ulimit: difference between hard and soft limits

A hard limit can only be raised by root (any process can lower it). So it is useful for security: a non-root process cannot overstep a hard limit. But it's inconvenient in that a non-root process can't have a lower limit than its children.

A soft limit can be changed by the process at any time. So it's convenient as long as processes cooperate, but no good for security.

A typical use case for soft limits is to disable core dumps (ulimit -Sc 0) while keeping the option of enabling them for a specific process you're debugging ((ulimit -Sc unlimited; myprocess)).

The ulimit shell command is a wrapper around the setrlimit system call, so that's where you'll find the definitive documentation.

Note that some systems may not implement all limits. Specifically, some systems don't support per-process limits on file descriptors (Linux does); if yours doesn't, the shell command may be a no-op.