From owner-freebsd-hackers Thu Jan 20 15:58:10 2000 Delivered-To: freebsd-hackers@freebsd.org Received: from boromir.vpop.net (dns1.vpop.net [206.117.147.2]) by hub.freebsd.org (Postfix) with ESMTP id EA65A15291 for ; Thu, 20 Jan 2000 15:58:08 -0800 (PST) (envelope-from mreimer@vpop.net) Received: from vpop.net (bilbo.vpop.net [216.160.82.65]) by boromir.vpop.net (8.9.1/8.9.1) with ESMTP id PAA29184 for ; Thu, 20 Jan 2000 15:58:08 -0800 (PST) Message-ID: <3887A157.E30E31AE@vpop.net> Date: Thu, 20 Jan 2000 15:59:19 -0800 From: Matthew Reimer Organization: VPOP Technologies, Inc. X-Mailer: Mozilla 4.7 [en] (X11; I; FreeBSD 3.4-STABLE i386) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-hackers@freebsd.org Subject: RLIMIT_NPROC can be exceeded via setuid/exec Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG My question is, should setuid() fail if the target user's maximum number of processes (RLIMIT_NPROC) would be exceeded? Background: in an attempt to manage our webserver to keep too many CGIs from taking down the machine, I've been experimenting with RLIMIT_NPROC. This appears to work fine when forking new processes, causing the fork to fail with error EAGAIN. However, this didn't solve our problem. We're using Apache with suexec, and still CGIs would multiply far beyond the specified resource limit. Apache forks suexec, which is suid root; fork1() increments the number of processes for root, unless RLIMIT_NPROC has been exceeded, in which case the fork fails with EAGAIN. suexec calls then calls setuid() (before it calls execv), which decrements root's process count and increments the target user's process count, but RLIMIT_NPROC is not consulted, and voila, we've just exceeded the target user's maximum process count. So should the setuid() fail with EAGAIN (or some such) if the target user's maximum number of processes would be exceeded? Or would this break too many programs? Matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message