From owner-freebsd-arch@FreeBSD.ORG  Thu Apr 15 07:53:31 2004
Return-Path: <owner-freebsd-arch@FreeBSD.ORG>
Delivered-To: freebsd-arch@freebsd.org
Received: from green.homeunix.org (freefall.freebsd.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP
	id 763A916A4CE; Thu, 15 Apr 2004 07:53:31 -0700 (PDT)
Received: from localhost (green@localhost [127.0.0.1])
	by green.homeunix.org (8.12.11/8.12.11) with ESMTP id i3FErUVY005892;
	Thu, 15 Apr 2004 10:53:30 -0400 (EDT)
	(envelope-from green@green.homeunix.org)
Message-Id: <200404151453.i3FErUVY005892@green.homeunix.org>
X-Mailer: exmh version 2.6.3 04/04/2003 with nmh-1.0.4
To: dodell@sitetronics.com
In-Reply-To: Message from "dodell@sitetronics.com" <dodell@sitetronics.com> 
	<99610-220044415124312827@M2W057.mail2web.com> 
From: "Brian F. Feldman" <green@freebsd.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Thu, 15 Apr 2004 10:53:30 -0400
Sender: green@green.homeunix.org
cc: jilles@stack.nl
cc: freebsd-arch@freebsd.org
Subject: Re: [patch] lockf(3) user-exploitable kernel panic 
X-BeenThere: freebsd-arch@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussion related to FreeBSD architecture
	<freebsd-arch.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
	<mailto:freebsd-arch-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-arch>
List-Post: <mailto:freebsd-arch@freebsd.org>
List-Help: <mailto:freebsd-arch-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-arch>,
	<mailto:freebsd-arch-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Apr 2004 14:53:31 -0000

"dodell@sitetronics.com" <dodell@sitetronics.com> wrote:
> >> sh has been fixed. I was under the impression that csh used libutil for 
> >> this (libutil has been fixed). I'll take a deeper look into shells in 
> >> base and in ports and figure out what changes I need to make there. 
> >> While I'm at it, I don't think it'd be a bad idea to go ahead and build 
> >> in the RLIMIT_SBSIZE to bash and bash2.
> >
> >If it is easy, it might be worthwhile to patch the shells to use
> >libutil and submit those patches back to the maintainers.
> 
> There are a huge number of shells to do this with. This subsystem
> looks like somewhat of a kludge to me in this respect; the
> functionality is plainly provided in libutil, while every shell (sh
> and tcsh included) have their own implementations. limits(1)
> even has statically compiled information about the limits for
> every shell it is aware of (including sh, csh, tcsh, bash/bash2
> and a good few others). I'll take a look at these later. 

Thanks for doing this work, Devon!  The most important part is for
/etc/login.conf to allow you to configure the maximum limits -- all the 
shell stuff is really secondary.

-- 
Brian Fundakowski Feldman                           \'[ FreeBSD ]''''''''''\
  <> green@FreeBSD.org                               \  The Power to Serve! \
 Opinions expressed are my own.                       \,,,,,,,,,,,,,,,,,,,,,,\