Skip Ford <skip_at_menantico.com> writes: > Kostik Belousov <kostikbel_at_gmail.com> writes: > > - per-user RLIMIT_SWAP limit, that account the allocation by the uid. This > > has some obvious problems with setuid(2) syscall. AFAIR, I ended up > > not moving the accounted numbers to the new uid. > The concensus in this thread seems to be that a per-process limit needs to > be implemented rather than, or in addition to, the per-uid limit you > already have. Implementing a per-process limit would help fix the setuid() problem, since the usage of the process calling setuid() would be known and could be transferred to the new user. There could however be a problem when a process creates a MAP_SHARED | MAP_ANON mapping, then fork()s, and the child calls setuid() (think privilege separation). Hopefully, this case is rare enough (malloc() always uses MAP_PRIVATE) that it can be handled using the most restrictive interpretation possible rather than trying to be painstakingly precise. (BTW, Skip, I find your MUA's use of Mail-Followup-To: offensive; if you don't want a copy of the followup, set the followup address to the list, not to a random previous participant in the thread) DES -- Dag-Erling Smørgrav - des_at_des.noReceived on Sat Jan 05 2008 - 13:01:23 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:25 UTC