diff options
| -rwxr-xr-x | bwrap-files/start.sh | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/bwrap-files/start.sh b/bwrap-files/start.sh index 859145c..03bf77e 100755 --- a/bwrap-files/start.sh +++ b/bwrap-files/start.sh @@ -37,9 +37,7 @@ ulimit -c 0 # Limit on the number of processes ulimit -u 10000 -# Limit memory to 600 MiB. Note that the compiled program gets a 500 MiB memory -# limit via the GHC RTS, so this limit is 1. to constrain GHC itself (including -# any TH code), and 2. as a second-layer defense. -ulimit -d $(( 600 * 1024 )) +# Limit memory to 500 MiB. +ulimit -d $(( 500 * 1024 )) exec bwrap "${args[@]}" 4<"${filesdir}/entry.sh" |