The ulimit command in bash provides a method for limiting the usage of
resources by a given user. Once a limit is lowered, there is no way to
raise the limit for the life of the process. Furthermore, the limit is
inherited by all child processes. The effect is that you can call ulimit
in /etc/profile, and the limits will irrevocably apply to all users
(assuming they're running bash or another shell that runs /etc/profile on
login).
To retrieve the current limits, use ulimit -a:
# ulimit -a
core file size (blocks, -c) 0
data seg size (kbytes, -d) unlimited
file size (blocks, -f) unlimited
max locked memory (kbytes, -l) unlimited
max memory size (kbytes, -m) unlimited
open files (-n) 1024
pipe size (512 bytes, -p) 8
stack size (kbytes, -s) unlimited
cpu time (seconds, -t) unlimited
max user processes (-u) 3071
virtual memory (kbytes, -v) unlimited
It can be quite tricky to set these limits in a way that actually
increases the security of your system without causing problems for
legitimate users, so be careful when adjusting these settings.