Date: Sat, 30 Nov 2002 23:57:18 +0000 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: questions@FreeBSD.ORG Subject: Re: login.conf problem Message-ID: <20021130235718.GB29160@happy-idiot-talk.infracaninophi> In-Reply-To: <3D9FE7F600007EA7@cpfe5.be.tisc.dk> References: <3D9FE7F600007EA7@cpfe5.be.tisc.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Nov 30, 2002 at 08:41:31PM +0100, dslb@tiscali.dk wrote:
> On 2002.11.30 18:24 Matthew Seaman wrote:
> > Hmmm... How about if you actually login as test or use 'su -l test'
> > rather than
> > just using 'su test' ?
> Jep, now it works! Thanks :-)
> But that would say: If you program a daemon and root starts it, even though
> it drops permissions with setreuid(), it still have the root ressource permissions....!?!?!
Yes, quite. login.conf(5) is a configuration file for the login(1)
program. Changing to a new UID by other means is not guarranteed to
be within the scope of what it provides.
> Sadly there is no easy way to drop ressource limits or is there? I know
> you can use setrlimit(), but you would have to fill in all fields and thereby
> not using the admins login.conf setup.
See login_class(3) and login_cap(3).
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks
Savill Way
Marlow
Tel: +44 1628 476614 Bucks., SL7 1TH UK
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021130235718.GB29160>