Firewall Wizards mailing list archives
Re: Stack size
From: Chuck Swiger <chuck () codefab com>
Date: Sat, 26 Apr 2003 21:37:04 -0400
Cat Okita wrote:
In the process of doing some trivial (and admittedly sloppy) programming recently, it became apparent that OSX has a surprisingly low stack size of 512K (measured via getrlimit, to show the current (soft) limit, and the hard limit).
512K probably still represents a thousand or so PPC stack frames, which is arguably too small-- certainly if the program uses alloca() or local variables to any extent.
Checking other (albeit not the same hardware architecture) systems for curiousity, it seems that it's much more common to have a stack size of 8Mb.
8 MB is common, yes. See /etc/login.conf on FreeBSD for how to change the defaults, or /etc/profile on most systems for a place to adjust the defaults limits to something you find more reasonable. Something like this, and/or with -H instead of -S to adjust the hard limits:
# Set reasonable soft process limits. ulimit -Sc 0 ulimit -Sd 512000 ulimit -Ss 16384 ulimit -Sn 256 ulimit -Su 100
Is there any particular reason why it would be advantageous to have such a small stack size?
In terms of security? No, not really, although the Mach kernel used by OS X has long made the distinction between VM pages which are readable, writable, or executable, if the underlying hardware supports it. So it already supports prevention of executing code on the stack if the G4 CPU can, mitigating the risk of some exploits.
If you're asking why OS X has such a small default, it's possibly because that's the amount of stack space per thread per task, and some Mach apps are heavily threaded. If you reserve 16 MB of space per stack with an app that forks a few dozen threads, you can overrun the chunk of VM address space that the system expects the stack(s) to fit into. More of a legacy setting from the days of MachO fixed-VM shared libraries (from NEXTSTEP)...
-Chuck _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Stack size Cat Okita (Apr 26)
- Re: Stack size Chuck Swiger (Apr 27)