.com\/shell-scripting\/bash\/using-rlimit-and-why-you-should\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.systemcodegeeks.com\/shell-scripting\/bash\/using-rlimit-and-why-you-should\/#primaryimage","url":"https:\/\/www.systemcodegeeks.com\/wp-content\/uploads\/2016\/01\/bash-logo.jpg","contentUrl":"https:\/\/www.systemcodegeeks.com\/wp-content\/uploads\/2016\/01\/bash-logo.jpg","width":150,"height":150},{"@type":"BreadcrumbList","@id":"https:\/\/www.systemcodegeeks.com\/shell-scripting\/bash\/using-rlimit-and-why-you-should\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.systemcodegeeks.com\/"},{"@type":"ListItem","position":2,"name":"Shell Scripting","item":"https:\/\/www.systemcodegeeks.com\/category\/shell-scripting\/"},{"@type":"ListItem","position":3,"name":"BASH","item":"https:\/\/www.systemcodegeeks.com\/category\/shell-scripting\/bash\/"},{"@type":"ListItem","position":4,"name":"Using rlimit (And Why You Should)"}]},{"@type":"WebSite","@id":"https:\/\/www.systemcodegeeks.com\/#website","url":"https:\/\/www.systemcodegeeks.com\/","name":"System Code Geeks","description":"Operating System Developers Resource Center","publisher":{"@id":"https:\/\/www.systemcodegeeks.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.systemcodegeeks.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.systemcodegeeks.com\/#organization","name":"Exelixis Media P.C.","url":"https:\/\/www.systemcodegeeks.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.systemcodegeeks.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.systemcodegeeks.com\/wp-content\/uploads\/2022\/06\/exelixis-logo.png","contentUrl":"https:\/\/www.systemcodegeeks.com\/wp-content\/uploads\/2022\/06\/exelixis-logo.png","width":864,"height":246,"caption":"Exelixis Media P.C."},"image":{"@id":"https:\/\/www.systemcodegeeks.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/systemcodegeeks","https:\/\/x.com\/systemcodegeeks"]},{"@type":"Person","@id":"https:\/\/www.systemcodegeeks.com\/#\/schema\/person\/01ab8791fbb81655c747119d2f9b589b","name":"Bear Giles","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.systemcodegeeks.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/c4e8f47b520b4147cb7f173f9d78cf8862974fdeeff4baea9d6a632cf7b1b54c?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/c4e8f47b520b4147cb7f173f9d78cf8862974fdeeff4baea9d6a632cf7b1b54c?s=96&d=mm&r=g","caption":"Bear Giles"},"sameAs":["http:\/\/invariantproperties.com\/"],"url":"https:\/\/www.systemcodegeeks.com\/author\/bear-giles\/"}]}},"_links":{"self":[{"href":"https:\/\/www.systemcodegeeks.com\/wp-json\/wp\/v2\/posts\/241","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.systemcodegeeks.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.systemcodegeeks.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.systemcodegeeks.com\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/www.systemcodegeeks.com\/wp-json\/wp\/v2\/comments?post=241"}],"version-history":[{"count":0,"href":"https:\/\/www.systemcodegeeks.com\/wp-json\/wp\/v2\/posts\/241\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.systemcodegeeks.com\/wp-json\/wp\/v2\/media\/185"}],"wp:attachment":[{"href":"https:\/\/www.systemcodegeeks.com\/wp-json\/wp\/v2\/media?parent=241"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.systemcodegeeks.com\/wp-json\/wp\/v2\/categories?post=241"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.systemcodegeeks.com\/wp-json\/wp\/v2\/tags?post=241"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}