From owner-freebsd-security  Mon Oct  1 23:46:52 2001
Delivered-To: freebsd-security@freebsd.org
Received: from science.slc.edu (Science.SLC.Edu [198.83.6.248])
	by hub.freebsd.org (Postfix) with ESMTP id F3EA537B408
	for <security@FreeBSD.ORG>; Mon,  1 Oct 2001 23:46:46 -0700 (PDT)
Received: (from aschneid@localhost)
	by science.slc.edu (8.11.0/8.11.0) id f926kGL22254;
	Tue, 2 Oct 2001 02:46:16 -0400 (EDT)
	(envelope-from aschneid)
Date: Tue, 2 Oct 2001 02:46:16 -0400
From: Anthony Schneider <aschneid@mail.slc.edu>
To: Igor Melnichuk <simplyi@skif.net>
Cc: security@FreeBSD.ORG
Subject: Re: login.conf & FreeBSD 4.4
Message-ID: <20011002024615.A22225@mail.slc.edu>
References: <004701c14b0c$ce44f140$45e03ac3@skif.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <004701c14b0c$ce44f140$45e03ac3@skif.net>; from simplyi@skif.net on Tue, Oct 02, 2001 at 09:38:05AM +0300
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

would you mind posting the exact perl script that you ran?


On Tue, Oct 02, 2001 at 09:38:05AM +0300, Igor Melnichuk wrote:
> I need advise.
> 
> I have a server with installed FreeBSD 4.4 RELEASE .
> 
> Limiting users I've created new class "webuser" in login.conf ( fixed limit
> on resource - max mem usage, cpu time, core dump size) and do all necessary
> steps (compile base `cap_mkdb /etc/login.conf` and assign  new class to user
> `chclass user1`)
> 
> But in fact this _not_ works when I logged like user1 or run perl script
> (infinite loop)  with his privileges.
> 
> On machine with FreeBSD 4.3 RELEASE  this works well (kernel kill script
> according to login.conf rules)
> 
> Any ideas ?
> 
> PS I've  read FreeBSD 4.4-RELEASE Errata (
> http://www.freebsd.org/releases/4.4R/errata.html ) 2 Security Advisories
> (Support for per-user ~/.login_conf files) I believe it has no relation to
> problem
> 
> login.conf
> --------------
> webuser:\
>         :cputime=10s:\
>         :filesize=unlimited:\
>         :datasize=20M:\
>         :stacksize=20M:\
>         :coredumpsize=unlimited:\
>         :memoryuse=20M:\
>         :memorylocked=20M:\
>         :maxproc=20:\
>         :openfiles=20:\
>         :priority=0:
> ---------------
> 
> Igor Melnichuk
> simplyi@skif.net
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message