Date: Fri, 21 Jan 2000 09:58:24 -0800 From: Matthew Reimer <mreimer@vpop.net> To: freebsd-hackers@freebsd.org Subject: Re: RLIMIT_NPROC can be exceeded via setuid/exec Message-ID: <38889E40.B8B3F4A@vpop.net> References: <lists.freebsd.hackers.3887A157.E30E31AE@vpop.net> <lists.freebsd.hackers.Pine.BSF.4.21.0001210031570.51684-100000@resnet.uoregon.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
I solved the problem by making a small syscall KLD get_uid_nproc that
just returns the result of
chgproccnt(SCARG(uap, uid), 0);
and by having suexec use this syscall to determine whether or not to
exec the CGI:
stat.version = sizeof(stat);
mod_id = modfind("get_uid_nproc");
if ((mod_id > 0) && (modstat(mod_id, &stat) == 0)) {
getrlimit(RLIMIT_NPROC, &rlim);
n_procs = syscall(stat.data.intval, uid);
if (n_procs >= rlim.rlim_cur) {
printf("Content-type: text/html\n\n"
"Too many processes running for this user.\n");
log_err("Process limit exceeded (%ld)\n", n_procs);
exit(122);
}
}
So now RLimitNPROC in Apache VirtualHost sections really works, even
with suexec.
But my question remains: should setuid() fail if the target uid's
process count would be exceeded? If so, I wouldn't need this
work-around.
Matt
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?38889E40.B8B3F4A>