Call for testing: OpenSSH-6.2

Darren Tucker dtucker at
Thu Mar 7 15:42:39 EST 2013

On Thu, Mar 7, 2013 at 7:59 AM, Roumen Petrov <openssh at> wrote:
> Darren Tucker wrote:
>> +AC_MSG_CHECKING([if setrlimit(RLIMIT_NOFILE,{0,0}) works])
> May I ask if configure script use AC_RUN_IFELSE  to ensure that users could
> set appropriate defaults in case of cross-compilation .

I guess it depends on what you consider "appropriate" in this case.
This one defaults to assuming that RLIMIT_NOFILE with zero descriptors
works, which is the case for the majority of platforms we know about.
If it doesn't you'll get a cross-compiled binary that will fail at
startup rather than have a weaker sandbox than expected.  If you're
willing to accept that you can always manually set the sandbox at
configure time.

Darren Tucker (dtucker at
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

More information about the openssh-unix-dev mailing list