File 0712-ssh-Update-SFTP-resource-limits-documentation.patch of Package erlang
From 07644a59beacc75de4805ba9048fefc5c64ec095 Mon Sep 17 00:00:00 2001
From: Jakub Witczak <kuba@erlang.org>
Date: Wed, 11 Mar 2026 18:56:36 +0100
Subject: [PATCH] ssh: Update SFTP resource limits documentation
- Fix incorrect default value in notes.md (max_handles: 4096 -> 1000)
- Add SFTP resource limits section to hardening guide
- Enhance SFTP server example with resource limit options
The release notes incorrectly stated max_handles defaults to 4096
(copy-paste error from max_path). The actual default is 1000.
Added comprehensive guidance in hardening.md covering max_handles,
max_path, and max_files options with deployment recommendations.
---
lib/ssh/doc/guides/hardening.md | 87 +++++++++++++++++++++++++++++++++
lib/ssh/doc/guides/using_ssh.md | 7 ++-
lib/ssh/doc/notes.md | 6 +--
3 files changed, 95 insertions(+), 5 deletions(-)
diff --git a/lib/ssh/doc/src/using_ssh.xml b/lib/ssh/doc/src/using_ssh.xml
index 0ad53f4fdc..894cb4f0f4 100644
--- a/lib/ssh/doc/src/using_ssh.xml
+++ b/lib/ssh/doc/src/using_ssh.xml
@@ -434,7 +434,10 @@ ok
2> <input>ssh:daemon(8989, [{system_dir, "/tmp/ssh_daemon"},
{user_dir, "/tmp/otptest_user/.ssh"},
{subsystems, [ssh_sftpd:subsystem_spec(
- [{cwd, "/tmp/sftp/example"}])
+ [{cwd, "/tmp/sftp/example"},
+ {max_handles, 1000}, % default
+ {max_path, 4096} % default
+ ])
]}]).</input>
{ok,<0.54.0>}
3> </pre>
diff --git a/lib/ssh/doc/src/notes.xml b/lib/ssh/doc/src/notes.xml
index bef9b7846e..0beebca112 100644
--- a/lib/ssh/doc/src/notes.xml
+++ b/lib/ssh/doc/src/notes.xml
@@ -86,7 +86,7 @@
<item>
<p>Option max_handles can be configured for sshd running
SFTP. The positive integer value limits amount of file
- handles opened for a connection (by default 4096 is
+ handles opened for a connection (by default 1000 is
used).</p>
<p>
*** POTENTIAL INCOMPATIBILITY ***</p>
--
2.51.0
