From owner-freebsd-hackers Fri Jan 21 9:57: 8 2000 Delivered-To: freebsd-hackers@freebsd.org Received: from boromir.vpop.net (dns1.vpop.net [206.117.147.2]) by hub.freebsd.org (Postfix) with ESMTP id A24E414DBA for ; Fri, 21 Jan 2000 09:57:05 -0800 (PST) (envelope-from mreimer@vpop.net) Received: from vpop.net (bilbo.vpop.net [216.160.82.65]) by boromir.vpop.net (8.9.1/8.9.1) with ESMTP id JAA26756 for ; Fri, 21 Jan 2000 09:57:04 -0800 (PST) Message-ID: <38889E40.B8B3F4A@vpop.net> Date: Fri, 21 Jan 2000 09:58:24 -0800 From: Matthew Reimer Organization: VPOP Technologies, Inc. X-Mailer: Mozilla 4.7 [en] (X11; I; FreeBSD 3.4-STABLE i386) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-hackers@freebsd.org Subject: Re: RLIMIT_NPROC can be exceeded via setuid/exec References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I solved the problem by making a small syscall KLD get_uid_nproc that just returns the result of chgproccnt(SCARG(uap, uid), 0); and by having suexec use this syscall to determine whether or not to exec the CGI: stat.version = sizeof(stat); mod_id = modfind("get_uid_nproc"); if ((mod_id > 0) && (modstat(mod_id, &stat) == 0)) { getrlimit(RLIMIT_NPROC, &rlim); n_procs = syscall(stat.data.intval, uid); if (n_procs >= rlim.rlim_cur) { printf("Content-type: text/html\n\n" "Too many processes running for this user.\n"); log_err("Process limit exceeded (%ld)\n", n_procs); exit(122); } } So now RLimitNPROC in Apache VirtualHost sections really works, even with suexec. But my question remains: should setuid() fail if the target uid's process count would be exceeded? If so, I wouldn't need this work-around. Matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message