Details
Operating systems provide ways to limit and control the usage of system resources such as threads, files, and network connections on a per-process and per-user basis
Rationale:
These ulimits prevent a single user from consuming too many system resources.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Every deployment may have unique requirements and settings. Recommended thresholds and settings are particularly important for MongoDB deployments:
f (file size): unlimited
t (cpu time): unlimited
v (virtual memory): unlimited [1]
n (open files): 64000
m (memory size): unlimited [1] [2]
u (processes/threads): 64000
Restart the mongod and mongos instances after changing the ulimit settings to ensure that the changes take effect.
Default Value:
Not configured
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Unix.