Re: [PATCH] RLIMIT_NPROC enforcement during execve() calls

On Mon, 18 Apr 2005 20:07:04 +0200, Lorenzo =?ISO-8859-1?Q?Hern=E1ndez_?= =?ISO-8859-1?Q?Garc=EDa-Hierro?= said: > The limit is only checked when process is created on a fork() call, but > during execution it's uid can change, thus, the limit for the new uid > could be exceed. The only two ways

Re: [PATCH] RLIMIT_NPROC enforcement during execve() calls

El lun, 18-04-2005 a las 18:43 +0100, Christoph Hellwig escribió: > On Mon, Apr 18, 2005 at 07:38:57PM +0200, Lorenzo Hern?ndez Garc?a-Hierro > wrote: > > Enforces the RLIMIT_NPROC limit by adding an additional check for > > execve(), as > > such limit is checked only during fork() calls. > >

Re: [PATCH] RLIMIT_NPROC enforcement during execve() calls

On Mon, Apr 18, 2005 at 07:38:57PM +0200, Lorenzo Hern?ndez Garc?a-Hierro wrote: > Enforces the RLIMIT_NPROC limit by adding an additional check for > execve(), as > such limit is checked only during fork() calls. What's the point? exec doesn't create new process and exec() shouldn't start to

[PATCH] RLIMIT_NPROC enforcement during execve() calls

Enforces the RLIMIT_NPROC limit by adding an additional check for execve(), as such limit is checked only during fork() calls. The patch is also available at: http://pearls.tuxedo-es.org/patches/security/rlimit_nproc-enforcing-execve.patch Signed-off-by: Lorenzo Hernandez Garcia-Hierro <[EMAIL

[PATCH] RLIMIT_NPROC enforcement during execve() calls

Enforces the RLIMIT_NPROC limit by adding an additional check for execve(), as such limit is checked only during fork() calls. The patch is also available at: http://pearls.tuxedo-es.org/patches/security/rlimit_nproc-enforcing-execve.patch Signed-off-by: Lorenzo Hernandez Garcia-Hierro [EMAIL

Re: [PATCH] RLIMIT_NPROC enforcement during execve() calls

On Mon, Apr 18, 2005 at 07:38:57PM +0200, Lorenzo Hern?ndez Garc?a-Hierro wrote: Enforces the RLIMIT_NPROC limit by adding an additional check for execve(), as such limit is checked only during fork() calls. What's the point? exec doesn't create new process and exec() shouldn't start to fail

Re: [PATCH] RLIMIT_NPROC enforcement during execve() calls

El lun, 18-04-2005 a las 18:43 +0100, Christoph Hellwig escribió: On Mon, Apr 18, 2005 at 07:38:57PM +0200, Lorenzo Hern?ndez Garc?a-Hierro wrote: Enforces the RLIMIT_NPROC limit by adding an additional check for execve(), as such limit is checked only during fork() calls. What's the

Re: [PATCH] RLIMIT_NPROC enforcement during execve() calls

On Mon, 18 Apr 2005 20:07:04 +0200, Lorenzo =?ISO-8859-1?Q?Hern=E1ndez_?= =?ISO-8859-1?Q?Garc=EDa-Hierro?= said: The limit is only checked when process is created on a fork() call, but during execution it's uid can change, thus, the limit for the new uid could be exceed. The only two ways I