On Fri, 23 Jun 2017, Oleg Nesterov wrote: > > We added a heuristics to treat applications with RLIMIT_STACK configured > > to unlimited as legacy. This means: > > To me this also means a minor security problem. The comment above > PER_CLEAR_ON_SETID says "must be cleared upon setuid or setgid exec", > but if you do "ulimit -s unlimited" before suid exec then > ADDR_COMPAT_LAYOUT set by security checks will be ignored.
Could you please be a bit more specific here? mmap_is_legacy() *first* checks for the ADDR_COMPAT_LAYOUT in the personality flags, and only then, if it's unset, RLIMIT_STACK comes to play. Thanks, -- Jiri Kosina SUSE Labs
