Date: Fri, 21 Jan 2000 00:37:16 -0800 (PST) From: Doug White <dwhite@resnet.uoregon.edu> To: Matthew Reimer <mreimer@vpop.net> Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: RLIMIT_NPROC can be exceeded via setuid/exec Message-ID: <Pine.BSF.4.21.0001210031570.51684-100000@resnet.uoregon.edu> In-Reply-To: <3887A157.E30E31AE@vpop.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 20 Jan 2000, Matthew Reimer wrote:
> My question is, should setuid() fail if the target user's maximum number
> of processes (RLIMIT_NPROC) would be exceeded?
>
> Background: in an attempt to manage our webserver to keep too many CGIs
> from taking down the machine, I've been experimenting with RLIMIT_NPROC.
> This appears to work fine when forking new processes, causing the fork
> to fail with error EAGAIN.
>
> However, this didn't solve our problem. We're using Apache with suexec,
> and still CGIs would multiply far beyond the specified resource limit.
>
> Apache forks suexec, which is suid root; fork1() increments the number
> of processes for root, unless RLIMIT_NPROC has been exceeded, in which
> case the fork fails with EAGAIN.
>
> suexec calls then calls setuid() (before it calls execv), which
> decrements root's process count and increments the target user's process
> count, but RLIMIT_NPROC is not consulted, and voila, we've just exceeded
> the target user's maximum process count.
Apache is a bizarre environment, so you have to be careful:
1. Generally root starts apache and it revokes privs down to the User
specified in the config file.
Problem: Limits are inherited from the process parent, which is in
this case root. I believe there is a specific function all to request
enforcement of new process limits for the user's class.
2. Apache has config-file overrides for various resource limits.
Problem: From #1 you may have set the soft limit higher than the
intended hard limit for the user.
I hope this illuminates some of the issues.
Doug White | FreeBSD: The Power to Serve
dwhite@resnet.uoregon.edu | www.FreeBSD.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0001210031570.51684-100000>