On 06/23, tip-bot for Michal Hocko wrote: > > We added a heuristics to treat applications with RLIMIT_STACK configured > to unlimited as legacy. This means:
To me this also means a minor security problem. The comment above PER_CLEAR_ON_SETID says "must be cleared upon setuid or setgid exec", but if you do "ulimit -s unlimited" before suid exec then ADDR_COMPAT_LAYOUT set by security checks will be ignored. > So let's try and remove this assumption - hopefully nothing breaks. Agreed. Oleg.
